www.synack.com Open in urlscan Pro
141.193.213.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Submission: On December 05 via api (December 5th 2021, 12:20:34 pm UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 24 domains to perform 98 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.synack.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 19th 2021. Valid for: a year.

This is the only time www.synack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	141.193.213.21 141.193.213.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	94.31.29.99 94.31.29.99	33438 (HIGHWINDS2) (HIGHWINDS2)
1	34.195.187.5 34.195.187.5	14618 (AMAZON-AES) (AMAZON-AES)
6	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.111.234.67 104.111.234.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	2600:9000:215... 2600:9000:2156:1a00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	143.204.98.43 143.204.98.43	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1abe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	143.204.98.84 143.204.98.84	16509 (AMAZON-02) (AMAZON-02)
1	3.141.217.14 3.141.217.14	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	143.204.98.72 143.204.98.72	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	34.253.133.188 34.253.133.188	16509 (AMAZON-02) (AMAZON-02)
2 2	34.248.204.54 34.248.204.54	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
10	100.25.249.86 100.25.249.86	14618 (AMAZON-AES) (AMAZON-AES)
2	52.216.18.200 52.216.18.200	16509 (AMAZON-02) (AMAZON-02)
98	31

35 141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.synack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 94.31.29.99 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.99.IPYX-077437-ZYO.above.net

cdnm.synack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.187.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-187-5.compute-1.amazonaws.com

js.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.93.80 (None, )

ASN13335 (CLOUDFLARENET, US)

app-ab15.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

738-oex-476.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:1a00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-43.fra50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1abe (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-84.fra50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.141.217.14 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-217-14.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

952412761.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.133.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.204.54 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-204-54.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 100.25.249.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-249-86.compute-1.amazonaws.com

app.qualified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.18.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

qualified-production.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	synack.com www.synack.com cdnm.synack.com	956 KB
11	qualified.com js.qualified.com app.qualified.com	718 KB
7	adroll.com 2 redirects s.adroll.com d.adroll.com	20 KB
6	marketo.com app-ab15.marketo.com	141 KB
5	company-target.com 1 redirects api.company-target.com segments.company-target.com	5 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
3	google.de www.google.de	675 B
3	google.com 1 redirects www.google.com	1 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	googleadservices.com www.googleadservices.com 952412761.privacysandbox.googleadservices.com	16 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	googletagmanager.com www.googletagmanager.com	172 KB
2	amazonaws.com qualified-production.s3.amazonaws.com	6 KB
2	bidr.io 2 redirects match.prod.bidr.io	1019 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	marketo.net munchkin.marketo.net	7 KB
1	rlcdn.com id.rlcdn.com	66 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	g2crowd.com tracking.g2crowd.com	1 KB
1	googleapis.com ajax.googleapis.com	31 KB
1	demandbase.com tag.demandbase.com	19 KB
1	licdn.com snap.licdn.com	2 KB
1	mktoresp.com 738-oex-476.mktoresp.com	311 B
1	googleoptimize.com www.googleoptimize.com	36 KB
98	24

	Domain	Requested by
35	www.synack.com	www.synack.com
10	app.qualified.com	js.qualified.com app.qualified.com
6	s.adroll.com	2 redirects www.googletagmanager.com www.synack.com s.adroll.com
6	app-ab15.marketo.com	www.synack.com app-ab15.marketo.com
6	cdnm.synack.com	www.synack.com
3	www.google.de	www.synack.com
3	www.google.com	1 redirects www.synack.com
3	api.company-target.com	ajax.googleapis.com tag.demandbase.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.synack.com www.googletagmanager.com
2	qualified-production.s3.amazonaws.com
2	segments.company-target.com	1 redirects www.synack.com
2	match.prod.bidr.io	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	munchkin.marketo.net	www.synack.com munchkin.marketo.net
1	id.rlcdn.com	www.synack.com
1	d.adroll.com	s.adroll.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	952412761.privacysandbox.googleadservices.com	www.synack.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.synack.com
1	certify.alexametrics.com	www.synack.com
1	px4.ads.linkedin.com	www.synack.com
1	www.linkedin.com	1 redirects
1	tracking.g2crowd.com	www.synack.com
1	ajax.googleapis.com	www.googletagmanager.com
1	tag.demandbase.com	www.synack.com
1	certify-js.alexametrics.com	www.synack.com
1	snap.licdn.com	www.googletagmanager.com
1	738-oex-476.mktoresp.com	munchkin.marketo.net
1	js.qualified.com	www.synack.com
1	www.googleoptimize.com	www.synack.com
98	33

This site contains links to these domains. Also see Links.

Domain
acropolis.synack.com
login.synack.com
cdnm.synack.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
www.synack.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-19` - `2022-07-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
js.qualified.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
app-ab15.marketo.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2021-03-29` - `2022-04-06`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-18` - `2022-10-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g2crowd.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-30` - `2022-09-28`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2021-10-20` - `2022-09-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
app.qualified.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Frame ID: BD0533EE469E67B8822ECFBDA0D9DB5C
Requests: 93 HTTP requests in this frame

Frame: https://app-ab15.marketo.com/index.php/form/XDFrame
Frame ID: B7D51CE7D235DB8478D9692A3C86A957
Requests: 2 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Frame ID: 0FC8D1205B687ABFB0AC3F8DE1D48EE6
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

This Microsoft Windows RCE Vulnerability Gives an Attacker Complete Control - SynackThis Microsoft Windows RCE Vulnerability Gives an Attacker Complete Control - Synack

Page Statistics

98
Requests

95 %
HTTPS

38 %
IPv6

24
Domains

33
Subdomains

31
IPs

6
Countries

2184 kB
Transfer

5750 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://acropolis.synack.com/
Title: Acropolis

Search URL Search Domain Scan URL

URL: https://login.synack.com/
Title: Log In

Search URL Search Domain Scan URL

URL: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-video-calc_pop_full-Web.mp4
Title: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-video-calc_pop_full-Web.mp4

Search URL Search Domain Scan URL

URL: https://www.facebook.com/synack
Title: <img src="/wp-content/themes/synack/next/static/images/social-fb-dark.svg" aria-label="Facebook logo.">

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/synack-inc-
Title: <img src="/wp-content/themes/synack/next/static/images/social-li-dark.svg" aria-label="LinkedIn logo.">

Search URL Search Domain Scan URL

URL: https://twitter.com/synack
Title: <img class="twitter" src="/wp-content/themes/synack/next/static/images/social-tw-dark.svg" aria-label="Twitter logo.">

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thesynackcrowd/
Title: <img src="/wp-content/themes/synack/next/static/images/social-ig.svg" aria-label="Instagram logo.">

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D60233%26time%3D1638706829187%26url%3Dhttps%253A%252F%252Fwww.synack.com%252Fblog%252Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&liSync=true&e_ipv6=AQJ4eqgD5AwXYQAAAX2KidjyCNkMKlVUN_MaB0iU1fhmVF6PN0SzrFC5Ta7r-r3Qt2gqy_hZ5A

Request Chain 72

https://s.adroll.com/j/exp/5QXCA3VWPJCOHHBA7OF3OD/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 73

https://s.adroll.com/j/pre/5QXCA3VWPJCOHHBA7OF3OD/DSII7FW6GBCNZN3IPKELZ7/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 78

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ja6sYeyVD5P4gAfz5JewDw&sscte=1&crd=&eitems=ChAIgOOxjQYQkqO3s5esn_RfEh0AexV_LOF2y1ihjrBWgaUJbwAor_GPTmKNFD6X3Q HTTP 302
https://www.google.com/pagead/1p-conversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ja6sYeyVD5P4gAfz5JewDw&eitems=ChAIgOOxjQYQkqO3s5esn_RfEh0AexV_LDbwfcQ59htZlQLKnYduHqjZEUqautZ3Ug&random=3280993387&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ja6sYeyVD5P4gAfz5JewDw&eitems=ChAIgOOxjQYQkqO3s5esn_RfEh0AexV_LDbwfcQ59htZlQLKnYduHqjZEUqautZ3Ug&random=3280993387&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 84

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AADVCU7DWV0AACppNaeASg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADVCU7DWV0AACppNaeASg&verifyHash=4454e2dc5e36df37831788eac5a525428bea2d48

98 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/ 164 KB
41 KB 247ms
198ms Document
text/html 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e678c76d62f82dcfe3bf5b787fdd456cf57c6d2e4ac9f4d635286d1ef3de13c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://www.synack.com/?p=9700>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b8d3a8ecb5a4e13-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 39ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c33ec6452165bb33269a7e99ff7374943cc4ab4c2dce46d5ca2a8e8d8a0aabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37118
x-xss-protection: 0
expires: Sun, 05 Dec 2021 12:20:28 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 89 KB
36 KB 56ms
16ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-56H9SXM

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

237bd993907030a273b2792972ae204a24f4b5f2a6f895bc8e6dcc4e7ef82948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35893
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Dec 2021 12:20:28 GMT

GET
H2 200 criquegroteskdisplay-regular.woff
www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegroteskdisplay/ 32 KB
32 KB 31ms
29ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegroteskdisplay/criquegroteskdisplay-regular.woff
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58845150caaa7d904242ef0972d8e1ab41057b8d16e3b4417b41f9c6781ac839

Request headers

Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Sep 2021 01:26:38 GMT
server: cloudflare
age: 7205120
etag: "613ab44e-7f95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a902dbc4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32661

GET
H2 200 criquegroteskdisplay-bold.woff
www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegroteskdisplay/ 31 KB
31 KB 48ms
46ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegroteskdisplay/criquegroteskdisplay-bold.woff

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

086f137fed04f5feb4b046f9a43fcfe6119b9970b2d477004c954d444183bba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3387642
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31667
last-modified: Tue, 19 Oct 2021 00:59:21 GMT
server: cloudflare
etag: "616e1869-7bb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a902dbf4e13-FRA

GET
H2 200 synack-cta-styles.css
www.synack.com/wp-content/plugins/synack-cta-shortcode-plugin/public/css/ 2 KB
774 B 44ms
41ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/plugins/synack-cta-shortcode-plugin/public/css/synack-cta-styles.css?ver=1.0.1
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677010f1947af5a4a2ee51eabf78f3ff907a252c76c8614741fbc26998ef095e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 02:44:23 GMT
server: cloudflare
age: 10396690
etag: W/"6108ad87-7e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b8d3a902dc04e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
www.synack.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 45ms
42ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: cloudflare
age: 1566390
etag: W/"612efc26-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a902dc34e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
cdnm.synack.com/wp-content/uploads/maxmegamenu/ 66 KB
6 KB 63ms
7ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnm.synack.com/wp-content/uploads/maxmegamenu/style.css?ver=24f3dc
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: d4648000232eaa38f5faf3347dcf39ee81fda4a9ff1d47a3bb9a2a157b7c6a7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 23:48:15 GMT
server: NetDNA-cache/2.2
etag: W/"61aaacbf-106c4"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dashicons.min.css
www.synack.com/wp-includes/css/ 58 KB
35 KB 40ms
38ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/css/dashicons.min.css?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: cloudflare
age: 1566388
etag: W/"603ffca6-e688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a902dc64e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 modern.css
www.synack.com/wp-content/themes/synack/assets/styles/ 203 KB
37 KB 41ms
39ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe42011e3ca7ba0f21f52d5c33652bb0a4bedf9e647bef79b5f29c3297778fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 00:59:23 GMT
server: cloudflare
age: 3437684
etag: W/"616e186b-32a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a902dc84e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 synack-cta-scripts.js Show response
www.synack.com/wp-content/plugins/synack-cta-shortcode-plugin/public/js/ 50 B
176 B 31ms
30ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/plugins/synack-cta-shortcode-plugin/public/js/synack-cta-scripts.js?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8c008c043b3071db0d9e13ba604be68446936f13d7b60c821bcfcc5d84bf253

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Nov 2021 18:26:43 GMT
server: cloudflare
age: 1566376
etag: W/"618eb1e3-32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a902dcc4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.synack.com/wp-includes/js/jquery/ 87 KB
31 KB 36ms
35ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 00:58:52 GMT
server: cloudflare
age: 3462179
etag: W/"616e184c-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a902dce4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
www.synack.com/wp-includes/js/jquery/ 11 KB
4 KB 43ms
41ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jul 2021 23:33:37 GMT
server: cloudflare
age: 11900122
etag: W/"60f21751-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b8d3a902dd04e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 head.js Show response
www.synack.com/wp-content/themes/synack/assets/scripts/ 103 B
186 B 47ms
46ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/themes/synack/assets/scripts/head.js?ver=1.6.0
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6507c367859d5e5c2b734d3358d843bdc7f1590575ce944a0847aebc661096f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jul 2021 23:34:08 GMT
server: cloudflare
age: 11900122
etag: W/"60f21770-67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b8d3a902dd64e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK qualified.js Show response
js.qualified.com/ 222 KB
66 KB 399ms
161ms Script
text/javascript 34.195.187.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

34.195.187.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-195-187-5.compute-1.amazonaws.com

Software

nginx /

Resource Hash

658dbe207a33dec1d4b894ed0f59cdaeadd7db49c198dc4626377ae09aa8d9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Xss-Protection: 1; mode=block
X-Request-Id: a4a13054-53dc-ac4b-8d41-24447fcdb4a6
X-Runtime: 0.014398
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"658dbe207a33dec1d4b894ed0f59cdae"
X-Download-Options: noopen
Vary: Accept,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 forms2.min.js Show response
app-ab15.marketo.com/js/forms2/js/ 205 KB
68 KB 160ms
31ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab15.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
age: 3653
etag: "d804b9-33210-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6b8d3a90fa224ecd-FRA
expires: Sun, 05 Dec 2021 16:20:28 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
www.synack.com/wp-includes/js/mediaelement/ 11 KB
3 KB 50ms
49ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-2bf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903dd74e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-mediaelement.min.css
www.synack.com/wp-includes/js/mediaelement/ 4 KB
1 KB 39ms
37ms Stylesheet
text/css 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-105a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903dd84e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 smush-lazy-load.min.js Show response
www.synack.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 46ms
44ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.0

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 30 Oct 2021 05:06:11 GMT
server: cloudflare
age: 3131762
etag: W/"617cd2c3-1ef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903dd94e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hoverIntent.min.js Show response
www.synack.com/wp-includes/js/ 1 KB
810 B 93ms
91ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 Sep 2021 02:34:21 GMT
server: cloudflare
age: 5902782
etag: W/"61527f2d-5c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903ddb4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 maxmegamenu.js Show response
www.synack.com/wp-content/plugins/megamenu/js/ 30 KB
5 KB 43ms
41ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.4
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jul 2021 23:34:10 GMT
server: cloudflare
age: 11900122
etag: W/"60f21772-7741"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b8d3a903ddc4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 require.js Show response
www.synack.com/wp-content/themes/synack/assets/vendor/requirejs/ 82 KB
21 KB 41ms
40ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/themes/synack/assets/vendor/requirejs/require.js?ver=1.6.0
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 346b4cd789dfa63e4695ee5386d2f115a4233da2bab3c322f2fc32c87a854ce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 Aug 2021 02:05:46 GMT
server: cloudflare
age: 8935709
etag: W/"611f0dfa-14640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b8d3a903dde4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 config.js Show response
www.synack.com/wp-content/themes/synack/assets/scripts/ 3 KB
1 KB 38ms
37ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/scripts/config.js?ver=1.6.0

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

581252f274cf79145434a010cfff21020948a4d137807e77df474a6e716139e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 08 Oct 2021 13:23:39 GMT
server: cloudflare
age: 4776238
etag: W/"6160465b-ae9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903ddf4e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 settings.js Show response
www.synack.com/wp-content/themes/synack/assets/scripts/ 2 KB
939 B 35ms
33ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/themes/synack/assets/scripts/settings.js?ver=1.6.0
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622d446ce9c470332c48be1b028bfe2ff3f63eb91858de445b6f9ff88b583262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jul 2021 23:34:07 GMT
server: cloudflare
age: 11900122
etag: W/"60f2176f-79e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6b8d3a903de14e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-embed.min.js Show response
www.synack.com/wp-includes/js/ 1 KB
814 B 35ms
34ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 1565595
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903de34e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 mediaelement-and-player.min.js Show response
www.synack.com/wp-includes/js/mediaelement/ 154 KB
38 KB 30ms
29ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-267aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903de44e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 mediaelement-migrate.min.js Show response
www.synack.com/wp-includes/js/mediaelement/ 1 KB
616 B 42ms
42ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-4a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903de64e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 wp-mediaelement.min.js Show response
www.synack.com/wp-includes/js/mediaelement/ 906 B
551 B 43ms
42ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-38a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903de74e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 vimeo.min.js Show response
www.synack.com/wp-includes/js/mediaelement/renderers/ 6 KB
2 KB 41ms
40ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/mediaelement/renderers/vimeo.min.js?ver=4.2.16

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-1940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a903de84e13-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 53ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c66d2ad890f2c13bdbe9db7555ec3328708da916ed065f3ff9ba15030262e779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62185
x-xss-protection: 0
expires: Sun, 05 Dec 2021 12:20:28 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
75 KB 45ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f16b14d83c48f6d42b33fb44e94a27e283a76377867979ce09c653314576b03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76376
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Dec 2021 12:20:28 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.synack.com/wp-includes/js/ 18 KB
5 KB 73ms
73ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
server: cloudflare
age: 1566404
etag: W/"60bfebf0-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a90cd211f3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 39ms
7ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 01:24:07 GMT
Server: AkamaiNetStorage
ETag: "461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 753

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 dots-dark.png
www.synack.com/wp-content/themes/synack/next/static/images/patterns/ 52 B
436 B 48ms
47ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/next/static/images/patterns/dots-dark.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd720fc01e6d0b5ea658006db00ab55c69856fa56bbd8176b98b4c43e1f27138

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
cf-cache-status: HIT
age: 3207166
cf-polished: origFmt=png, origSize=1239
content-disposition: inline; filename="dots-dark.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52
last-modified: Tue, 19 Oct 2021 00:59:21 GMT
server: cloudflare
etag: "616e1869-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a90dd3c1f3d-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 single-bullet.png
www.synack.com/wp-content/themes/synack/next/static/images/ 38 B
458 B 36ms
36ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/next/static/images/single-bullet.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3142a289374f8769705a80b618ffc0fbe649a1d7858d7ab310107d209cf12e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
cf-cache-status: HIT
age: 225270
cf-polished: origFmt=png, origSize=71
content-disposition: inline; filename="single-bullet.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38
last-modified: Wed, 01 Dec 2021 23:51:59 GMT
server: cloudflare
etag: "61a80a9f-47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a90ed4f1f3d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 dots.png
www.synack.com/wp-content/themes/synack/assets/media/images/patterns/ 52 B
430 B 61ms
61ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/themes/synack/assets/media/images/patterns/dots.png

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

443ec1aeaafe48ecac9e8780925d42273c931b04aeb7078044c2827b32ec36e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
cf-cache-status: HIT
age: 225269
cf-polished: origFmt=png, origSize=151
content-disposition: inline; filename="dots.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52
last-modified: Wed, 01 Dec 2021 23:52:00 GMT
server: cloudflare
etag: "61a80aa0-97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a90ed501f3d-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 31 KB
31 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 criquegroteskdisplay-lightitalic.woff
www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegroteskdisplay/ 30 KB
30 KB 72ms
71ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegroteskdisplay/criquegroteskdisplay-lightitalic.woff

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f620fad40166ff82f643ab55123f599c61b8e6ca3cacfd845ba2e504e6551c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2557883
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30859
last-modified: Wed, 03 Nov 2021 14:40:59 GMT
server: cloudflare
etag: "61829f7b-788b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a90ed541f3d-FRA

GET
H3 200 Graphik-Regular.woff2
www.synack.com/wp-content/themes/synack/assets/media/fonts/graphik/ 33 KB
33 KB 35ms
35ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/media/fonts/graphik/Graphik-Regular.woff2

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

99a8b909343472521ed4d4509342788c8ba6887355cc8996a31d81ea6bc9d395

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3234394
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33492
last-modified: Tue, 19 Oct 2021 00:59:22 GMT
server: cloudflare
etag: "616e186a-82d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a90ed551f3d-FRA

GET
H2 206 malcolm-stagg-blog-video-calc_pop_full-Web.mp4
cdnm.synack.com/wp-content/uploads/2021/11/ 176 KB
0 7ms
7ms Media
video/mp4 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-video-calc_pop_full-Web.mp4?_=1
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 05 Dec 2021 12:20:28 GMT
last-modified: Fri, 03 Dec 2021 23:48:16 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "61aaacc0-144ce47"
vary: Accept-Encoding
x-cache: HIT
content-type: video/mp4
Content-Range: bytes 0-21286470/21286471
cache-control: public, max-age=31536000
Content-Length: 21286471

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/161/ 11 KB
5 KB 9ms
9ms Script
application/x-javascript 104.111.234.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/161/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.234.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-234-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Sep 2021 00:38:21 GMT
Server: AkamaiNetStorage
ETag: "0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4681
Expires: Tue, 15 Mar 2022 12:20:28 GMT

GET
H2 200 getForm Show response
app-ab15.marketo.com/index.php/form/ 3 KB
1 KB 403ms
403ms Script
application/javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab15.marketo.com/index.php/form/getForm?munchkinId=738-OEX-476&form=1786&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&callback=jQuery112402835829574844968_1638706829028&_=1638706829029

Requested by

Host: app-ab15.marketo.com
URL: https://app-ab15.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6d20237eecb0e38d09334f8d6f2651b3da37040b31c4c77cd057a6712749ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=63113904
cf-ray: 6b8d3a918b4e4ecd-FRA
cached: false

POST
H/1.1 200
OK visitWebPage
738-oex-476.mktoresp.com/webevents/ 2 B
311 B 732ms
97ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://738-oex-476.mktoresp.com/webevents/visitWebPage?_mchNc=1638706829050&_mchCn=&_mchId=738-OEX-476&_mchTk=_mch-synack.com-1638706829049-48317&_mchHo=www.synack.com&_mchPo=&_mchRu=%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 05 Dec 2021 12:20:29 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 29c67cbf-97b6-4a47-b44f-98c09bfb8086

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 55ms
14ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=2oec10&_p=1211978421&sr=1600x1200&ul=en-us&cid=89526994.1638706829&_s=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&dt=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&sid=1638706828&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4762
date: Sun, 05 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 05 Dec 2021 13:01:07 GMT

GET
H3 200 Graphik-Semibold.woff2
www.synack.com/wp-content/themes/synack/assets/media/fonts/graphik/ 33 KB
33 KB 39ms
39ms Font
font/woff2 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/media/fonts/graphik/Graphik-Semibold.woff2

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df0867cca9c7e7bb6adeca5c278eac82fbe02252daf066be66d5adeb6b7ee5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2605726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33964
last-modified: Wed, 03 Nov 2021 14:40:59 GMT
server: cloudflare
etag: "61829f7b-84ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a91aeab1f3d-FRA

GET
H3 200 criquegrotesk-bold.woff
www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegrotesk/ 32 KB
32 KB 76ms
76ms Font
font/woff 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.synack.com/wp-content/themes/synack/assets/media/fonts/criquegrotesk/criquegrotesk-bold.woff
Requested by: Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f677071bb405c125ccadad61964b3d2105f28d3435fbd4f2c46d18509b865097

Request headers

Referer: https://www.synack.com/wp-content/themes/synack/assets/styles/modern.css?ver=7.4.5
Origin: https://www.synack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Jul 2021 23:34:08 GMT
server: cloudflare
age: 11895429
etag: "60f21770-7ee6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3a91aeae1f3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32486

GET
H2 200 malcolm-stagg-blog-top-image.jpg
cdnm.synack.com/wp-content/uploads/2021/11/ 273 KB
273 KB 10ms
10ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-top-image.jpg
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9f14c54f6c961c250a922d738b9f023871181e5c95e65ad40639606fd9617861

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
last-modified: Fri, 03 Dec 2021 23:48:15 GMT
server: NetDNA-cache/2.2
etag: "61aaacbf-4428a"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 279178

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 43ms
10ms Script
application/x-javascript 2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=74732
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 47 KB
16 KB 50ms
9ms Script
text/javascript 2600:9000:2156:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 206743f5a27b61f302352bf4452f78f13aa34bee7589b306e24677dc3a3e875e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: ehOkSJ.OYcbGtirOxrQzIxqoPEiLDyhY
Content-Encoding: gzip
Etag: W/"6d3e5545a63a8b2ad24684d3213523eb"
Age: 1939
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Last-Modified: Wed, 10 Nov 2021 22:19:15 GMT
Server: AmazonS3
Date: Sun, 05 Dec 2021 11:48:10 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: KKWo1bWPAyVTNe3ui62PYL_gRWXDT-QsQd9xGdG1vBNzD3yurMuDTQ==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 48ms
25ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Dec 2021 12:20:29 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 42ms
8ms Script
application/javascript 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 19159983
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: j_fBsiiVqLIXI7NWrhJu_R8LtfQ1Ap9-AgvAT_cMyuRcUw-GSl9WiA==

GET
H2 200 753cbba3.min.js Show response
tag.demandbase.com/ 67 KB
19 KB 310ms
10ms Script
application/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/753cbba3.min.js
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-115.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 645135334cdaa0957f476e584c13aaf817a2d5163d512dc30171b2d458ec9ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: iWQJx23OAkk3dqsEkQ8hBc2lQjzHVLXQ
content-encoding: gzip
last-modified: Wed, 17 Nov 2021 11:08:12 GMT
server: AmazonS3
age: 2245
etag: W/"cb78cdc2860cf0181cf2bcdca69c6b3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
date: Sun, 05 Dec 2021 11:43:05 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: T_FSykcqf3nfG3JMka56IoqEER49ka-Jtp5DLluEz0hzavA6Hd7YNg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 04 Dec 2021 15:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Dec 2022 15:52:19 GMT

GET
H2 200 5150.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 169ms
136ms Script
text/javascript 2606:4700::6812:1abe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/5150.js?p=https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/&e=

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1abe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: 9b1181dd-8f18-4b29-8096-9b83b2ac3f71
x-runtime: 0.006911
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
cf-ray: 6b8d3a924baa691b-FRA

GET
H3 200 mejs-controls.svg
www.synack.com/wp-includes/js/mediaelement/ 4 KB
2 KB 31ms
31ms Image
image/svg+xml 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-includes/js/mediaelement/mejs-controls.svg

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 16:29:29 GMT
server: cloudflare
age: 309591
etag: W/"61a7a2e9-11f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a922f821f3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 main.js Show response
www.synack.com/wp-content/themes/synack/assets/scripts/ 636 KB
163 KB 242ms
241ms Script
application/javascript 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.synack.com/wp-content/themes/synack/assets/scripts/main.js?v=@@version&bust=0.5250002279365711

Requested by

Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/assets/vendor/requirejs/require.js?ver=1.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10e3335be2a8f09b5bd1c34c6b03287f295aa719b891da4dfc4d51ce394a6095

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 03 Dec 2021 23:48:45 GMT
server: cloudflare
etag: W/"61aaacdd-9f02a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000
cf-ray: 6b8d3a923f891f3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 206 malcolm-stagg-blog-video-calc_pop_full-Web.mp4
cdnm.synack.com/wp-content/uploads/2021/11/ 64 KB
0 9ms
6ms Media
video/mp4 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-video-calc_pop_full-Web.mp4?_=1
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash

Request headers

Referer: https://www.synack.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
last-modified: Fri, 03 Dec 2021 23:48:16 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "61aaacc0-144ce47"
vary: Accept-Encoding
x-cache: HIT
content-type: video/mp4
Content-Range: bytes 0-21286470/21286471
cache-control: public, max-age=31536000
Content-Length: 21286471

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
21ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1211978421&t=pageview&_s=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&ul=en-us&de=UTF-8&dt=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=740482993&gjid=1520663389&cid=89526994.1638706829&tid=UA-38714717-1&_gid=1410182072.1638706829&_r=1&gtm=2ouc10&z=98197512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D60233%26time%3D1638706829187%26url%3Dhttps%253A%252F%252Fwww.synack.com%252Fblog%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F...

0
155 B

316ms
122ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&liSync=true&e_ipv6=AQJ4eqgD5AwXYQAAAX2KidjyCNkMKlVUN_MaB0iU1fhmVF6PN0SzrFC5Ta7r-r3Qt2gqy_hZ5A
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: li1j9C3bvRZQOdD1tCoAAA==

Redirect headers

date: Sun, 05 Dec 2021 12:20:29 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FB8B58D4CD1B404BB62714866917467A Ref B: FRAEDGE0917 Ref C: 2021-12-05T12:20:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=60233&time=1638706829187&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&liSync=true&e_ipv6=AQJ4eqgD5AwXYQAAAX2KidjyCNkMKlVUN_MaB0iU1fhmVF6PN0SzrFC5Ta7r-r3Qt2gqy_hZ5A
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXSZSp3NvXm08wYLi/KFQ==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 74ms
23ms Image
image/gif 143.204.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&time=1638706829195&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&random_number=14572373677&sess_cookie=82626a2917d8a89d78aaf16672e&sess_cookie_flag=1&user_cookie=82626a2917d8a89d78aaf16672e&user_cookie_flag=1&dynamic=true&domain=synack.com&account=VRmHv1Fx9f207i&jsv=20130128&user_lang=en-US
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-84.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 04:15:02 GMT
Via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 29127
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: z9cFLIRyCyTA3FsKLlpkHQHx-9jgUjVO4ofxU3PEbHHmBFDIKPGPWg==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 336ms
100ms Image
text/plain 3.141.217.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.141.217.14 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-141-217-14.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
server: Server

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/952412761/ 2 KB
1 KB 61ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/952412761/?random=1638706829206&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1459e4478d58b5e86bb609fe16987911adf172d5b26d35ae38340b24c9b4b25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
952412761.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/952412761/ 0
0 294ms
16ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://952412761.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/952412761/?random=1638706829206&cv=9&fst=1638706829206&num=1&fmt=3&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-952412761/ 2 KB
2 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-952412761/?random=1638706829214&cv=9&fst=1638706829214&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00279dfa56613e31ebb9c8cb53bb4111356d3b422cc28120311426b6f5c63565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/5QXCA3VWPJCOHHBA7OF3OD/index.js
https://s.adroll.com/j/exp/index.js

28 B
763 B

34ms
33ms

Script
application/javascript

2600:9000:2156:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: HTTP/1.1
Server: 2600:9000:2156:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 132325
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Mon, 18 Oct 2021 21:07:54 GMT
Server: AmazonS3
Date: Sun, 05 Dec 2021 04:11:34 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Lh8FgFhMGy2J2Q3MKz6M08kGTNJa7xxCfWYdvKioCnfMRSqHW7lHuw==

Redirect headers

Date: Sat, 04 Dec 2021 18:27:55 GMT
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Age: 64353
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Y6quIK-iBzp3enn52BnizlkyVxQQRuU0qXb950EP9HZgBU9YL3QOjw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/5QXCA3VWPJCOHHBA7OF3OD/DSII7FW6GBCNZN3IPKELZ7/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

17ms
11ms

Script
application/javascript

2600:9000:2156:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: HTTP/1.1
Server: 2600:9000:2156:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 56045
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Sun, 05 Dec 2021 05:06:15 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pQAKclkd56aUKwcdP9jQJO_uqLb-CAnEmOV6Qrzbi94CZKPaEHg5Sg==

Redirect headers

Date: Sat, 04 Dec 2021 15:18:43 GMT
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Age: 75706
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: M5-boc8rXkT_rFupMc-z0arGwctBf2ZHfuHTxsBmxPU8GEaGomGJig==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/5QXCA3VWPJCOHHBA7OF3OD/DSII7FW6GBCNZN3IPKELZ7/ 0
786 B 35ms
9ms Script
text/javascript 2600:9000:2156:1a00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/5QXCA3VWPJCOHHBA7OF3OD/DSII7FW6GBCNZN3IPKELZ7/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Amz-Version-Id: vL4VcffRapvaOhcUKRf9Yg9I1o.Ticco
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 2085
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Sat, 20 Nov 2021 23:14:13 GMT
Server: AmazonS3
Date: Sun, 05 Dec 2021 12:20:16 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2CeJz5rofRoER0k2VyE6QoNeJvKI0-KjhuRDeOKrrYCi3A_31ZojJA==

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 1 KB
1 KB 268ms
72ms XHR
application/json 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fwww.synack.com%2Fsolutions%2Fvulnerability-management%2F&page=https%3A%2F%2Fwww.synack.com%2F&page_title=Synack%20-%20Most%20Trusted%20Crowdsourced%20Penetration%20Testing%20Platform&src=tag&key=30128767b129bf44d73ae254545319b5
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 24b179e26466761d619130f98283ef4945e1f17f7f1d2a2c314166056dd851b7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: 24b5cf1a-4dbf-44d0-a49e-82140bcec0f2
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.synack.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XB3KFmDoeYE1VhnRx5pczj_FHLLaEWdTsQKCrgmjOYvOP3xwwyfA4w==
expires: Sat, 04 Dec 2021 12:20:29 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 1 KB
1 KB 281ms
87ms XHR
application/json 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=https%3A%2F%2Fwww.synack.com%2Fsolutions%2Fvulnerability-management%2F&page=https%3A%2F%2Fwww.synack.com%2F&page_title=Synack%20-%20Most%20Trusted%20Crowdsourced%20Penetration%20Testing%20Platform&src=tag&key=30128767b129bf44d73ae254545319b5
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 24b179e26466761d619130f98283ef4945e1f17f7f1d2a2c314166056dd851b7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
identification-source: CACHE
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: a586bcf7-00cb-4399-8a0d-742702b75d2a
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.synack.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bfq0meWd3_uOt-WAqvPFiybfOsgVqvf_IRIV38LAB5pK3FcC-OpISA==
expires: Sat, 04 Dec 2021 12:20:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 284ms
15ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-38714717-1&cid=89526994.1638706829&jid=740482993&gjid=1520663389&_gid=1410182072.1638706829&_u=YADAAUAAAAAAAC~&z=1597397587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 05 Dec 2021 12:20:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.synack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/952412761/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&...
https://www.google.com/pagead/1p-conversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.de/pagead/1p-conversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_a...

42 B
64 B

41ms
23ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ja6sYeyVD5P4gAfz5JewDw&eitems=ChAIgOOxjQYQkqO3s5esn_RfEh0AexV_LDbwfcQ59htZlQLKnYduHqjZEUqautZ3Ug&random=3280993387&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/952412761/?random=1491050772&cv=9&fst=1638706829206&num=1&value=0&label=-EdECKePxfkBENnUksYD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&auid=598983505.1638706829&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ja6sYeyVD5P4gAfz5JewDw&eitems=ChAIgOOxjQYQkqO3s5esn_RfEh0AexV_LDbwfcQ59htZlQLKnYduHqjZEUqautZ3Ug&random=3280993387&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-952412761/ 42 B
548 B 51ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-952412761/?random=1638706829214&cv=9&fst=1638705600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&async=1&fmt=3&is_vtc=1&random=2203410215&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-952412761/ 42 B
548 B 44ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-952412761/?random=1638706829214&cv=9&fst=1638705600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&tiba=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&async=1&fmt=3&is_vtc=1&random=2203410215&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5QXCA3VWPJCOHHBA7OF3OD Show response
d.adroll.com/consent/check/ 396 B
489 B 107ms
31ms Script
application/javascript 34.253.133.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5QXCA3VWPJCOHHBA7OF3OD?arrfrr=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&_s=aa1c4bb98feddbc612858dcc52ecee7b&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.133.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-133-188.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 035d171ef9d65922620c66ecfd17f1ce1beae1dc0531cba224b3f9243241ff4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
server: nginx/1.20.0
content-length: 396
content-type: application/javascript

GET
H2 200 forms2.css
app-ab15.marketo.com/js/forms2/css/ 13 KB
3 KB 27ms
26ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab15.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab15.marketo.com
URL: https://app-ab15.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2365
vary: Accept-Encoding
content-length: 2623
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
etag: "2700d2f-3437-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b8d3a9448df4ecd-FRA
expires: Sun, 05 Dec 2021 16:20:29 GMT

GET
H2 200 forms2-theme-simple.css
app-ab15.marketo.com/js/forms2/css/ 826 B
367 B 22ms
22ms Stylesheet
text/css 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab15.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-ab15.marketo.com
URL: https://app-ab15.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3610
vary: Accept-Encoding
content-length: 242
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
etag: "da0360-33a-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6b8d3a9448e14ecd-FRA
expires: Sun, 05 Dec 2021 16:20:29 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AADVCU7DWV0AACppNaeASg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADVCU7DWV0AACppNaeASg&verifyHash=4454e2dc5e36df37831788eac5a525428bea2d48

26 B
409 B

189ms
189ms

Image
image/gif

143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADVCU7DWV0AACppNaeASg&verifyHash=4454e2dc5e36df37831788eac5a525428bea2d48
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: HTTP/1.1
Server: 143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-76.fra50.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:29 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 29c8d13cf318e257
X-Amz-Cf-Id: PAm4YLgLxgaCPKhjsshJ2HCmvwOheFNvApi4qy6pY0iNXDukyISahA==

Redirect headers

Date: Sun, 05 Dec 2021 12:20:29 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AADVCU7DWV0AACppNaeASg&verifyHash=4454e2dc5e36df37831788eac5a525428bea2d48
Connection: keep-alive
trace-id: a63ff7874ae64941
Content-Length: 0
X-Amz-Cf-Id: P-Fj5OHSxRPLmlo8XQDW7F3SXS2CKfBf9_mEVQDs1JfL_qII8N8E2g==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
66 B 38ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 4 KB
1 KB 78ms
60ms XHR
application/json 143.204.98.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.synack.com%2Fblog%2Fthis-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control%2F&page_title=This%20Microsoft%20Windows%20RCE%20Vulnerability%20Gives%20an%20Attacker%20Complete%20Control%20-%20Synack&src=tag&auth=l0C5wAl3TSLd47QBTgUvLnkeWjMRM1Yvt5q2OOOa
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/753cbba3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-72.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: 7cf3744ae76e36a69c65e132363a76800aa60d0d0551ab510017f12ca37a101f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
identification-source: CENTRAL
vary: Accept-Encoding, Origin
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
request-id: 04e17ef2-c006-41b6-b97f-a55bc2cdfd09
content-encoding: gzip
pragma: no-cache
access-control-allow-origin: https://www.synack.com
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: thxfXFcqbkuwqb5GV2Y-9tD_-p1qOibKtED26qewE0ZH0BfjDnsgcg==
expires: Sat, 04 Dec 2021 12:20:29 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
32ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38714717-1&cid=89526994.1638706829&jid=740482993&_u=YADAAUAAAAAAAC~&z=708997215

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-38714717-1&cid=89526994.1638706829&jid=740482993&_u=YADAAUAAAAAAAC~&z=708997215

Requested by

Host: www.synack.com
URL: https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Dec 2021 12:20:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XDFrame Show response
app-ab15.marketo.com/index.php/form/ Frame B7D5 2 KB
859 B 381ms
381ms Document
text/html 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab15.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab15.marketo.com
URL: https://app-ab15.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eb2e9d6fa6eb867733f41587c9f264806f067c62b1f9ec658077dc26a0b906b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-type: text/html; charset=utf-8
content-length: 653
cache-control: max-age=3600
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b8d3a9499714ecd-FRA

GET
H2 200 forms2.min.js Show response
app-ab15.marketo.com/js/forms2/js/ Frame B7D5 205 KB
68 KB 32ms
32ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab15.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: app-ab15.marketo.com
URL: https://app-ab15.marketo.com/index.php/form/XDFrame

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app-ab15.marketo.com/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 12 Oct 2021 18:01:53 GMT
server: cloudflare
age: 3654
etag: "d804b9-33210-5ce2ba3f1c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6b8d3a970e174ecd-FRA
expires: Sun, 05 Dec 2021 16:20:29 GMT

GET
H/1.1 200
OK messenger Show response
app.qualified.com/w/1/wMSIsrvzp9xgEeyW/ Frame 0FC8 3 KB
2 KB 356ms
123ms Document
text/html 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-249-86.compute-1.amazonaws.com

Software

nginx /

Resource Hash

72f81add62a259d2263afcf0f6adb6c7c79ab3d04f478ca33874b48d436b0c8c

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Security-Policy
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Dec 2021 12:20:30 GMT
Etag: W/"72f81add62a259d2263afcf0f6adb6c7"
Link: </packs/css/2-d29c8f89.chunk.css>; rel=preload; as=style; nopush,</packs/css/widget/sandboxed/messenger-d46acbed.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (279557a225d7)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 08b8c48e-eab2-ec8d-29ae-241004a1ad43
X-Runtime: 0.012161
X-Xss-Protection: 1; mode=block
Content-Length: 1101

POST
H/1.1 200
OK page_views Show response
app.qualified.com/w/1/wMSIsrvzp9xgEeyW/ 286 B
1 KB 148ms
148ms XHR
application/json 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/page_views?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113

Requested by

Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-249-86.compute-1.amazonaws.com

Software

nginx /

Resource Hash

25fcaab10f28041488dd7b07ed7fc664d94334bb9fa81fc13783d21ffc36702e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.synack.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json; charset=UTF-8

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 7200
Vary: Accept, Accept-Encoding, Origin
Content-Length: 265
X-Xss-Protection: 1; mode=block
X-Request-Id: a842cf68-631b-eb88-351e-5ff5c2a17777
X-Runtime: 0.036614
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: SAMEORIGIN
Etag: W/"25fcaab10f28041488dd7b07ed7fc664"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, PUT, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 spaces-router (279557a225d7)
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

OPTIONS
H/1.1 200
OK page_views
app.qualified.com/w/1/wMSIsrvzp9xgEeyW/ Frame 0
0 341ms
110ms Preflight 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/page_views?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.synack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Access-Control-Max-Age: 7200
Date: Sun, 05 Dec 2021 12:20:30 GMT
Server: nginx
Via: 1.1 spaces-router (279557a225d7)
Content-Length: 0

GET
H/1.1 200
OK 2-d29c8f89.chunk.css
app.qualified.com/packs/css/ Frame 0FC8 20 KB
4 KB 113ms
113ms Stylesheet
text/css 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/css/2-d29c8f89.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 889910bd602fe775e79f9b7e78d50040c61d9494b90ebc97800b3ae7976cbb49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 07:11:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 3894
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messenger-d46acbed.chunk.css
app.qualified.com/packs/css/widget/sandboxed/ Frame 0FC8 5 KB
1 KB 234ms
109ms Stylesheet
text/css 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/css/widget/sandboxed/messenger-d46acbed.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 19450de42b740616a0ae81907248584c4129e7a46c32a0c735a56d1572b5b380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 07:11:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 1115
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messenger~runtime-dafe21483d2a4a7bd206.js Show response
app.qualified.com/packs/js/widget/sandboxed/ Frame 0FC8 1 KB
1 KB 329ms
110ms Script
application/javascript 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/js/widget/sandboxed/messenger~runtime-dafe21483d2a4a7bd206.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: c0836e0ca85c352993c12e75d531b1394a2be0b679828a749c1922b9f66032a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 07:11:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 728
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2-48f39726a5680a1d470b.chunk.js Show response
app.qualified.com/packs/js/widget-sandboxed-chunks/ Frame 0FC8 1 MB
315 KB 330ms
110ms Script
application/javascript 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/js/widget-sandboxed-chunks/2-48f39726a5680a1d470b.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 733a1a6f4c1428f03771394f9e8fa1b509c880ff9c048e1df138fc225b77cf4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 07:11:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 321885
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK messenger-ba6b8f70e3b6c00d1a5a.chunk.js Show response
app.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 0FC8 413 KB
89 KB 218ms
109ms Script
application/javascript 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-ba6b8f70e3b6c00d1a5a.chunk.js
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4f66602c42cda171e6acfd7237aa9f3133746d6c681fbb61990776c2d7ed30d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Dec 2021 07:11:53 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 spaces-router (279557a225d7)
Cache-Control: max-age=315360000, public
Content-Length: 90743
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Inter-Regular-cd3c302ecefb19f92003ef258645c37c.woff2
app.qualified.com/packs/media/fonts/inter/ Frame 0FC8 115 KB
115 KB 328ms
110ms Font
font/woff2 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/media/fonts/inter/Inter-Regular-cd3c302ecefb19f92003ef258645c37c.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bf1ffcb96984568b22f7a9029dd980abb5a4a47700f588a16b8ace0f7412977e

Request headers

Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Origin: https://app.qualified.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Via: 1.1 spaces-router (279557a225d7)
Last-Modified: Sun, 05 Dec 2021 07:13:46 GMT
Server: nginx
Etag: "61ac66aa-1ca00"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 117248
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Inter-SemiBold-c1b3bf01f912184899dbb6fbb4029910.woff2
app.qualified.com/packs/media/fonts/inter/ Frame 0FC8 123 KB
123 KB 331ms
109ms Font
font/woff2 100.25.249.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.qualified.com/packs/media/fonts/inter/Inter-SemiBold-c1b3bf01f912184899dbb6fbb4029910.woff2
Requested by: Host: app.qualified.com
URL: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 100.25.249.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-25-249-86.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 41e5c059963bd8f9bc4097f78535c3d722f4d73e75c46b2df5cc74bf864af150

Request headers

Referer: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=4e8231b9-6c3f-406e-871f-bc38ce5c4113
Origin: https://app.qualified.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:30 GMT
Via: 1.1 spaces-router (279557a225d7)
Last-Modified: Sun, 05 Dec 2021 07:13:46 GMT
Server: nginx
Etag: "61ac66aa-1eacc"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 125644
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 malcolm-stagg-blog-image1.png
cdnm.synack.com/wp-content/uploads/2021/11/ 17 KB
17 KB 8ms
8ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-image1.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 04bdec67f6d2d91daf59ace2148535874f338d68d43902b8a965b752f07adeb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:31 GMT
last-modified: Fri, 03 Dec 2021 23:48:15 GMT
server: NetDNA-cache/2.2
etag: "61aaacbf-4456"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17494

GET
H/1.1 200
OK c9d49cde0f0de4bffeb7b7379b224cbc905aad4656c1403388d26d935b9cb45d.png
qualified-production.s3.amazonaws.com/uploads/ Frame 0FC8 3 KB
3 KB 436ms
120ms Image
image/png 52.216.18.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.amazonaws.com/uploads/c9d49cde0f0de4bffeb7b7379b224cbc905aad4656c1403388d26d935b9cb45d.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0415a1e0758df57f62e6ba13549fad6ea0664196d056591eaa2686baaae0dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:34 GMT
Last-Modified: Fri, 03 Apr 2020 23:28:50 GMT
Server: AmazonS3
x-amz-request-id: EDCZR1T7D4M3FNSQ
ETag: "12877152597e8d9da427b8a9899a2957"
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 2565
x-amz-id-2: PnwBgCCBh4/tv/Iz/sFarT8vPOrnO/c0YqdqUQSbnxfoUItrH3NJ1mc+50t5b/qSBXyAQeQgtHQ=

GET
H3 200 synackProducts-campaigns-logoPgBreak.png
www.synack.com/wp-content/uploads/2021/10/ Frame 0FC8 33 KB
34 KB 33ms
33ms Image
image/webp 141.193.213.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.synack.com/wp-content/uploads/2021/10/synackProducts-campaigns-logoPgBreak.png

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa7bc6f72b6a605eb0de39e1e4221ac91b1e909f4ccce7c496d910d46ca950d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:33 GMT
cf-cache-status: HIT
age: 143933
cf-polished: origFmt=png, origSize=47645
content-disposition: inline; filename="synackProducts-campaigns-logoPgBreak.webp"
strict-transport-security: max-age=63072000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 33918
last-modified: Wed, 01 Dec 2021 23:51:35 GMT
server: cloudflare
etag: "61a80a87-ba1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6b8d3aaadc161f3d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 malcolm-stagg-blog-image2.png
cdnm.synack.com/wp-content/uploads/2021/11/ 25 KB
25 KB 7ms
7ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdnm.synack.com/wp-content/uploads/2021/11/malcolm-stagg-blog-image2.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 12bb2e698a3088a176d1d667feec9242e98196c0dfce408d3579437abb84a005

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.synack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 05 Dec 2021 12:20:33 GMT
last-modified: Fri, 03 Dec 2021 23:48:15 GMT
server: NetDNA-cache/2.2
etag: "61aaacbf-6411"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25617

GET
H/1.1 200
OK c9d49cde0f0de4bffeb7b7379b224cbc905aad4656c1403388d26d935b9cb45d.png
qualified-production.s3.amazonaws.com/uploads/ Frame 0FC8 3 KB
3 KB 110ms
110ms Image
image/png 52.216.18.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qualified-production.s3.amazonaws.com/uploads/c9d49cde0f0de4bffeb7b7379b224cbc905aad4656c1403388d26d935b9cb45d.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.18.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0415a1e0758df57f62e6ba13549fad6ea0664196d056591eaa2686baaae0dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.qualified.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 05 Dec 2021 12:20:34 GMT
Last-Modified: Fri, 03 Apr 2020 23:28:50 GMT
Server: AmazonS3
x-amz-request-id: EDCZ489VNEEPAVSK
ETag: "12877152597e8d9da427b8a9899a2957"
Content-Type: image/png
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 2565
x-amz-id-2: eFmlUmgiXQOheN9Bydwov1Fzh/jHn7QVpZFZoNv7TaO2cstJTMKsQT2eB+BIwu75MwTpKEKNIHo=

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app-ab15.marketo.com/	1970-01-19 23:11:48	Name: __cf_bm Value: h21ZD4Y1M8CnPUO0BeeYd7klHjkgBKj4DDFjPZXQrws-1638706828-0-AVu7rRVc8GBUSlvxhT0rZ9K+96l/NZSmJ4f39xfjxgkcbdJM8dCQpiIBeE/cklCuXrFNVBMTRV35SUuuj4Rslt4=
.synack.com/	1970-01-20 16:42:58	Name: _mkto_trk Value: id:738-OEX-476&token:_mch-synack.com-1638706829049-48317
.synack.com/	1970-01-20 16:42:58	Name: _ga_XVS579G3KG Value: GS1.1.1638706828.1.0.1638706828.0
.synack.com/	1970-01-20 01:21:22	Name: _gcl_au Value: 1.1.598983505.1638706829
.synack.com/	1970-01-19 23:54:58	Name: GDPR_consent Value: false
.synack.com/	1969-12-31 23:59:59	Name: pageView Value: 1
.synack.com/	1969-12-31 23:59:59	Name: visited Value: true
.synack.com/	1969-12-31 23:59:59	Name: syn Value: {"firsttouch":{"LeadSource":"none","LeadMedium":"none","LeadType":"none","LeadName":"none","LeadCampaign":"none","Referrer":"Direct","LandingPage":"https://www.synack.com/blog/this-microsoft-windows-rce-vulnerability-gives-an-attacker-complete-control/"},"Journey":{"PageviewCount":"1"}}
.synack.com/	1970-01-20 16:42:58	Name: _ga Value: GA1.2.89526994.1638706829
.synack.com/	1970-01-19 23:13:13	Name: _gid Value: GA1.2.1410182072.1638706829
.synack.com/	1970-01-19 23:11:46	Name: _gat_gtag_UA_38714717_1 Value: 1
.synack.com/	1970-01-19 23:11:48	Name: __asc Value: 82626a2917d8a89d78aaf16672e
.synack.com/	1970-01-20 07:58:49	Name: __auc Value: 82626a2917d8a89d78aaf16672e
.doubleclick.net/	1970-01-19 23:11:47	Name: test_cookie Value: CheckForPermission
tracking.g2crowd.com/	1970-01-19 23:31:56	Name: _session_id Value: 6b1fcdfe4b535cde4ae451648f0ff99e
.g2crowd.com/	1970-01-19 23:11:48	Name: __cf_bm Value: nfUTWFrgAwdASSJLkMmC.agX1g.golIlkETI6fOSFn4-1638706829-0-AWSc8y+GnNbAhCqC4gvviR0mBno0V1WkOvSE+Dz2M19y6GQiPn5Np+r3pN65qkifrCdDI1zIJtGkBw29qd9bwLg=
.linkedin.com/	1970-01-19 23:54:58	Name: UserMatchHistory Value: AQI5Z2pvzBtnaQAAAX2KidgDFS4MZCb0YCV_znlMqQTMQIy7avMm16CChGSHHo9XIRSN6sD_ELFiwA
.linkedin.com/	1970-01-19 23:54:58	Name: AnalyticsSyncHistory Value: AQIv5BywjVN07AAAAX2KidgD3TxCrqFBH6IlojQxJE59YjX4zEcNikXHnHM0TxrsEgM_qpo2_WahrdjXUCN5YQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:43:40	Name: bcookie Value: "v=2&7b927076-5d90-4937-878f-d5430dc73644"
.linkedin.com/	1970-01-19 23:13:13	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2183:u=1:x=1:i=1638706829:t=1638793229:v=2:sig=AQFdZPPlIjxiIXa4KzK9mpr6wp16wD7t"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:43:40	Name: bscookie Value: "v=1&20211205122029570c2590-616d-4a71-8dd3-a545ffe4d644AQHtdIomgc-gi78tCStK26LldpdogrKH"
.linkedin.com/	1970-01-20 16:40:01	Name: li_gc Value: MTswOzE2Mzg3MDY4Mjk7MjswMjH0V+/OjkTxrTixqb438RktoldI0PXYLDj69FkwUqrOhg==
.bidr.io/	1970-01-20 08:40:16	Name: bito Value: AADVCU7DWV0AACppNaeASg
.bidr.io/	1970-01-20 08:40:16	Name: bitoIsSecure Value: ok
.company-target.com/	1970-01-20 16:42:58	Name: tuuid Value: 1c33ab5c-eda2-4cf8-9c9f-50f615eea383
.company-target.com/	1970-01-20 16:42:58	Name: tuuid_lu Value: 1638706829
.synack.com/	1970-01-23 14:47:46	Name: __q_state_wMSIsrvzp9xgEeyW Value: eyJ1dWlkIjoiNGU4MjMxYjktNmMzZi00MDZlLTg3MWYtYmMzOGNlNWM0MTEzIiwiY29va2llRG9tYWluIjoic3luYWNrLmNvbSIsIm1lc3NlbmdlckV4cGFuZGVkIjpmYWxzZSwicHJvbXB0RGlzbWlzc2VkIjpmYWxzZSwiY29udmVyc2F0aW9uSWQiOiI3NjU0ODM2ODEzNzc3MDYyMzIifQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

738-oex-476.mktoresp.com
952412761.privacysandbox.googleadservices.com
ajax.googleapis.com
api.company-target.com
app-ab15.marketo.com
app.qualified.com
cdnm.synack.com
certify-js.alexametrics.com
certify.alexametrics.com
d.adroll.com
googleads.g.doubleclick.net
id.rlcdn.com
js.qualified.com
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
qualified-production.s3.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.adroll.com
segments.company-target.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
tracking.g2crowd.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.linkedin.com
www.synack.com
100.25.249.86
104.111.234.67
104.16.93.80
108.174.10.14
141.193.213.21
142.250.185.194
142.250.185.226
143.204.98.115
143.204.98.43
143.204.98.72
143.204.98.76
143.204.98.84
192.28.144.124
2600:9000:2156:1a00:6:9280:1080:93a1
2606:4700::6812:1abe
2620:1ec:21::14
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a02:26f0:6c00::210:ba13
3.141.217.14
34.195.187.5
34.248.204.54
34.253.133.188
35.244.174.68
52.216.18.200
94.31.29.99
00279dfa56613e31ebb9c8cb53bb4111356d3b422cc28120311426b6f5c63565
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
035d171ef9d65922620c66ecfd17f1ce1beae1dc0531cba224b3f9243241ff4e
04bdec67f6d2d91daf59ace2148535874f338d68d43902b8a965b752f07adeb4
086f137fed04f5feb4b046f9a43fcfe6119b9970b2d477004c954d444183bba1
0df0867cca9c7e7bb6adeca5c278eac82fbe02252daf066be66d5adeb6b7ee5a
10e3335be2a8f09b5bd1c34c6b03287f295aa719b891da4dfc4d51ce394a6095
12bb2e698a3088a176d1d667feec9242e98196c0dfce408d3579437abb84a005
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1459e4478d58b5e86bb609fe16987911adf172d5b26d35ae38340b24c9b4b25f
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
19450de42b740616a0ae81907248584c4129e7a46c32a0c735a56d1572b5b380
1eb2e9d6fa6eb867733f41587c9f264806f067c62b1f9ec658077dc26a0b906b
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
206743f5a27b61f302352bf4452f78f13aa34bee7589b306e24677dc3a3e875e
237bd993907030a273b2792972ae204a24f4b5f2a6f895bc8e6dcc4e7ef82948
24b179e26466761d619130f98283ef4945e1f17f7f1d2a2c314166056dd851b7
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
25fcaab10f28041488dd7b07ed7fc664d94334bb9fa81fc13783d21ffc36702e
2689a0237a95cfd8135f8da3ac79c430e903f3c542f8b862f68141c84c348c43
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3142a289374f8769705a80b618ffc0fbe649a1d7858d7ab310107d209cf12e39
346b4cd789dfa63e4695ee5386d2f115a4233da2bab3c322f2fc32c87a854ce9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
41e5c059963bd8f9bc4097f78535c3d722f4d73e75c46b2df5cc74bf864af150
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
443ec1aeaafe48ecac9e8780925d42273c931b04aeb7078044c2827b32ec36e1
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4f66602c42cda171e6acfd7237aa9f3133746d6c681fbb61990776c2d7ed30d3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
581252f274cf79145434a010cfff21020948a4d137807e77df474a6e716139e1
58845150caaa7d904242ef0972d8e1ab41057b8d16e3b4417b41f9c6781ac839
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b6d20237eecb0e38d09334f8d6f2651b3da37040b31c4c77cd057a6712749ae
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
622d446ce9c470332c48be1b028bfe2ff3f63eb91858de445b6f9ff88b583262
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
645135334cdaa0957f476e584c13aaf817a2d5163d512dc30171b2d458ec9ed6
6507c367859d5e5c2b734d3358d843bdc7f1590575ce944a0847aebc661096f5
658dbe207a33dec1d4b894ed0f59cdaeadd7db49c198dc4626377ae09aa8d9a9
677010f1947af5a4a2ee51eabf78f3ff907a252c76c8614741fbc26998ef095e
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
722a90d42ef2bd0ea38f0fdac6b4c0523aa4a027e9ffe889972100746e165582
72f81add62a259d2263afcf0f6adb6c7c79ab3d04f478ca33874b48d436b0c8c
733a1a6f4c1428f03771394f9e8fa1b509c880ff9c048e1df138fc225b77cf4b
7c33ec6452165bb33269a7e99ff7374943cc4ab4c2dce46d5ca2a8e8d8a0aabc
7cf3744ae76e36a69c65e132363a76800aa60d0d0551ab510017f12ca37a101f
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
889910bd602fe775e79f9b7e78d50040c61d9494b90ebc97800b3ae7976cbb49
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99a8b909343472521ed4d4509342788c8ba6887355cc8996a31d81ea6bc9d395
9aafa38d431075d0f6c738a2633785fd32fada0e14408bd662d95e608ddb4daf
9f14c54f6c961c250a922d738b9f023871181e5c95e65ad40639606fd9617861
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa7bc6f72b6a605eb0de39e1e4221ac91b1e909f4ccce7c496d910d46ca950d1
ad55816ac6c62f214e60a1913ff4f0215ab329034cbc7436a5514941449ca7b9
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd720fc01e6d0b5ea658006db00ab55c69856fa56bbd8176b98b4c43e1f27138
bf1ffcb96984568b22f7a9029dd980abb5a4a47700f588a16b8ace0f7412977e
c0415a1e0758df57f62e6ba13549fad6ea0664196d056591eaa2686baaae0dcc
c0836e0ca85c352993c12e75d531b1394a2be0b679828a749c1922b9f66032a9
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c66d2ad890f2c13bdbe9db7555ec3328708da916ed065f3ff9ba15030262e779
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
d4648000232eaa38f5faf3347dcf39ee81fda4a9ff1d47a3bb9a2a157b7c6a7c
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8c008c043b3071db0d9e13ba604be68446936f13d7b60c821bcfcc5d84bf253
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e678c76d62f82dcfe3bf5b787fdd456cf57c6d2e4ac9f4d635286d1ef3de13c6
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16b14d83c48f6d42b33fb44e94a27e283a76377867979ce09c653314576b03b
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f620fad40166ff82f643ab55123f599c61b8e6ca3cacfd845ba2e504e6551c38
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f677071bb405c125ccadad61964b3d2105f28d3435fbd4f2c46d18509b865097
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe42011e3ca7ba0f21f52d5c33652bb0a4bedf9e647bef79b5f29c3297778fc2
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.synack.com Open in urlscan Pro 141.193.213.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

98 Requests

95 %HTTPS

38 %IPv6

24 Domains

33 Subdomains

31 IPs

6 Countries

2184 kBTransfer

5750 kBSize

29 Cookies

7 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.synack.com Open in urlscan Pro
141.193.213.21 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

95 %
HTTPS

38 %
IPv6

24
Domains

33
Subdomains

31
IPs

6
Countries

2184 kB
Transfer

5750 kB
Size

29
Cookies

98 HTTP transactions
9 data transactions