www.synack.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.synack.com/banner_link_2
Effective URL:
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Submission: On September 06 via api (September 6th 2024, 9:56:52 am UTC) from US — Scanned from IT

Summary HTTP 117 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 28 domains to perform 117 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.synack.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 14th 2024. Valid for: a year.

This is the only time www.synack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
8	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
13	104.18.87.42 104.18.87.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
1	104.18.141.119 104.18.141.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.16.5 104.18.16.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	172.64.155.119 172.64.155.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
15	2.17.100.184 2.17.100.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	184.24.77.20 184.24.77.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.141.209 104.16.141.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.70.243 172.67.70.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	13.248.142.121 13.248.142.121	16509 (AMAZON-02) (AMAZON-02)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.170.94.36 35.170.94.36	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.160.168 104.16.160.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.223.152 104.17.223.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.147.16 172.64.147.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.111.254 104.16.111.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.16.196 172.217.16.196	15169 (GOOGLE) (GOOGLE)
1	104.18.244.108 104.18.244.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
117	34

26 141.193.213.21 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.synack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.87.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.141.119 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.16.5 (None, )

ASN13335 (CLOUDFLARENET, US)

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.155.119 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.17.100.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-184.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.24.77.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-20.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.141.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.70.243 (United States)

ASN13335 (CLOUDFLARENET, US)

edge.marker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.marker.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.142.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.94.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-94-36.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.160.168 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.223.152 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.111.254 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.244.108 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	synack.com 1 redirects www.synack.com	776 KB
15	6sc.co j.6sc.co — Cisco Umbrella Rank: 12402 c.6sc.co — Cisco Umbrella Rank: 16017 ipv6.6sc.co — Cisco Umbrella Rank: 12823 b.6sc.co — Cisco Umbrella Rank: 6896	24 KB
13	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	148 KB
8	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	7 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	766 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	671 B
5	marker.io edge.marker.io — Cisco Umbrella Rank: 64188 api.marker.io — Cisco Umbrella Rank: 61956	139 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 15834	4 KB
3	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 8139 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074 track.hubspot.com — Cisco Umbrella Rank: 5359	27 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 669	2 KB
2	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 10891	2 KB
2	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 8524 forms.hsforms.com — Cisco Umbrella Rank: 9382	3 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 9601 forms.hscollectedforms.net — Cisco Umbrella Rank: 9837	25 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 18992	713 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
2	qualified.com js.qualified.com — Cisco Umbrella Rank: 50475 app.qualified.com — Cisco Umbrella Rank: 52147	234 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 7580	1 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 7189	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 176	3 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 764	699 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5414	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	308 B
1	gstatic.com fonts.gstatic.com	37 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 14516	157 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	849 B
117	28

	Domain	Requested by
26	www.synack.com	1 redirects www.synack.com
13	cdn.cookielaw.org	www.synack.com cdn.cookielaw.org
9	b.6sc.co	www.synack.com
8	www.googletagmanager.com	www.synack.com www.googletagmanager.com js.hsadspixel.net
4	td.doubleclick.net	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	js.zi-scripts.com	www.synack.com js.zi-scripts.com
3	www.google.com	www.synack.com
3	px.ads.linkedin.com	snap.licdn.com www.synack.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	analytics.google.com	www.googletagmanager.com
3	edge.marker.io	www.synack.com edge.marker.io
2	ws.zoominfo.com	js.zi-scripts.com
2	api.marker.io	edge.marker.io
2	epsilon.6sense.com	j.6sc.co
2	ipv6.6sc.co	j.6sc.co
2	c.6sc.co	j.6sc.co
2	snap.licdn.com	www.googletagmanager.com js.hsadspixel.net
2	j.6sc.co	www.googletagmanager.com www.synack.com
1	track.hubspot.com
1	forms.hsforms.com	www.synack.com
1	perf-na1.hsforms.com	www.synack.com
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	app.qualified.com	js.qualified.com
1	www.googleadservices.com	www.googletagmanager.com
1	secure.adnxs.com	j.6sc.co
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	fonts.gstatic.com	fonts.googleapis.com
1	js.qualified.com	www.synack.com
1	js.hsforms.net	www.synack.com
1	fonts.googleapis.com	www.synack.com
117	40

This site contains links to these domains. Also see Links.

Domain
event.synack.com
boards.greenhouse.io
acropolis.synack.com
readme.synack.com
login.synack.com
www.scmagazine.com
www.csoonline.com
www.helpnetsecurity.com
www.facebook.com
www.linkedin.com
x.com
www.instagram.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.synack.com Go Daddy Secure Certificate Authority - G2	`2024-08-14` - `2025-08-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hsforms.net WE1	`2024-08-11` - `2024-11-09`	3 months	crt.sh
qualified.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
hs-scripts.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
marker.io WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
www.googleadservices.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-08-27` - `2025-02-27`	6 months	crt.sh
app.qualified.com R11	`2024-07-21` - `2024-10-19`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
hsadspixel.net WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hscollectedforms.net WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
www.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hubapi.com E6	`2024-08-30` - `2024-11-28`	3 months	crt.sh
hsforms.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
zi-scripts.com WE1	`2024-07-25` - `2024-10-23`	3 months	crt.sh
zoominfo.com E5	`2024-08-14` - `2024-11-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Frame ID: C636F8A632AAFFD7ACF6CD8742C32503
Requests: 107 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-XVS579G3KG&gacid=1936826387.1725616605&gtm=45je4940v870611089za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=17824095
Frame ID: 566E3D2DB8EF5242C52710B51B5AF804
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/AW-952412761?random=1725616605242&cv=11&fst=1725616605242&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 782B3ED091BDF19CAC1244F57F4EC188
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/952412761?random=1725616605280&cv=11&fst=1725616605280&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: E067EB360E856B1321DAC79B3DDC7105
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=8e0554c9-6471-4bee-a091-3a1237c34509
Frame ID: 328338C64296186130ACCF8C7DFCA89F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/952412761?random=1725616607036&cv=11&fst=1725616607036&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B65B8BAB8C78C791D0212FEDB88A946A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mind the Gap: Attack Surface Discovery and PTaaS | Blog | Synack

Page URL History Show full URLs

https://www.synack.com/banner_link_2 HTTP 301
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

117
Requests

97 %
HTTPS

0 %
IPv6

28
Domains

40
Subdomains

34
IPs

3
Countries

2447 kB
Transfer

7510 kB
Size

32
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://event.synack.com/women-in-cyber
Title: Register Now

Search URL Search Domain Scan URL

URL: https://boards.greenhouse.io/synacksrt/jobs/150860
Title: Apply to SRT

Search URL Search Domain Scan URL

URL: https://acropolis.synack.com/
Title: Acropolis Recognitions

Search URL Search Domain Scan URL

URL: https://readme.synack.com/
Title: README_ Publication A publication covering the issues, ideas and people shaping the future of cybersecurity.

Search URL Search Domain Scan URL

URL: https://login.synack.com/
Title: login button

Search URL Search Domain Scan URL

URL: https://www.scmagazine.com/news/most-organizations-had-an-unknown-or-unmanaged-internet-facing-asset-exploited
Title: 69% of organizations

Search URL Search Domain Scan URL

URL: https://www.csoonline.com/article/572007/look-for-attack-surface-management-to-go-mainstream-in-2022.html
Title: 9% of organizations believe they monitor

Search URL Search Domain Scan URL

URL: https://www.helpnetsecurity.com/2021/04/29/penetration-testing-blind-spots/
Title: pentest less than 10% of their assets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/synack
Title: facebook link

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/synack-inc-/
Title: linkedin link

Search URL Search Domain Scan URL

URL: https://x.com/synack
Title: x link

Search URL Search Domain Scan URL

URL: https://www.instagram.com/synackofficial/
Title: instagram

Search URL Search Domain Scan URL

URL: https://readme.synack.com/tag/changelog
Title: Changelog Newsletter

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.synack.com/banner_link_2 HTTP 301
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNKjplRGgJOlE3vIOz1as2Nuq4Y12m84pAA&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw&is_vtc=1&cid=CAQSGwDpaXnfGBuAsE3H6wZQDHKpa8KT3Ya6t_flpA&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNN4rZeVlKLgbP5oS7PnonMMoi7COS-F43g&random=1363277075

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Redirect Chain

https://www.synack.com/banner_link_2
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

219 KB
24 KB

315ms
314ms

Document
text/html

141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

ff66dd8c4052928d0aef689ba10b94d8cef0b91e918a11fae297d453e062a8f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8bed97391b940e2a-MXP
content-encoding: br
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
content-type: text/html; charset=UTF-8
date: Fri, 06 Sep 2024 09:56:43 GMT
link: <https://www.synack.com/?p=21660>; rel=shortlink
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
referrer-policy: origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=63072000
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 4
x-cache-group: normal
x-cacheable: YES:600.000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8bed973728fb0e2a-MXP
content-type: text/html; charset=UTF-8
date: Fri, 06 Sep 2024 09:56:43 GMT
expires: Fri, 06 Sep 2024 10:47:37 GMT
location: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
server: cloudflare
strict-transport-security: max-age=63072000
x-cache: HIT: 2
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine
x-redirect-by: redirection

GET 18f1ad48-3d9a-4035-921f-c419423ee0f3
https://www.synack.com/ Frame 0
0

GET
H2 200 simple-banner.css
www.synack.com/wp-content/plugins/simple-banner/ 892 B
354 B 118ms
117ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/plugins/simple-banner/simple-banner.css?ver=3.0.3

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

22e999690564c5c0dfa82424c1253fb6062f8cf1d9487eda9aebab07e01144b9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 12452
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Fri, 06 Sep 2024 04:31:42 GMT
server: cloudflare
etag: W/"66da85ae-37c"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b5ece0e2a-MXP

GET
H2 200 style.css
www.synack.com/wp-content/themes/synack/ 5 KB
1 KB 118ms
118ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/style.css

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae82e50807147cbbe51b2516821c6ad183d0a8751f8a16f4d1a973b24682ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 16268
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-1400"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b5ed00e2a-MXP

GET
H2 200 style.css
www.synack.com/wp-content/plugins/bol-resource-library/assets/css/ 10 KB
3 KB 72ms
72ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/plugins/bol-resource-library/assets/css/style.css?ver=2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b840ccb15d3d1e2aba4b223ea4b89b7ea234376d5968508083177671f23ecd0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 8212
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 16 May 2024 17:03:15 GMT
server: cloudflare
etag: W/"66463c53-284d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b5ed20e2a-MXP

GET
H2 200 jquery.min.js Show response
www.synack.com/wp-includes/js/jquery/ 86 KB
31 KB 79ms
79ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 8211
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b5ed40e2a-MXP

GET
H2 200 jquery-migrate.min.js Show response
www.synack.com/wp-includes/js/jquery/ 13 KB
5 KB 102ms
102ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 8211
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: cloudflare
etag: W/"6482bd64-3509"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b7ef80e2a-MXP

GET
H2 200 simple-banner.js Show response
www.synack.com/wp-content/plugins/simple-banner/ 7 KB
2 KB 89ms
89ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/plugins/simple-banner/simple-banner.js?ver=3.0.3

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee3a1ac4a8a058037f6a49fe3f1c8592c797f7872958e57526011de14ab9436

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 12452
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Fri, 06 Sep 2024 04:31:42 GMT
server: cloudflare
etag: W/"66da85ae-1db6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b7efc0e2a-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
73 KB 571ms
87ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f24fcf0b9f703388dc47b2fbefa7cca040802fda7de87a4244c8e1d230450578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Sep 2024 09:56:44 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/ 16 KB
3 KB 476ms
75ms Script
application/x-javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/OtAutoBlock.js

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23ba89ab90e39bad03d966a8080e150db8c75187d5accccb304b2e116609cb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 34268
content-md5: jdUdoFdP4TT1O8dqeZ1+iQ==
content-length: 3203
x-ms-lease-status: unlocked
last-modified: Wed, 08 Mar 2023 23:17:39 GMT
server: cloudflare
etag: 0x8DB202B4FD453A1
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 87247bed-a01e-006b-6229-15be77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed973df8620e93-MXP
expires: Sat, 07 Sep 2024 09:56:43 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 465ms
64ms Script
application/javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p+39a+/XEcZfNKybQjgXjA==
age: 55352
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Tue, 03 Sep 2024 16:39:46 GMT
server: cloudflare
etag: 0x8DCCC37056A183D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 225937f4-d01e-0086-0131-fec758000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed973df8630e93-MXP
expires: Fri, 06 Sep 2024 18:34:11 GMT

GET
H2 200 style-main.css
www.synack.com/wp-content/themes/synack/webroot/css/ 346 KB
48 KB 89ms
89ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/css/style-main.css?v=20231013

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5141aa2cbb1361e5852ed97c43c449fb6824bbacc196d828b33a2b4130200b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 16689
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-56886"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973b7eff0e2a-MXP

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
849 B 596ms
86ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f10.1e100.net

Software

ESF /

Resource Hash

492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Sep 2024 09:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:46:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Sep 2024 09:56:43 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 483 KB
157 KB 532ms
92ms Script
application/javascript 104.18.141.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
age: 360
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8bd6883a4ddc711f-OTP
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"6baa082bb753a0d6d6e8a595ed1a8003"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5999/bundles/project-v2.js
date: Fri, 06 Sep 2024 09:56:43 GMT
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: e1c621b9-1fb9-4c4a-91a2-28505768ef80
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: e1c621b9-1fb9-4c4a-91a2-28505768ef80
last-modified: Tue, 03 Sep 2024 14:36:36 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bUQp22n8tPaoA9%2F%2B7rJrPwxvdQIzGXLTO9o0acNHBMdgAfab9I644JZfRI2AGKbZLtNSf3e1wR2d68S5xCPWMkOJOVoXobgE3rjJsgGuASnrfgx8skQTUNKpouzHRJu"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tw7fj
cf-ray: 8bed973e4b71bb23-MXP
x-amz-cf-id: vHgvi08avWFLrhsp9XYzv2rQcWRkP-Vv0sSR08WirlM1C4fE2CnXEA==

GET
H2 200 blazy.png
www.synack.com/wp-content/themes/synack/webroot/images/ 72 B
257 B 235ms
235ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/images/blazy.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

662909c49c1ce344adeac34addace8b0824701d47cf5fb3fe1fcc7cd1fdb4fb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 72
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Sun, 19 Nov 2023 10:31:29 GMT
server: cloudflare
etag: "6559e401-48"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973b7f020e2a-MXP
expires: Sat, 06 Sep 2025 09:56:43 GMT

GET
H2 200 ASD-mgmt-status-quo-graphic.png
www.synack.com/wp-content/uploads/2024/02/ 9 KB
9 KB 321ms
321ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2024/02/ASD-mgmt-status-quo-graphic.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d0984ab99052526b5012f34d8784261f737548ca3b3f976d8678f7f103d00c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 9564
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Feb 2024 04:09:02 GMT
server: cloudflare
etag: "65e0035e-255c"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973b7f030e2a-MXP
expires: Sat, 06 Sep 2025 09:56:43 GMT

GET
H2 200 image5-edited.png
www.synack.com/wp-content/uploads/2024/02/ 31 KB
31 KB 334ms
334ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2024/02/image5-edited.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d23492bdf2468bd59c6e3437e4b2f3eac9b3e49a362f5b692a7e8d520d0b06e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 32082
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Feb 2024 04:18:38 GMT
server: cloudflare
etag: "65e0059e-7d52"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973b7f040e2a-MXP
expires: Sat, 06 Sep 2025 09:56:43 GMT

GET
H2 200 image4-1024x769.png
www.synack.com/wp-content/uploads/2024/02/ 38 KB
39 KB 303ms
303ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2024/02/image4-1024x769.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b285d921093f27e5ab892c052f60d465383c6072300faf20ac3028628f889f61

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 39362
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Feb 2024 04:14:22 GMT
server: cloudflare
etag: "65e0049e-99c2"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973ce8ee0e2a-MXP
expires: Sat, 06 Sep 2025 09:56:43 GMT

GET
H2 200 image3-1024x728.png
www.synack.com/wp-content/uploads/2024/02/ 47 KB
47 KB 425ms
425ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2024/02/image3-1024x728.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c7184a496de140179411b078803cf05e88b506583947870a6d050f723b85e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 48458
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Feb 2024 04:15:51 GMT
server: cloudflare
etag: "65e004f7-bd4a"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973d89bc0e2a-MXP
expires: Sat, 06 Sep 2025 09:56:43 GMT

GET
H2 200 logo.svg
www.synack.com/wp-content/themes/synack/webroot/images/footer/ 4 KB
2 KB 79ms
75ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/images/footer/logo.svg

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b1ea6cd586a8e44d9387d438c1bf23a83200feea1da2f21ee8097c14e64bb33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 12453
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-114d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973fbcc30e2a-MXP

GET
H2 200 my-privacy-choices-check.webp
www.synack.com/wp-content/themes/synack/webroot/images/footer/ 738 B
832 B 351ms
347ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/images/footer/my-privacy-choices-check.webp

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b317df5e031bd027cf564feae4589bdccf44929cea1ee7bbeb7cdd3b80ff95ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 738
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: "66d9cb69-2e2"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973fbcc50e2a-MXP
expires: Sat, 06 Sep 2025 09:56:44 GMT

GET
H2 200 additional-polyfills.js Show response
www.synack.com/wp-content/themes/synack/webroot/js/ 5 KB
2 KB 70ms
70ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/js/additional-polyfills.js?v=20231016

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e478aa5a84ca62d2450fbe0cedf13085f987dc1c3c4b30e8683701f20a4aadd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 8211
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-12f1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973edba20e2a-MXP

GET
H2 200 manifest.js Show response
www.synack.com/wp-content/themes/synack/webroot/js/ 3 KB
2 KB 68ms
67ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/js/manifest.js?v=20231016

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2257ecae3d22c703a36089996962128138034931396b59d6ce0e302c485cd62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 16690
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-bf7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973f4c380e2a-MXP

GET
H2 200 vendor.js Show response
www.synack.com/wp-content/themes/synack/webroot/js/ 512 KB
170 KB 85ms
81ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/js/vendor.js?v=20231016

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffa26c1e29a1439ff072c1fe246f6cb68cbdf255da969f705c7d7b91ad75d785

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 8211
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-7feb8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973fbcc10e2a-MXP

GET
H2 200 app.js Show response
www.synack.com/wp-content/themes/synack/webroot/js/ 38 KB
7 KB 100ms
96ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/js/app.js?v=20231016

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b8487412015c87df70a04ab7dd4a2b816897d483512a0cb1eab01045232385a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 16689
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 05 Sep 2024 15:16:57 GMT
server: cloudflare
etag: W/"66d9cb69-98d7"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed973fbcc20e2a-MXP

GET
H2 200 qualified.js Show response
js.qualified.com/ 1002 KB
234 KB 254ms
67ms Script
text/javascript 104.18.16.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3afd5cb1c9a449869bcb73939fcbace93f9dfc1aecd15c5ae86edcd6c8fdfb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: gzip
via: 1.1 spaces-router (baa76bb17a64)
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: HIT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1624
x-xss-protection: 1; mode=block
x-request-id: d845db56-da26-48b5-48b5-2cd33025d822
x-runtime: 0.015561
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ea48df6d1ac82584bfa2dd9e93e81439"
x-download-options: noopen
vary: Accept,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8bed9740fe5f4bef-MXP
expires: Fri, 06 Sep 2024 13:56:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 350 KB
116 KB 660ms
177ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9ef61d1693b6a3aa88605f051f2acc6522cfea5f53937eca31ead29cdfb5b557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118869
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Sep 2024 09:56:44 GMT

GET
H2 200 6f5eb47e-d844-48ff-8a69-bdd05b58172b.json Show response
cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/ 4 KB
2 KB 532ms
102ms XHR
application/x-javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/6f5eb47e-d844-48ff-8a69-bdd05b58172b.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b8595b688ffd0297d0c6a51090ba03399a8f750fee8f46e1f83919f5e0a469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 63171
content-md5: Qh5a6/rX/4xSWyxlwxnPRA==
content-length: 1674
x-ms-lease-status: unlocked
last-modified: Wed, 08 Mar 2023 23:17:41 GMT
server: cloudflare
etag: 0x8DB202B50D2D8D3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fe9608e2-e01e-006a-5390-22e1ab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed974148fc4c4e-MXP
expires: Sat, 07 Sep 2024 09:56:44 GMT

GET
H2 200 blazy.png
www.synack.com/wp-content/themes/synack/webroot/images/ 72 B
0 0ms
0ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/images/blazy.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

662909c49c1ce344adeac34addace8b0824701d47cf5fb3fe1fcc7cd1fdb4fb5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 72
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Sun, 19 Nov 2023 10:31:29 GMT
server: cloudflare
etag: "6559e401-48"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973b7f020e2a-MXP
expires: Sat, 06 Sep 2025 09:56:43 GMT

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
37 KB 658ms
93ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.synack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 08:35:27 GMT
x-content-type-options: nosniff
age: 523277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36848
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 08:35:27 GMT

GET
H2 200 footer-shape.jpg
www.synack.com/wp-content/themes/synack/webroot/images/footer/ 5 KB
5 KB 222ms
221ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/webroot/images/footer/footer-shape.jpg

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/webroot/css/style-main.css?v=20231013

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2bcb574a8847ce3950feafa475c5de4d780c2321d5ec7894880f348008d0c9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 4852
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Sun, 19 Nov 2023 10:31:29 GMT
server: cloudflare
etag: "6559e401-12f4"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed973fed020e2a-MXP
expires: Sat, 06 Sep 2025 09:56:44 GMT

GET
H2 200 synack-ASD-blog.jpg
www.synack.com/wp-content/uploads/2024/02/ 338 KB
338 KB 290ms
289ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2024/02/synack-ASD-blog.jpg

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2078776d6f374fb6a40f82c3b53d2258841f86e76f1323e3a45955c9f75b58ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 345616
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Feb 2024 04:06:49 GMT
server: cloudflare
etag: "65e002d9-54610"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed9740ee750e2a-MXP
expires: Sat, 06 Sep 2025 09:56:44 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.synack.com/wp-includes/js/ 18 KB
5 KB 59ms
58ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: HIT
age: 8208
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: cloudflare
etag: W/"667d6e6f-4926"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray: 8bed9740fe780e2a-MXP

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
308 B 526ms
81ms XHR
application/json 172.64.155.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8bed97449c6ebaff-MXP
access-control-allow-headers: Content-Type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
104 KB 86ms
84ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

0592b259f7c8f5cbc1b2045cba88d8fd68613256b4a537960ac5f3423cda69c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Sep 2024 09:56:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
105 KB 86ms
86ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9891KWEZPK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

662df1769f7c2697922fefa3ae69b72cded6313ac635685f1d5371ec72d58a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Sep 2024 09:56:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 608ms
75ms Script
text/javascript 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Sep 2024 09:20:02 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2203
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Sep 2024 11:20:02 GMT

GET
H2 200 synack-ASD-blog.jpg
www.synack.com/wp-content/uploads/2024/02/ 338 KB
0 0ms
0ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2024/02/synack-ASD-blog.jpg

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2078776d6f374fb6a40f82c3b53d2258841f86e76f1323e3a45955c9f75b58ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 345616
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Thu, 29 Feb 2024 04:06:49 GMT
server: cloudflare
etag: "65e002d9-54610"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed9740ee750e2a-MXP
expires: Sat, 06 Sep 2025 09:56:44 GMT

GET
H2 200 e625e662-1b3e-4698-be5e-6fba78fa4914.js Show response
j.6sc.co/j/ 5 KB
2 KB 218ms
55ms Script
application/javascript 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/e625e662-1b3e-4698-be5e-6fba78fa4914.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1b16993de3c2b48ce2e592a524fc27cda65b89808d62c5927c7b62b1a4dc409c

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: o.MsbIYXKRuERzaGmciAk_rhOXnR2Hmn
content-encoding: gzip
date: Fri, 06 Sep 2024 09:56:45 GMT
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1511
last-modified: Wed, 24 Jul 2024 16:44:58 GMT
server: AmazonS3
etag: "4c8eef02ac110905ad8d3b4dedc95875"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=1800
accept-ranges: bytes
x-amz-cf-id: am4SBUOAV6ngv0h32Uh1lF52Sq62Wc6l59ums-0R5fIF1DsWkT75lQ==
expires: Fri, 06 Sep 2024 10:26:45 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 202ms
55ms Script
application/javascript 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2024 16:37:55 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "66d9de63-10fec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, proxy-revalidate, max-age=10800
accept-ranges: bytes
content-length: 18709
expires: Fri, 06 Sep 2024 12:56:45 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 485ms
49ms Script
application/javascript 184.24.77.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-24-77-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=18228
accept-ranges: bytes
content-length: 14628

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 134ms
134ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

eef746cbe8cff099ec359a005011e2e39ec4b64b838ed428f2a66632ce568dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85152
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Sep 2024 09:56:44 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 282 KB
95 KB 136ms
136ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f4c1ede221e5a8c35e065eeb52baba4564aa19a3f441b0e3e56535714155dc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97111
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Sep 2024 09:56:44 GMT

GET
H2 200 22524429.js Show response
js.hs-scripts.com/ 2 KB
1 KB 547ms
133ms Script
application/javascript 104.16.141.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/22524429.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.141.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2482c747cff537e03428864e3fd3cf8a80d1339ebbf95ea7ecf8df4a5e5dfcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a292057e-28f2-48cd-8780-dee6146dca75
cf-polished: origSize=2540
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a292057e-28f2-48cd-8780-dee6146dca75
cf-bgj: minify
last-modified: Fri, 06 Sep 2024 09:55:51 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.synack.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-whp7h
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 8bed974789420e55-MXP
expires: Fri, 06 Sep 2024 09:58:15 GMT

GET
H2 200 shim.js Show response
edge.marker.io/latest/ 37 KB
12 KB 492ms
69ms Script
text/javascript 172.67.70.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.marker.io/latest/shim.js

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fb8f6d0827dcad48a533aea98c516d939dcafb91610bc351c83a2b775a53bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
via: 1.1 e4ff8e5d95961f2029ed707a2c4209ea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-cf-pop: MXP53-P2
age: 90
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 09:55:00 GMT
server: cloudflare
etag: W/"edc8406f99dd4dc4ccf8351bd81e1598"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300,public
cf-ray: 8bed97479bff0e0d-MXP
x-amz-cf-id: xNtoGxktClNBUs2vKJRfAviyscLjw6s7qUEpzU-LV7wtWBHqO4O1Fg==

POST
H2 204 collect
analytics.google.com/g/ 0
0 459ms
46ms Fetch
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=45je4940v870611089za200&_p=1725616603543&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725616605&sct=1&seg=0&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2528
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 630ms
79ms Ping
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XVS579G3KG&cid=1936826387.1725616605&gtm=45je4940v870611089za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wl-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 566E 0
0 613ms
66ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-XVS579G3KG&gacid=1936826387.1725616605&gtm=45je4940v870611089za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=17824095

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 09:56:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 417ms
46ms Fetch
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=45je4940v870611089z876206402za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAK&_s=2&sid=1725616605&sct=1&seg=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=page_view&ep.allowLinker=true&_et=35&tfd=2572
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 58ms
58ms Script
application/javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 49192
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed97465e2c0e93-MXP

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 245ms
133ms Fetch
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9891KWEZPK&gtm=45je4940v892239364za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&are=1&frm=0&pscdl=noapi&_eu=AAAI&_geo=1&_rdi=1&_s=1&sid=1725616605&sct=1&seg=0&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=page_view&_fv=1&_ss=1&tfd=2626
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9891KWEZPK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
699 B 166ms
53ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
an-x-request-uuid: c05f7f5a-db37-412e-911d-ac8973d85e31
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.synack.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.7; 185.198.62.7; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 45ms
37ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.synack.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
281 B 525ms
92ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.synack.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725616605604_34694324_200605065_41_1300_9_106_219";dur=1
content-length: 4
expires: Fri, 06 Sep 2024 09:56:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-952412761/ 5 KB
3 KB 467ms
55ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-952412761/?random=1725616605242&cv=11&fst=1725616605242&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a49e96e81e017345e3e0a0c818021f6a159fc6751c55168a9b8f325e8425bc7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AW-952412761
td.doubleclick.net/td/rul/ Frame 782B 0
0 502ms
67ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/AW-952412761?random=1725616605242&cv=11&fst=1725616605242&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 09:56:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/952412761/ 5 KB
3 KB 318ms
102ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/952412761/?random=1725616605280&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c7ff85cb826707eb89d6960662e92719bd974084483cb7bef727ee90ed13a1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2600
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 952412761
td.doubleclick.net/td/rul/ Frame E067 0
0 453ms
68ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/952412761?random=1725616605280&cv=11&fst=1725616605280&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 09:56:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 47ms
46ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.synack.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
280 B 504ms
70ms XHR
text/html 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.synack.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725616605781_34694324_200605167_352_1329_9_0_219";dur=1
content-length: 4
expires: Fri, 06 Sep 2024 09:56:45 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/8ee75b19-1eba-4407-9a2a-891f6c01dc29/ 71 KB
15 KB 87ms
87ms Fetch
application/x-javascript 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/8ee75b19-1eba-4407-9a2a-891f6c01dc29/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8a9fe9b6fcab17a668d6c07d6addc7c44b8083ad9e7044da40a02c638f38cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12453
content-md5: 7GPw+4qx6D3ZwY7rherWUw==
content-length: 15462
x-ms-lease-status: unlocked
last-modified: Wed, 08 Mar 2023 23:17:50 GMT
server: cloudflare
etag: 0x8DB202B563EE3F4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2458da9d-401e-0097-345b-236f8e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed97476b2c4c4e-MXP
expires: Sat, 07 Sep 2024 09:56:45 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 738 B
713 B 206ms
67ms XHR
application/json 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 4629e7eed4a660b76c09839a21d6a4a9268b7364ea38d17abf8960d606ab83bc

Request headers

Referer: https://www.synack.com/
Authorization: Token af1fb71ccf83a5ac1f8f73c6ef78851386603b65
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-6s-CustomID: WebTag e625e662-1b3e-4698-be5e-6fba78fa4914

Response headers

x-trace-id: 5150719851163676588
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.synack.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 393

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 218ms
70ms Preflight 13.248.142.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.synack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.synack.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Fri, 06 Sep 2024 09:56:45 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 3517526094887836026

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 147ms
133ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:45 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 148ms
135ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%225ae522a995af66cfd213a9411fe4ce6a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%223156112d8b24b403404bd4c79d487f3a73029c0a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%225ae522a995af66cfd213a9411fe4ce6a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22af1fb71ccf83a5ac1f8f73c6ef78851386603b65%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e625e662-1b3e-4698-be5e-6fba78fa4914%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:45 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 824ms
238ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=947010&time=1725616605431&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AB0CBD7F31514BD4AA7B2B9D7615F8A4 Ref B: MRS20EDGE0213 Ref C: 2024-09-06T09:56:46Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYhcGzTwSAFi2sozs0RJA==
x-fs-uuid: 000621706cd3c120058b6b28cecd1124

GET
H2 200 collect
px.ads.linkedin.com/ 0
885 B 778ms
192ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=947010&time=1725616605431&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EE1F06DA27054282AB4D6EC0F0119BD0 Ref B: MRS20EDGE0114 Ref C: 2024-09-06T09:56:46Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhcGzTZ24lMnZdYnChYg==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 66ms
64ms Fetch
application/json 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vO8A/abKpoPacUrvSk9OSw==
age: 56380
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
server: cloudflare
etag: 0x8DADC66B7AF38D0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 76462bbe-c01e-0020-1873-794224000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed97482c494c4e-MXP

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 61 KB
12 KB 68ms
66ms Fetch
application/json 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: mBGnk7IXt0USbYmXZQhmOw==
age: 56380
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12540
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B90C98A8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 61944521-701e-009c-54be-0b94e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed97482c4d4c4e-MXP

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 5 KB
2 KB 61ms
60ms Fetch
application/json 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: c4ZDUEm/Y1hew9zmVZ7hPg==
age: 56380
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
server: cloudflare
etag: 0x8DADC66B8C428D7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bdf44f04-c01e-0042-3873-798003000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed97482c504c4e-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 64ms
63ms Fetch
text/css 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 56380
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 053244a3-d01e-00e0-2a16-d37502000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bed97482c564c4e-MXP

GET
H/1.1 200
OK messenger
app.qualified.com/w/1/wMSIsrvzp9xgEeyW/ Frame 3283 0
0 462ms
134ms Document
text/html 35.170.94.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=8e0554c9-6471-4bee-a091-3a1237c34509

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

35.170.94.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-94-36.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Length: 1887
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Sep 2024 09:56:45 GMT
Etag: W/"0bd3e0c3d4550c5430f0afb49e8b8cbe"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (baa76bb17a64)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 40c149a0-f25c-6bcf-bc7c-4b58e4b4a9eb
X-Runtime: 0.015254
X-Xss-Protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 81ms
80ms XHR
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=233158382&t=pageview&_s=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&ul=it-it&de=UTF-8&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=149027677&gjid=304871470&cid=1936826387.1725616605&tid=UA-38714717-1&_gid=655344221.1725616605&_r=1&gtm=457e4940za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=2076031773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 22524429.js Show response
js.hs-analytics.net/analytics/1725616500000/ 70 KB
25 KB 617ms
101ms Script
text/javascript 104.16.160.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1725616500000/22524429.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c245353d95438f833c87f58ad0a8f82f3d110bd5219e7476c6494df671b80e18

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6PQMTQ2DKX0QCF51
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 37aeb956-cc32-403d-9639-97da11e3bb7a
x-envoy-upstream-service-time: 27
x-amz-id-2: Sp2JPZOxP+Dv3jc0NAldn7HQK0EIMFxaTCc+JiGMtlUlqvP0l5czKK/IL4dPP1xCW9RmzYaBX2c=
x-evy-trace-listener: listener_https
x-request-id: 37aeb956-cc32-403d-9639-97da11e3bb7a
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 23 Aug 2024 14:03:16 GMT
server: cloudflare
etag: W/"39948f8c8ff1ef56d5d7cf86fed7fe06"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-xk7b5
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8bed974bcddebab7-MXP
expires: Fri, 06 Sep 2024 10:00:52 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 586ms
70ms Script
application/javascript 104.17.223.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: gzip
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-version-id: CKdUucj42qReK_MB.X3dwG61CXEt1Id2
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 4c86ba50-6841-496d-9e08-e9bec86d4c41
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.595/bundles/pixels-release.js&cfRay=8be6fc73bfbc0d80-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 140
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4c86ba50-6841-496d-9e08-e9bec86d4c41
last-modified: Thu, 05 Sep 2024 14:32:20 UTC
server: cloudflare
etag: W/"ba2542491f85a69ea1e0553167ab5227"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-4g5hc
cf-ray: 8bed974bccb80e49-MXP
x-amz-cf-id: _uEMLB7sl9n1oY1dxbeAHkMwWEgSXof6AWvBexJZle-QcDpp2BXKPA==
x-hs-target-asset: adsscriptloaderstatic/static-1.595/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/22524429/ 71 KB
26 KB 649ms
133ms Script
text/javascript 172.64.147.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/22524429/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a00ee6dc92a5540d44fe4c46dc4a7ef801c8cb2fcc0bde20cc0ff82296977

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
x-amz-version-id: fu3.cjU8H_LoJEbUT6It9ecHPKpaN6Mz
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: VP87TAB9793Q83ZX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 69bf3962-f5c5-4bbe-8ad8-ee7dc7882b18
x-envoy-upstream-service-time: 58
x-amz-id-2: 4GHPyI9XAtZSFJp19wmYaFty0bNKHqyYrz5WAbEXIu3PDA15IhFbAbokFanwypJLi2xUo8oKGNc=
x-evy-trace-listener: listener_https
x-request-id: 69bf3962-f5c5-4bbe-8ad8-ee7dc7882b18
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 20 Aug 2024 17:57:59 GMT
server: cloudflare
etag: W/"69b4d7edc51cd925b6fbca0afa4ed941"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.synack.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-gfff7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8bed974bb850baa5-MXP
expires: Fri, 06 Sep 2024 10:00:52 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 83 KB
24 KB 601ms
86ms Script
application/javascript 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
Origin: https://www.synack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1426/bundles/project.js&cfRay=8be57c3c4c050e55-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"edf91c1320ba2916398ed791b63187bc"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1426/bundles/project.js
date: Fri, 06 Sep 2024 09:56:46 GMT
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-version-id: 7DwgQA9YoOwDB6Raj9_RIwKNzf1Sd5R0
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 20434b6b-7b6f-446d-9faf-2bf45254daff
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 20434b6b-7b6f-446d-9faf-2bf45254daff
last-modified: Wed, 28 Aug 2024 20:01:26 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tu9Qvd0675rJXlEaIU7pnIyfrojfMXqbyzm2k81w8LMtyw%2F%2B9KZFa1aiVEoyVvRWc%2Bvw4mKgUsBKehMEsU0JS2JKxJ%2F7QoWlelv7ocwscPoktTobb0K5vRtcKccRozkP"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-ppgfq
cf-ray: 8bed974bbaa70e0d-MXP
x-amz-cf-id: bu_KGLNsYOX5La3bjwHsFJ2p9x7PCHx8Ho7ogFaiNfFcAROWJoKWNQ==

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 598ms
118ms Script
application/javascript 104.16.111.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.111.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
Origin: https://www.synack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: gzip
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-amz-version-id: FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 97f175e1-e215-4fac-9ee8-80ee7ae61969
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b2185277a4d5a07-MXP
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 97f175e1-e215-4fac-9ee8-80ee7ae61969
last-modified: Tue, 23 Jul 2024 12:55:20 UTC
server: cloudflare
etag: W/"ac41634810840adc02ea51748cb19c2f"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tmvlw
cf-ray: 8bed974bcf000e4d-MXP
x-amz-cf-id: Hk-tk9YdkTIZ-qJd6paCpsthL-F86oGLd9PCUY9dzLV6gEJtBJoXKg==
x-hs-target-asset: collected-forms-embed-js/static-1.586/bundles/project.js

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 57ms
57ms Image
image/svg+xml 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 49829
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: edb13b1b-901e-00a8-0598-ff479f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bed9748a97a0e93-MXP

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
510 B 60ms
59ms Fetch
image/svg+xml 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 56378
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 39f736f5-301e-00a5-2d64-ffa893000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bed9748cd6e4c4e-MXP

GET
H2 200 ot_company_logo.png
cdn.cookielaw.org/logos/static/ 4 KB
4 KB 49ms
48ms Image
image/png 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_company_logo.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: E8+sk/ECzKgTUVtDLikiIA==
age: 70590
content-length: 4036
x-ms-lease-status: unlocked
last-modified: Tue, 03 Sep 2024 16:39:48 GMT
server: cloudflare
etag: 0x8DCCC3706A5C9A6
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 21e3dede-501e-0097-4b37-fef043000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bed9748e9c20e93-MXP

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 51ms
51ms Image
image/svg+xml 104.18.87.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 45034
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f2de5db3-801e-001d-04ce-ff4a60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bed9748e9c70e93-MXP

GET
H2 200 2.v2.15.0.f2fdbd0e05d6efcac7d3.js Show response
edge.marker.io/latest/ 213 KB
67 KB 91ms
89ms Script
text/javascript 172.67.70.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js

Requested by

Host: edge.marker.io
URL: https://edge.marker.io/latest/shim.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bab9c40c898baff0cfd990efd38181005fddaed94402732b0e92708b05d2726

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: br
via: 1.1 73dc4163c5d709eb7fc618a6b2f07c24.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-cf-pop: MXP53-P2
age: 90
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 09:54:58 GMT
server: cloudflare
etag: W/"68266a97b0d10f0891433d9389a4956a"
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 8bed97492e810e0d-MXP
x-amz-cf-id: GnkRKHSTOttiDq_TroYymMtJJ6VzPzFuqptRQfSawEoGeZ5g8_L3GA==

GET
H2 200 3.v2.15.0.d94e68f6b8a22e3b32c2.js Show response
edge.marker.io/latest/ 255 KB
59 KB 45ms
44ms Script
text/javascript 172.67.70.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js

Requested by

Host: edge.marker.io
URL: https://edge.marker.io/latest/shim.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d6b395e1fc4e9ec3dc878c3d6c4141c2ef632bb53fe87143988977c746ff30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: br
via: 1.1 3618e3d44154049697057e88849a4360.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
x-amz-cf-pop: MXP53-P2
age: 90
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 06 Sep 2024 09:54:58 GMT
server: cloudflare
etag: W/"1ebb3521f43cdba388dd6012e48b5f73"
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 8bed97492e830e0d-MXP
x-amz-cf-id: 5S8JnDA7YtLwiBRjeHLJj0BMmkjxN0Stf0sOo7AN58kFvkg22LaOHQ==

GET
H2

200

/
www.google.com/pagead/1p-conversion/952412761/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=1...
https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag...

42 B
108 B

547ms
65ms

Image
image/gif

172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw&is_vtc=1&cid=CAQSGwDpaXnfGBuAsE3H6wZQDHKpa8KT3Ya6t_flpA&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNN4rZeVlKLgbP5oS7PnonMMoi7COS-F43g&random=1363277075

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw&is_vtc=1&cid=CAQSGwDpaXnfGBuAsE3H6wZQDHKpa8KT3Ya6t_flpA&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNN4rZeVlKLgbP5oS7PnonMMoi7COS-F43g&random=1363277075
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-952412761/ 42 B
455 B 543ms
64ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-952412761/?random=1725616605242&cv=11&fst=1725613200000&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfStK95ZW_vIM2-T-eydYbVN_Q0WJTKg&random=506908093&rmt_tld=0&ipr=y

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 ping
api.marker.io/widget/ Frame 0
0 553ms
105ms Preflight 172.67.70.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.marker.io/widget/ping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.synack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Authorization, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, _c, Request-Context, x-xsrf-token
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.synack.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bed974d6d96bb14-MXP
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 09:56:46 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Origin
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H2 200 ping Show response
api.marker.io/widget/ 3 KB
2 KB 109ms
105ms Fetch
application/json 172.67.70.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.marker.io/widget/ping

Requested by

Host: edge.marker.io
URL: https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa239d420942e368db4ad395183c982821dc171f45592312eb05717f0a48e0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"c41-jFA4YaeLt5EJvRByeAJAjpESzno"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin, X-HTTP-Method-Override, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.synack.com
origin-agent-cluster: ?1
access-control-allow-credentials: true
cf-ray: 8bed974e0e440e0d-MXP

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 95 B
1 KB 164ms
163ms Fetch
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=22524429&currentUrl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0ea9aece-fc71-488e-910b-2c8e6a89ff02
content-encoding: br
x-envoy-upstream-service-time: 10
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0ea9aece-fc71-488e-910b-2c8e6a89ff02
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.synack.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqiykKPsOctHcZeeBy9jx%2Fo1ceP1CsFC939%2FqokhCVFHgo64s97MGrzBRS45KeHYg6Qb5gti1GXa3urjFHrm5l6NiAiECfMz5hd2vSCqSGT%2BBdVdQx9rhuBmLNor7eJ9%2Ff0m18VHp18QCZfSjqc%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8bed974c8bc70e0d-MXP
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-tptvl

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 135 B
466 B 157ms
155ms XHR
application/json 104.16.111.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22524429&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.111.254 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b83b1acd67f31a30aa8cc887f269ede90e26aab6c57eb86327d12b495d7517a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 652831fa-cba8-4186-8413-4a21e58fad13
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 652831fa-cba8-4186-8413-4a21e58fad13
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.synack.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-4vkbb
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8bed974cc8cf0e4d-MXP

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 778 B
1 KB 689ms
209ms XHR
application/json 104.18.244.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=22524429

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.244.108 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03b35fa68723bee214d6d22f10bb307f2e9b829031ff7a9b1e3fccd818097dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2a8c506b-1e2b-458e-90a2-a1143b006d8d
x-envoy-upstream-service-time: 3
content-length: 374
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2a8c506b-1e2b-458e-90a2-a1143b006d8d
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.synack.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-zvd6n
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXlCfMjr%2B6AcA8bXYSwTxJvdIZLOMG5MmAipZfwDZStMDmVsJg0TFCAPV6%2ByUQ8OgFQpRmdaigxxVMnybnzjh9RegbEComNvU1baH0sXk67IELdAHCF5e01JyOQ%2Bg%2FBP"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bed974ff9e90e12-MXP
access-control-allow-headers: *

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 191ms
191ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7C6AB31D63C8442B94E5A270741437A5 Ref B: MRS20EDGE0114 Ref C: 2024-09-06T09:56:46Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.synack.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYhcGzWZ9BrVHZuylLAfg==

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 173ms
172ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:46 GMT

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 615ms
205ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 06 Sep 2024 09:56:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ce945a34-d55e-499c-9e30-37b8caea13c6
x-envoy-upstream-service-time: 3
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ce945a34-d55e-499c-9e30-37b8caea13c6
Last-Modified: Fri, 06 Sep 2024 09:56:46 GMT
Server: cloudflare
vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-99dcv
access-control-expose-headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
Accept-Ranges: bytes
x-robots-tag: none
CF-RAY: 8bed97501d694c3d-MXP

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1 KB 568ms
155ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 06 Sep 2024 09:56:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b9c1e6d2-c3cc-4ba9-901c-aa981d14fd93
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b9c1e6d2-c3cc-4ba9-901c-aa981d14fd93
Server: cloudflare
vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-hcsh5
access-control-expose-headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
CF-RAY: 8bed975069445262-MXP

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
95 KB 93ms
92ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-952412761

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3641dd2578254a4c6b528f9e060dd2bb2812134c4bfe7db41744a14e9284f0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97081
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Sep 2024 09:56:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
95 KB 66ms
59ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

70c187c27c25d4f67346e9d8efb6915f28204baf6e26b84bba6ccdc5bb470712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97049
x-xss-protection: 0
last-modified: Fri, 06 Sep 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Sep 2024 09:56:46 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
0 5ms
5ms Script
application/javascript 184.24.77.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-24-77-20.deploy.static.akamaitechnologies.com

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=18228
accept-ranges: bytes
content-length: 14628

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/ 5 KB
3 KB 55ms
53ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1725616607036&cv=11&fst=1725616607036&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

4f9a33e1d985d652eec5b794d5520a7eb4527f45b13883f398892780f201e06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2390
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 952412761
td.doubleclick.net/td/rul/ Frame B65B 0
0 60ms
59ms Document
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/952412761?random=1725616607036&cv=11&fst=1725616607036&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Sep 2024 09:56:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/952412761/ 42 B
108 B 75ms
74ms Image
image/gif 172.217.16.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/952412761/?random=1725616607036&cv=11&fst=1725613200000&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfeRtLUVG3JmDGvdSVa1R-oEPiELfVwDDZiX4tYh9ZQNGUmVHj&random=502363453&rmt_tld=0&ipr=y

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:47 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 206ms
54ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:47 GMT
x-amz-version-id: PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 488566c6c2cd3108c8176e63cecbf9e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P4
age: 9298
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2024 08:13:46 GMT
server: cloudflare
etag: W/"b2877da906a3216c4f3fc4030b205e54"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 8bed9753f940523d-MXP
x-amz-cf-id: lAsurQoPq7XBAvIiBTIpUksQ_7teEgh3eNExurVFZpIKb3xKy6nq5A==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 852ms
401ms Image
image/gif 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=430326251&v=1.1&a=22524429&rcu=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pu=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&t=Mind+the+Gap%3A+Attack+Surface+Discovery+and+PTaaS+%7C+Blog+%7C+Synack&cts=1725616607197&vi=b8ff4b806f5ab2c4dfe532bc3d10ad4b&nc=true&u=224438085.b8ff4b806f5ab2c4dfe532bc3d10ad4b.1725616607194.1725616607194.1725616607194.1&b=224438085.1.1725616607194&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a3099c88-8098-47a6-b8b1-9970151455f2
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3099c88-8098-47a6-b8b1-9970151455f2
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leACsRMyeHz7mMYlVa%2BSqUx68%2B7qi6BwVwn4PNNJsPdlLKsxXNDAW0FOv2%2F0SgYyAqwXGLpV5OUDSZqGJctvpeckLiLPX%2F8zc6a2tW1q1eKzF8VuxfO%2B7gDpcgIorhu4Aj%2Fm"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-pc7qw
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8bed9755eaaa4c6e-MXP
x-robots-tag: none

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 136ms
136ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A46%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:47 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:47 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 132ms
132ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:47 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:47 GMT

GET
H2 200 favicon-150x150.webp
www.synack.com/wp-content/uploads/2023/07/ 3 KB
3 KB 221ms
220ms Other
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/uploads/2023/07/favicon-150x150.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b923702c6d24624ee9cf74c73488d1c4ba68649d9cce6a63b91e5bccd29a16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 06 Sep 2024 09:56:47 GMT
content-security-policy: upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3182
x-xss-protection: 1; mode=block
referrer-policy: origin
last-modified: Sun, 19 Nov 2023 10:31:31 GMT
server: cloudflare
etag: "6559e403-c6e"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=31536000, private
permissions-policy: feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges: bytes
cf-ray: 8bed975379490e2a-MXP
expires: Sat, 06 Sep 2025 09:56:47 GMT

GET
H2 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 146 B
402 B 304ms
289ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 35c2419e3070f78947f1bbe39fe1e42380876957985da94f9905cfa6bfe1128e

Request headers

Content-Type: application/json
Referer: https://www.synack.com/
Authorization: Bearer ed770e33d81681794781
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
visited_url: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Response headers

date: Fri, 06 Sep 2024 09:56:48 GMT
via: 1.1 7aebe5536aa81207909dbe4ca368b9be.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: MXP63-P4
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: drW7Egm_PHcEMsQ=
server: cloudflare
etag: W/"92-O14ePuH5PaKBRzKpI+XL4irPD04"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.synack.com
cf-ray: 8bed97587ef54bdc-MXP
x-amz-cf-id: DoAviXcu2Jef-S5Bxrr-CVW6t0oUUEX8J1h8mNQu1sqnXuIpwHAobw==

OPTIONS
H2 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 626ms
524ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.synack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin: https://www.synack.com
alt-svc: h3=":443"; ma=86400
apigw-requestid: drW6_hVaPHcEMhQ=
cf-cache-status: DYNAMIC
cf-ray: 8bed975519254bdc-MXP
date: Fri, 06 Sep 2024 09:56:47 GMT
server: cloudflare
vary: Origin
via: 1.1 7403235773a9b23f307196c589d62dac.cloudfront.net (CloudFront)
x-amz-cf-id: XrWBPkp0dqRL2OLDBZ3iwkI_XoXB79i3y9iM2C6VjCvdyL160YSirg==
x-amz-cf-pop: MXP63-P4
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 133ms
132ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A48%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A47%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:48 GMT

GET
H2 200 / Show response
ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/ 3 KB
2 KB 659ms
242ms Fetch
text/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/?iszitag=true

Requested by

Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6d32ffc818e7296c00cb04e2efc4c3fbcc3ad6dcf7e386e9a03fd84b535da520

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

visited-url: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Referer: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
_vtok: MTg1LjE5OC42Mi43
_zitok: b44fa5c092db4ae1db951725616608
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/javascript

Response headers

date: Fri, 06 Sep 2024 09:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.synack.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 8bed97616c5d0e5f-MXP

OPTIONS
H2 200 /
ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/ Frame 0
0 709ms
257ms Preflight
text/html 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/?iszitag=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.synack.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.synack.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bed975d3f520e27-MXP
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 06 Sep 2024 09:56:49 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 140ms
137ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A48%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:49 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:49 GMT

GET
BLOB 200
OK 86cd83fb-5390-4897-800e-df69580599c8 Show response
https://www.synack.com/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.synack.com/86cd83fb-5390-4897-800e-df69580599c8
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d32ffc818e7296c00cb04e2efc4c3fbcc3ad6dcf7e386e9a03fd84b535da520

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length: 3033
Content-Type: text/javascript

POST
H2 204 collect
analytics.google.com/g/ 0
0 39ms
38ms Fetch
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=45je4940v870611089z876206402za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=3&sid=1725616605&sct=1&seg=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=Javascript_error&ep.allowLinker=true&ep.Page_URL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&ep.Referrer=&_et=2&tfd=7573
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 477ms
477ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A49%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:50 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:50 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 123ms
123ms Fetch
text/plain 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9891KWEZPK&gtm=45je4940v892239364z876206402za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&are=1&frm=0&pscdl=noapi&_eu=AAAI&_geo=1&_rdi=1&_s=2&sid=1725616605&sct=1&seg=0&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=6sense&_et=635&up.annual_revenue=&up.country=Italy&up.domain=&up.employee_count=&up.employee_range=&up.industry=&up.is_blacklisted=false&up.naics=&up.company_name=&up.revenue_range=&up.zip=&tfd=8265
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9891KWEZPK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 132ms
132ms Image
image/gif 2.17.100.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A50%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-184.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Sep 2024 09:56:51 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Sep 2024 09:56:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.synack.com
URL: blob:https://www.synack.com/18f1ad48-3d9a-4035-921f-c419423ee0f3

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsforms.net/	1970-01-20 23:20:18	Name: __cf_bm Value: z7COW3khHSckVhLcDvVtuVBs_FL7yRza0vIni19.7aw-1725616603-1.0.1.1-jyo.IURbk41Ne3u2_wOzMksptBILscMKIEfsrzx3Qrljs1tNfbyC1NgLSLTszwAMRugHo533mtf8JQbR4jDL6Q
.synack.com/	1970-01-21 01:29:52	Name: _gcl_au Value: 1.1.1680191689.1725616605
.synack.com/	1969-12-31 23:59:59	Name: pageView Value: 1
.synack.com/	1969-12-31 23:59:59	Name: visited Value: true
.synack.com/	1969-12-31 23:59:59	Name: syn Value: {"firsttouch":{"LeadSource":"none","LeadMedium":"none","LeadType":"none","LeadName":"none","LeadCampaign":"none","Referrer":"Direct","LandingPage":"https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/"},"Journey":{"PageviewCount":"1"}}
.synack.com/	1970-01-21 08:56:16	Name: _ga_XVS579G3KG Value: GS1.1.1725616605.1.1.1725616605.60.0.0
.adnxs.com/	1970-01-21 08:56:16	Name: receive-cookie-deprecation Value: 1
www.synack.com/	1970-01-20 23:30:21	Name: _an_uid Value: 0
www.synack.com/	1970-01-21 08:56:16	Name: _gd_visitor Value: df39ff55-576c-48ac-831d-7e403894430f
www.synack.com/	1970-01-20 23:20:31	Name: _gd_session Value: e1213231-a50f-4fc4-8bd5-517f7f1a6cf7
.synack.com/	1970-01-21 08:56:16	Name: _ga Value: GA1.2.1936826387.1725616605
.synack.com/	1970-01-20 23:21:43	Name: _gid Value: GA1.2.655344221.1725616605
.synack.com/	1970-01-20 23:20:16	Name: _gat_gtag_UA_38714717_1 Value: 1
.synack.com/	1970-01-21 08:05:52	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Sep+06+2024+11%3A56%3A45+GMT%2B0200+(Ora+legale+dell%E2%80%99Europa+centrale)&version=202211.2.0&isIABGlobal=false&hosts=&consentId=80c70747-c9b5-4a53-8d0c-76d32ac190b9&interactionCount=0&landingPath=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&groups=C0002%3A0%2CC0003%3A0%2CC0005%3A0%2CC0004%3A0%2CC0001%3A1
.synack.com/	1970-01-21 08:56:16	Name: _ga_9891KWEZPK Value: GS1.1.1725616605.1.0.1725616605.0.0.0
.linkedin.com/	1970-01-21 08:05:52	Name: bcookie Value: "v=2&1f398111-4f9c-4bd1-8917-6765117fd57d"
.linkedin.com/	1970-01-21 03:39:28	Name: li_gc Value: MTswOzE3MjU2MTY2MDY7MjswMjE9pE0vOUEPLQ5OHV2vKydvpPupyLyuDCOLd4/Q8+MlWg==
.linkedin.com/	1970-01-20 23:21:43	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2875:u=1:x=1:i=1725616606:t=1725703006:v=2:sig=AQElxkF2-9Mqn92FJdMwBD7Fy0mAmfgS"
www.synack.com/	1970-01-21 05:49:04	Name: marker_id_658b4fb8b7e171793487157e Value: 2ebd3c1b-d851-48ad-a6d3-728d785915ec
.hsforms.com/	1970-01-20 23:20:18	Name: __cf_bm Value: 6hjdRyDZ6ZpxlmwKNHUoFf38R8AW4bQTjsViN.yIUTQ-1725616606-1.0.1.1-93.N3GLMlH0sYk8jbwOnAANuIBWLBNojk2KUjc53VColljHknwKrsO0FiAoXYf7_1onCB8Fxx.64E2fUyCAwZw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: EmpFW1s2Qpbq6VmYHMPduWMwAdlDOXnZgdyQRe__ceY-1725616606912-0.0.1.1-604800000
.doubleclick.net/	1970-01-21 08:56:16	Name: IDE Value: AHWqTUkFESBEFgGK77JjllDoQiRpchff_tuSKAuMWgfzoAJaI6rf-pG8UrT-gmFn
.synack.com/	1970-01-21 03:39:28	Name: __hstc Value: 224438085.b8ff4b806f5ab2c4dfe532bc3d10ad4b.1725616607194.1725616607194.1725616607194.1
.synack.com/	1970-01-21 03:39:28	Name: hubspotutk Value: b8ff4b806f5ab2c4dfe532bc3d10ad4b
.synack.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.synack.com/	1970-01-20 23:20:18	Name: __hssc Value: 224438085.1.1725616607194
.synack.com/	1970-01-21 08:56:16	Name: __q_state_wMSIsrvzp9xgEeyW Value: eyJ1dWlkIjoiOGUwNTU0YzktNjQ3MS00YmVlLWEwOTEtM2ExMjM3YzM0NTA5IiwiY29va2llRG9tYWluIjoic3luYWNrLmNvbSIsImFjdGl2ZVNlc3Npb25JZCI6bnVsbCwic2NyaXB0SWQiOiIxMzgwNzc2NTMxMTU0NjY1NjY1IiwibWVzc2VuZ2VyRXhwYW5kZWQiOmZhbHNlLCJwcm9tcHREaXNtaXNzZWQiOmZhbHNlLCJzdGF0ZUJ5U2NyaXB0SWQiOnsiMTM4MDc3NjUzMTE1NDY2NTY2NSI6eyJkaXNtaXNzZWQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGx9fSwiY29udmVyc2F0aW9uSWQiOiIxNDc3NDQ4NTUyODc3NzAzNDE1In0=
.hubspot.com/	1970-01-20 23:20:18	Name: __cf_bm Value: .deggAOlbbu9k0AbpEbtPLdSx.Ck.wgf6XEneRtHn5s-1725616607-1.0.1.1-0r3lOBus3LxlGVZqvM4J0wRw7Mpx1ZGk1LaIJZhL1cgFPJikFukgs9T9MJx80Sah6UHs7QaFuehepTBIRydDGw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: hqJx7DDVhenO1UDSdBM2orNv_3531.2KausvXdgEC6g-1725616607799-0.0.1.1-604800000
.www.synack.com/	1970-01-21 08:05:52	Name: _zitok Value: b44fa5c092db4ae1db951725616608
.zoominfo.com/	1970-01-20 23:20:18	Name: __cf_bm Value: h7Vkinrum1MefavVWrULGIhhY6T2HnZfhrhP7Xfi0M8-1725616609-1.0.1.1-B2z6mhJT5tuTVXSVzIlbgjdS6bFniIyoPFg9ZzXd.x0UZtg3pmjOe1iHAsMoOkNrwWUS094QTeqE2hUecIkBwQ
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Ir4mposkL.N_zKb6buL0NL1jDxMaBbl_HcW6B5HZb2s-1725616609706-0.0.1.1-604800000

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security	error	URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
worker	error	URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
worker	error	URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c(Line 216) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c(Line 88) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c(Line 156) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW(Line 2) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW(Line 2) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://js.hscollectedforms.net/collectedforms.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://js.hscollectedforms.net/collectedforms.js Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security	error	URL: https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c(Line 156) Message: The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
api.marker.io
app.qualified.com
b.6sc.co
c.6sc.co
cdn.cookielaw.org
cta-service-cms2.hubspot.com
edge.marker.io
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hubspot.com
js.qualified.com
js.zi-scripts.com
perf-na1.hsforms.com
px.ads.linkedin.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.synack.com
www.synack.com
104.16.111.254
104.16.117.116
104.16.117.43
104.16.141.209
104.16.160.168
104.17.223.152
104.18.141.119
104.18.16.5
104.18.244.108
104.18.80.204
104.18.87.42
104.19.175.188
13.107.42.14
13.248.142.121
141.193.213.21
142.250.184.194
142.250.185.206
142.250.185.66
142.250.186.162
142.250.186.168
172.217.16.196
172.217.18.3
172.64.147.16
172.64.150.44
172.64.155.119
172.67.70.243
184.24.77.20
2.17.100.184
216.58.212.138
216.58.212.142
35.170.94.36
37.252.171.149
64.233.167.157
03b35fa68723bee214d6d22f10bb307f2e9b829031ff7a9b1e3fccd818097dcf
0592b259f7c8f5cbc1b2045cba88d8fd68613256b4a537960ac5f3423cda69c1
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
1b16993de3c2b48ce2e592a524fc27cda65b89808d62c5927c7b62b1a4dc409c
1bab9c40c898baff0cfd990efd38181005fddaed94402732b0e92708b05d2726
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2078776d6f374fb6a40f82c3b53d2258841f86e76f1323e3a45955c9f75b58ee
22e999690564c5c0dfa82424c1253fb6062f8cf1d9487eda9aebab07e01144b9
23ba89ab90e39bad03d966a8080e150db8c75187d5accccb304b2e116609cb7b
2482c747cff537e03428864e3fd3cf8a80d1339ebbf95ea7ecf8df4a5e5dfcc8
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
2b840ccb15d3d1e2aba4b223ea4b89b7ea234376d5968508083177671f23ecd0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35c2419e3070f78947f1bbe39fe1e42380876957985da94f9905cfa6bfe1128e
3641dd2578254a4c6b528f9e060dd2bb2812134c4bfe7db41744a14e9284f0fd
3afd5cb1c9a449869bcb73939fcbace93f9dfc1aecd15c5ae86edcd6c8fdfb3c
3b1ea6cd586a8e44d9387d438c1bf23a83200feea1da2f21ee8097c14e64bb33
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4629e7eed4a660b76c09839a21d6a4a9268b7364ea38d17abf8960d606ab83bc
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4d2bcb574a8847ce3950feafa475c5de4d780c2321d5ec7894880f348008d0c9
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9a33e1d985d652eec5b794d5520a7eb4527f45b13883f398892780f201e06e
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53c7184a496de140179411b078803cf05e88b506583947870a6d050f723b85e1
5e478aa5a84ca62d2450fbe0cedf13085f987dc1c3c4b30e8683701f20a4aadd
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62b923702c6d24624ee9cf74c73488d1c4ba68649d9cce6a63b91e5bccd29a16
662909c49c1ce344adeac34addace8b0824701d47cf5fb3fe1fcc7cd1fdb4fb5
662df1769f7c2697922fefa3ae69b72cded6313ac635685f1d5371ec72d58a12
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
6aa239d420942e368db4ad395183c982821dc171f45592312eb05717f0a48e0d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d23492bdf2468bd59c6e3437e4b2f3eac9b3e49a362f5b692a7e8d520d0b06e
6d32ffc818e7296c00cb04e2efc4c3fbcc3ad6dcf7e386e9a03fd84b535da520
70c187c27c25d4f67346e9d8efb6915f28204baf6e26b84bba6ccdc5bb470712
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
77ae82e50807147cbbe51b2516821c6ad183d0a8751f8a16f4d1a973b24682ed
77b8595b688ffd0297d0c6a51090ba03399a8f750fee8f46e1f83919f5e0a469
7b8487412015c87df70a04ab7dd4a2b816897d483512a0cb1eab01045232385a
7d6b395e1fc4e9ec3dc878c3d6c4141c2ef632bb53fe87143988977c746ff30d
7fb8f6d0827dcad48a533aea98c516d939dcafb91610bc351c83a2b775a53bc2
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d0984ab99052526b5012f34d8784261f737548ca3b3f976d8678f7f103d00c1
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9b6a00ee6dc92a5540d44fe4c46dc4a7ef801c8cb2fcc0bde20cc0ff82296977
9ef61d1693b6a3aa88605f051f2acc6522cfea5f53937eca31ead29cdfb5b557
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a49e96e81e017345e3e0a0c818021f6a159fc6751c55168a9b8f325e8425bc7a
a5141aa2cbb1361e5852ed97c43c449fb6824bbacc196d828b33a2b4130200b2
aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99
aee3a1ac4a8a058037f6a49fe3f1c8592c797f7872958e57526011de14ab9436
b285d921093f27e5ab892c052f60d465383c6072300faf20ac3028628f889f61
b317df5e031bd027cf564feae4589bdccf44929cea1ee7bbeb7cdd3b80ff95ed
b83b1acd67f31a30aa8cc887f269ede90e26aab6c57eb86327d12b495d7517a4
c245353d95438f833c87f58ad0a8f82f3d110bd5219e7476c6494df671b80e18
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
c7ff85cb826707eb89d6960662e92719bd974084483cb7bef727ee90ed13a1d1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d8a9fe9b6fcab17a668d6c07d6addc7c44b8083ad9e7044da40a02c638f38cdc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74
eef746cbe8cff099ec359a005011e2e39ec4b64b838ed428f2a66632ce568dee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f2257ecae3d22c703a36089996962128138034931396b59d6ce0e302c485cd62
f24fcf0b9f703388dc47b2fbefa7cca040802fda7de87a4244c8e1d230450578
f4c1ede221e5a8c35e065eeb52baba4564aa19a3f441b0e3e56535714155dc85
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff66dd8c4052928d0aef689ba10b94d8cef0b91e918a11fae297d453e062a8f2
ffa26c1e29a1439ff072c1fe246f6cb68cbdf255da969f705c7d7b91ad75d785

www.synack.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

97 %HTTPS

0 %IPv6

28 Domains

40 Subdomains

34 IPs

3 Countries

2447 kBTransfer

7510 kBSize

32 Cookies

15 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.synack.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

97 %
HTTPS

0 %
IPv6

28
Domains

40
Subdomains

34
IPs

3
Countries

2447 kB
Transfer

7510 kB
Size

32
Cookies

117 HTTP transactions
0 data transactions