doc.synergysupport.ca Open in urlscan Pro
216.128.181.189  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response doc.synergysupport.ca/	4 KB 6 KB	102ms 31ms	Document text/html	216.128.181.189 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://doc.synergysupport.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.128.181.189 Toronto, Canada, ASN20473 (AS-CHOOPA, US), Reverse DNS 216.128.181.189.vultrusercontent.com Software nginx / Resource Hash 020052051df3e6fb7e8e494225fd583e20b6caf1139f1a5b9b837ea40b50f799 Security Headers Name Value Content-Security-Policy default-src 'self' https: http:; font-src 'self' https: data: https://js.intercomcdn.com; object-src 'self' https: http:; form-action 'self' https: https://intercom.help https://api-iam.intercom.io; media-src https://js.intercomcdn.com; img-src 'self' http: https: blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments.com; child-src 'self' blob: https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src 'unsafe-eval' 'unsafe-inline' https: http: https://js.stripe.com https://hooks.stripe.com; script-src 'self' 'unsafe-inline' blob: 'unsafe-eval' https: http: https://canny.io/sdk.js https://app.intercom.io https://widget.intercom.io https://api.duosecurity.com https://js.intercomcdn.com https://widget.intercom.io https://js.stripe.com d2iiunr5ws5ch1.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com/analytics.js; style-src 'self' https: 'unsafe-inline' blob:; connect-src 'self' https: http: data: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://api.stripe.com http://localhost:3035 ws://localhost:3035 Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store content-security-policy default-src 'self' https: http:; font-src 'self' https: data: https://js.intercomcdn.com; object-src 'self' https: http:; form-action 'self' https: https://intercom.help https://api-iam.intercom.io; media-src https://js.intercomcdn.com; img-src 'self' http: https: blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments.com; child-src 'self' blob: https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src 'unsafe-eval' 'unsafe-inline' https: http: https://js.stripe.com https://hooks.stripe.com; script-src 'self' 'unsafe-inline' blob: 'unsafe-eval' https: http: https://canny.io/sdk.js https://app.intercom.io https://widget.intercom.io https://api.duosecurity.com https://js.intercomcdn.com https://widget.intercom.io https://js.stripe.com d2iiunr5ws5ch1.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com/analytics.js; style-src 'self' https: 'unsafe-inline' blob:; connect-src 'self' https: http: data: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://api.stripe.com http://localhost:3035 ws://localhost:3035 content-type text/html; charset=utf-8 date Wed, 08 Mar 2023 19:56:47 GMT etag W/"020052051df3e6fb7e8e494225fd583e" expires Mon, 01 Jan 1990 00:00:00 GMT link </app_assets/application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css>; rel=preload; as=style; nopush,</app_assets/application-78e3822321816bc73e3ee2febf5e49bf11914f6984b1473a28b8b4199604e520.js>; rel=preload; as=script; nopush pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security max-age=31556952; includeSubDomains; preload x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-request-id eb26e75e-dac1-4adc-8841-8d5788982a10 x-runtime 0.012414 x-xss-protection 1; mode=block
GET H2	200	application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css doc.synergysupport.ca/app_assets/	716 KB 125 KB	20ms 19ms	Stylesheet text/css	216.128.181.189 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://doc.synergysupport.ca/app_assets/application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.128.181.189 Toronto, Canada, ASN20473 (AS-CHOOPA, US), Reverse DNS 216.128.181.189.vultrusercontent.com Software nginx / Resource Hash 7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://doc.synergysupport.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 19:56:47 GMT content-encoding gzip strict-transport-security max-age=31556952; includeSubDomains; preload last-modified Fri, 10 Feb 2023 22:21:44 GMT server nginx vary Accept-Encoding content-type text/css content-length 127160
GET H2	200	application-78e3822321816bc73e3ee2febf5e49bf11914f6984b1473a28b8b4199604e520.js Show response doc.synergysupport.ca/app_assets/	5 MB 1 MB	21ms 21ms	Script application/javascript	216.128.181.189 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://doc.synergysupport.ca/app_assets/application-78e3822321816bc73e3ee2febf5e49bf11914f6984b1473a28b8b4199604e520.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.128.181.189 Toronto, Canada, ASN20473 (AS-CHOOPA, US), Reverse DNS 216.128.181.189.vultrusercontent.com Software nginx / Resource Hash 78e3822321816bc73e3ee2febf5e49bf11914f6984b1473a28b8b4199604e520 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://doc.synergysupport.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 19:56:47 GMT content-encoding gzip strict-transport-security max-age=31556952; includeSubDomains; preload last-modified Fri, 10 Feb 2023 22:21:44 GMT server nginx vary Accept-Encoding content-type application/javascript content-length 1345666
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	Apercu-Regular-Pro-adf65874cc366c58e171f9b2b8600071a64859e5b4854f113421d06efd4a3381.woff2 doc.synergysupport.ca/app_assets/	46 KB 46 KB	30ms 29ms	Font application/font-woff2	216.128.181.189 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://doc.synergysupport.ca/app_assets/Apercu-Regular-Pro-adf65874cc366c58e171f9b2b8600071a64859e5b4854f113421d06efd4a3381.woff2 Requested by Host: doc.synergysupport.ca URL: https://doc.synergysupport.ca/app_assets/application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.128.181.189 Toronto, Canada, ASN20473 (AS-CHOOPA, US), Reverse DNS 216.128.181.189.vultrusercontent.com Software nginx / Resource Hash adf65874cc366c58e171f9b2b8600071a64859e5b4854f113421d06efd4a3381 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload Request headers Referer https://doc.synergysupport.ca/app_assets/application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css Origin https://doc.synergysupport.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 19:56:48 GMT strict-transport-security max-age=31556952; includeSubDomains; preload last-modified Tue, 31 Jan 2023 01:03:42 GMT server nginx content-length 46684 content-type application/font-woff2
GET H2	200	Apercu-Bold-Pro-7a7eb9ddea7c075022e993c26990b5926cb13c48ccc13793bd48dc4d8fb9332f.woff2 doc.synergysupport.ca/app_assets/	45 KB 45 KB	30ms 29ms	Font application/font-woff2	216.128.181.189 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://doc.synergysupport.ca/app_assets/Apercu-Bold-Pro-7a7eb9ddea7c075022e993c26990b5926cb13c48ccc13793bd48dc4d8fb9332f.woff2 Requested by Host: doc.synergysupport.ca URL: https://doc.synergysupport.ca/app_assets/application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.128.181.189 Toronto, Canada, ASN20473 (AS-CHOOPA, US), Reverse DNS 216.128.181.189.vultrusercontent.com Software nginx / Resource Hash 7a7eb9ddea7c075022e993c26990b5926cb13c48ccc13793bd48dc4d8fb9332f Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload Request headers Referer https://doc.synergysupport.ca/app_assets/application-7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779.css Origin https://doc.synergysupport.ca accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Wed, 08 Mar 2023 19:56:48 GMT strict-transport-security max-age=31556952; includeSubDomains; preload last-modified Tue, 31 Jan 2023 01:03:42 GMT server nginx content-length 46124 content-type application/font-woff2

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| Prism object| __core-js_shared__ object| core object| tinymce object| tinyMCE object| ephox function| caml_create_file object| caml_fs_tmp function| Suggestions function| flatpickr object| TreemapSquared function| SVG function| addResizeListener function| removeResizeListener object| Apex function| ApexCharts function| setImmediate function| clearImmediate boolean| _rails_loaded

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			doc.synergysupport.ca/	1969-12-31 23:59:59	Name: _hudu_session Value: ZX0d82aM%2FmLG5h2sz%2F2bC66wzZ1XTA4UU2Ip0u%2FtSNS%2BYC6ylsGIUhJYJqY2j4L7oXXVJHRpfAr%2BXKoMUb4GcDLqPSYOBLqIZ830ob5gZhikU%2BFA%2FeVVpA%2BCvCaZbMNsXejlMS3vLyvz5l3JMp5mBo34cwPQdHrR55uSiHWfkZuOEFOK4ctPrqcECaGlBm7uBtwaiwnyrk0KFYQlyuzOzGgGuDjRCK4QZQJIYy9enuwEvfczBK4h7zRz2%2BZHjWzmEUqej4DYYNlSFOvoAk0sZwsEqGQf--HgC1qpvhcrOK9n3I--HUgK4T0d3%2Byf898MmLpfZw%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: http:; font-src 'self' https: data: https://js.intercomcdn.com; object-src 'self' https: http:; form-action 'self' https: https://intercom.help https://api-iam.intercom.io; media-src https://js.intercomcdn.com; img-src 'self' http: https: blob: data: https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments.com; child-src 'self' blob: https: https://share.intercom.io https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net; frame-src 'unsafe-eval' 'unsafe-inline' https: http: https://js.stripe.com https://hooks.stripe.com; script-src 'self' 'unsafe-inline' blob: 'unsafe-eval' https: http: https://canny.io/sdk.js https://app.intercom.io https://widget.intercom.io https://api.duosecurity.com https://js.intercomcdn.com https://widget.intercom.io https://js.stripe.com d2iiunr5ws5ch1.cloudfront.net https://www.googletagmanager.com https://www.google-analytics.com/analytics.js; style-src 'self' https: 'unsafe-inline' blob:; connect-src 'self' https: http: data: https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://nexus-long-poller-a.intercom.io https://nexus-long-poller-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://api.stripe.com http://localhost:3035 ws://localhost:3035
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

doc.synergysupport.ca
216.128.181.189
020052051df3e6fb7e8e494225fd583e20b6caf1139f1a5b9b837ea40b50f799
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
78e3822321816bc73e3ee2febf5e49bf11914f6984b1473a28b8b4199604e520
7a7eb9ddea7c075022e993c26990b5926cb13c48ccc13793bd48dc4d8fb9332f
7e03dc470cf44e05836e9cd5f5a4fe4d0a287db5e4465a2e0ea8d7c7dda61779
adf65874cc366c58e171f9b2b8600071a64859e5b4854f113421d06efd4a3381