Submitted URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=
Effective URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Submission: On January 14 via api from US

Summary

This website contacted 28 IPs in 5 countries across 24 domains to perform 82 HTTP transactions. The main IP is 104.196.191.243, located in United States and belongs to GOOGLE, US. The main domain is labs.detectify.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on May 24th 2020. Valid for: a year.
This is the only time labs.detectify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 29 104.196.191.243 15169 (GOOGLE)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.134 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.130 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.113.140 54113 (FASTLY)
1 151.101.13.2 54113 (FASTLY)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 143.204.215.88 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 3.213.100.238 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.197.143.221 14618 (AMAZON-AES)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.64.134 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 143.204.215.65 16509 (AMAZON-02)
4 151.101.112.64 54113 (FASTLY)
82 28
Domain
Subdomains
Transfer
27 detectify.com
698 KB
7 disqus.com
37 KB
7 typekit.net
105 KB
6 disquscdn.com
257 KB
5 gstatic.com
79 KB
3 linkedin.com
1 KB
3 driftt.com
81 KB
3 google-analytics.com
52 KB
2 viglink.com
775 B
2 facebook.com
496 B
2 google.de
637 B
2 google.com
637 B
2 doubleclick.net
1 KB
2 bing.com
9 KB
2 quora.com
14 KB
2 facebook.net
92 KB
2 wpengine.com
577 KB
2 fonts.googleapis.com
2 KB
1 driftqa.com
21 KB
1 reddit.com
125 B
1 licdn.com
2 KB
1 redditstatic.com
6 KB
1 googleadservices.com
13 KB
1 googletagmanager.com
39 KB
82 24
Domain Requested by
27 labs.detectify.com 3 redirects labs.detectify.com
6 c.disquscdn.com detectify.disqus.com
6 use.typekit.net labs.detectify.com
5 fonts.gstatic.com fonts.googleapis.com
4 links.services.disqus.com c.disquscdn.com
3 js.driftt.com labs.detectify.com
js.driftt.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
labs.detectify.com
2 cdn.viglink.com labs.detectify.com
2 disqus.com detectify.disqus.com
2 www.facebook.com labs.detectify.com
connect.facebook.net
2 www.google.de labs.detectify.com
2 www.google.com labs.detectify.com
2 px.ads.linkedin.com 1 redirects labs.detectify.com
2 bat.bing.com labs.detectify.com
2 connect.facebook.net labs.detectify.com
connect.facebook.net
2 labsdetectify.wpengine.com labs.detectify.com
2 fonts.googleapis.com labs.detectify.com
1 p.typekit.net labs.detectify.com
1 js.driftqa.com labs.detectify.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 alb.reddit.com labs.detectify.com
1 q.quora.com labs.detectify.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com labs.detectify.com
1 a.quora.com labs.detectify.com
1 www.redditstatic.com labs.detectify.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com labs.detectify.com
1 detectify.disqus.com labs.detectify.com
82 30
Subject / Issuer Validity Valid
labs.detectify.com
RapidSSL RSA CA 2018
2020-05-24 -
2021-05-25
a year
use.typekit.net
DigiCert SHA2 Secure Server CA
2020-01-28 -
2022-02-01
2 years
upload.video.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
*.gstatic.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
*.wpengine.com
RapidSSL RSA CA 2018
2019-07-01 -
2021-08-29
2 years
*.disqus.com
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-05-09
2 years
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
www.googleadservices.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-08 -
2021-07-06
6 months
quora.com
R3
2020-12-27 -
2021-03-27
3 months
www.bing.com
Microsoft RSA TLS CA 02
2020-10-27 -
2021-04-27
6 months
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years
drift.com
Amazon
2020-09-21 -
2021-10-23
a year
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-01-06 -
2021-07-05
6 months
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
www.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
www.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
*.quora.com
R3
2020-12-27 -
2021-03-27
3 months
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-08 -
2021-07-06
6 months
driftqa.com
Amazon
2020-06-18 -
2021-07-18
a year
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-15 -
2021-08-15
a year
*.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
*.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years
viglink.com
Amazon
2020-12-13 -
2022-01-11
a year
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2
2020-11-25 -
2021-12-27
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i


Stats

0
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

82 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more
Redirect Chain
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=
  • http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
23 KB
7 KB
Document
General
Full URL
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
7c4747d3a3a7212c5408a4855d277546073a9b32b1bfd164692d758be5de7b5b

Request headers

:method
GET
:authority
labs.detectify.com
:scheme
https
:path
/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Thu, 14 Jan 2021 01:30:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-pingback
link
<https://labs.detectify.com/wp-json/>; rel="https://api.w.org/" <https://labs.detectify.com/wp-json/wp/v2/posts/113>; rel="alternate"; type="application/json" <https://labs.detectify.com/?p=113>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 1
x-cache-group
normal
content-encoding
br

Redirect headers

server
nginx
date
Thu, 14 Jan 2021 01:30:28 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
expires
Thu, 14 Jan 2021 02:30:28 GMT
x-redirect-by
WordPress
x-powered-by
WP Engine
x-cacheable
non200
cache-control
max-age=600, must-revalidate
x-cache
MISS
x-cache-group
normal
tzo5nif.js
use.typekit.net
18 KB
7 KB
Script
General
Full URL
https://use.typekit.net/tzo5nif.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0ffbc7ee851f346b57d21c7eec566017064431ec7b93e28b020a7351c1996f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 14 Jan 2021 01:30:28 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
6896
css?family=Alegreya:400,400i,700,700i%7COpen+Sans:400,400i,700,700i
fonts.googleapis.com
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a12c794412c0356b1eefb9fe3695f757094a602a2f24659f051f7787195a6ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 01:30:28 GMT
server
ESF
date
Thu, 14 Jan 2021 01:30:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Jan 2021 01:30:28 GMT
style.min.css?ver=5.6
/wp-includes/css/dist/block-library
50 KB
8 KB
Stylesheet
General
Full URL
https://labs.detectify.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:28 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 15:40:41 GMT
server
nginx
etag
W/"5fdccd79-c8e9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css?ver=5.6
/wp-content/themes/detectify2.0.5/dist/css
36 KB
6 KB
Stylesheet
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ced098a24c2db69f976f3ee1154da8929d43f035cefaa3c60ee8a70edc3288ab

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:28 GMT
content-encoding
br
last-modified
Wed, 25 Nov 2020 12:54:47 GMT
server
nginx
etag
W/"5fbe5417-8e91"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js?ver=3.5.1
/wp-includes/js/jquery
87 KB
31 KB
Script
General
Full URL
https://labs.detectify.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:28 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 15:40:41 GMT
server
nginx
etag
W/"5fdccd79-15d98"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js?ver=3.3.2
/wp-includes/js/jquery
11 KB
4 KB
Script
General
Full URL
https://labs.detectify.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:28 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 15:40:41 GMT
server
nginx
etag
W/"5fdccd79-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
detectify.svg
/wp-content/themes/detectify2.0.5/images
4 KB
2 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/detectify.svg
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
45781771a95e51ea8c04de1c05790c612e80d6303e29e54be4dab70007efaa08

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
W/"5fbcda02-fe8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
icon-ycombinator.png
/wp-content/themes/detectify2.0.5/images
683 B
884 B
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-ycombinator.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
61c16dfeb22d02ddbf5c8e30d305ad199979d7a7e2d6f8cab66f2cddf6a2c7dd

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-2ab"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
683
icon-reddit.png
/wp-content/themes/detectify2.0.5/images
1 KB
2 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-reddit.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2adf55d07c4c8e4790cf2404f54551ee1609e2490df08356b95c4f4314a4587

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-5dc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1500
icon-linkedin.png
/wp-content/themes/detectify2.0.5/images
709 B
910 B
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-linkedin.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f15a612820ee6932e59908a502c52ea6370c7bacadec59a2153aed31ad876480

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-2c5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
709
icon-twitter.png
/wp-content/themes/detectify2.0.5/images
1 KB
1 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-twitter.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b0353d7ceb6b95d450a0cbe4c2fb7d53839a3f1b7832d53bd3bfd2da8b6d49db

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-467"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1127
icon-facebook.png
/wp-content/themes/detectify2.0.5/images
760 B
961 B
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-facebook.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbc2dc58ab6e0cfbcade44534efd0747d86ffacc856207a30202ef6b76198a34

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-2f8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
760
Hacker-Pic-B-1-400x480.png
/wp-content/uploads/2019/05
178 KB
179 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/uploads/2019/05/Hacker-Pic-B-1-400x480.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1e36d21bebed621dd7535cb4e15e4a36136316152bd2e11739c5daa7af9b3de1

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Fri, 24 May 2019 13:45:03 GMT
server
nginx
etag
"5ce7f55f-2c92e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
182574
image-1-400x480.png
/wp-content/uploads/2018/08
30 KB
31 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/uploads/2018/08/image-1-400x480.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
17ff494201dce24dc9609dc5983462fb494e75d2700f703565ce2c98afbb7767

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Thu, 02 Aug 2018 13:54:54 GMT
server
nginx
etag
"5b630d2e-79f8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31224
GraphQL_proof_of_concept-400x480.png
/wp-content/uploads/2018/03
99 KB
99 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/uploads/2018/03/GraphQL_proof_of_concept-400x480.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c3e45eb2f762247549e6ea231cadf8fdeecbab660f7a9a5fee4db27eba30ae54

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Wed, 14 Mar 2018 09:06:47 GMT
server
nginx
etag
"5aa8e627-18c64"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
101476
facebook.png
/wp-content/themes/detectify2.0.5/images
1 KB
1 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/facebook.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
504b4de8f04d4c0c0c52a1fa8f1a745cf955fc4eda7fbf3cf28750675845ede6

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-525"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1317
twitter.png
/wp-content/themes/detectify2.0.5/images
5 KB
5 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/twitter.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
937708e5eaccff798e9227ab16da5a981b1e011db197b853ceb31a357255856e

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-1244"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4676
linkedin.png
/wp-content/themes/detectify2.0.5/images
15 KB
15 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/linkedin.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
eec028c2489cb681aa45c3247bdbbd3e8b14b6d5b4b59f32a46eaff565ea0e18

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-3bce"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15310
youtube.png
/wp-content/themes/detectify2.0.5/images
13 KB
13 KB
Image
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/youtube.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
761932b546d167fd12090fd5d2cae7bb15a02270b40e10e3a6e041e02cf79dd0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
"5fbcda02-338b"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13195
main.js?ver=1
/wp-content/themes/detectify2.0.5/dist/js
262 KB
81 KB
Script
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/js/main.js?ver=1
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
63a4306a05ad325868f376e75966ee349e8dc5d7ec95bdd9894b8c3f91e67a05

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
last-modified
Tue, 24 Nov 2020 10:01:38 GMT
server
nginx
etag
W/"5fbcda02-4166e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js?ver=5.6
/wp-includes/js
1 KB
951 B
Script
General
Full URL
https://labs.detectify.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
last-modified
Sat, 26 Oct 2019 00:17:07 GMT
server
nginx
etag
W/"5db39083-59a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-emoji-release.min.js?ver=5.6
/wp-includes/js
14 KB
5 KB
Script
General
Full URL
https://labs.detectify.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 15:40:41 GMT
server
nginx
etag
W/"5fdccd79-37a6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
css?family=Roboto+Mono
fonts.googleapis.com
2 KB
997 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
774fe65376725e8aad7d70e5fe6857d77f00fd23800d8c0ef411c648ea9a1531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jan 2021 23:31:47 GMT
server
ESF
date
Thu, 14 Jan 2021 01:30:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Jan 2021 01:30:28 GMT
/
/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more
23 KB
23 KB
Image
General
Full URL
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-pingback
date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
x-cacheable
SHORT
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-cache
HIT: 2
content-type
text/html; charset=UTF-8
cache-control
max-age=600, must-revalidate
link
<https://labs.detectify.com/wp-json/>; rel="https://api.w.org/", <https://labs.detectify.com/wp-json/wp/v2/posts/113>; rel="alternate"; type="application/json", <https://labs.detectify.com/?p=113>; rel=shortlink
x-cache-group
normal
CircularPro-Book.otf
/wp-content/themes/detectify2.0.5/assets/CircularPro-Book
85 KB
85 KB
Font
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/assets/CircularPro-Book/CircularPro-Book.otf
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
0c833aefd088c6fae2c65e2faf155463b75091c61b984a22292ca98718b465de

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:37 GMT
server
nginx
etag
"5fbcda01-15468"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
87144
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW-AJi8SJQt.woff
fonts.gstatic.com/s/robotomono/v12
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotomono/v12/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW-AJi8SJQt.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561592b91ee0231080e62a5f40f52bc55124655643af516a33eeaf29b76e1574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://labs.detectify.com
Referer
https://fonts.googleapis.com/css?family=Roboto+Mono
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 11:42:24 GMT
x-content-type-options
nosniff
last-modified
Mon, 13 Jul 2020 19:15:46 GMT
server
sffe
age
222485
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
expires
Tue, 11 Jan 2022 11:42:24 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://labs.detectify.com
Referer
https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 20:12:17 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
537492
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Fri, 07 Jan 2022 20:12:17 GMT
4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
fonts.gstatic.com/s/alegreya/v16
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreya/v16/4UaBrEBBsBhlBjvfkSLhx6jj4JN0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997423be26d1eae9efbfc2098141a06f626749dc4a89fc40c15d567a662856a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://labs.detectify.com
Referer
https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 16:17:00 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 18:54:51 GMT
server
sffe
age
551609
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18220
x-xss-protection
0
expires
Fri, 07 Jan 2022 16:17:00 GMT
4UaErEBBsBhlBjvfkSLk_xHM8pxULilENlY.woff2
fonts.gstatic.com/s/alegreya/v16
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreya/v16/4UaErEBBsBhlBjvfkSLk_xHM8pxULilENlY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12d773a48a0b51b4be416f0437556c330362763bbc06c70cd6e9a3c36e294178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://labs.detectify.com
Referer
https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 08 Jan 2021 08:28:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 18:53:18 GMT
server
sffe
age
493335
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19092
x-xss-protection
0
expires
Sat, 08 Jan 2022 08:28:14 GMT
4UaHrEBBsBhlBjvfkSLk96rp57F2IwM.woff2
fonts.gstatic.com/s/alegreya/v16
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreya/v16/4UaHrEBBsBhlBjvfkSLk96rp57F2IwM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fb0bef9a23d2e21086eb04729ba9719e89e7ca8d78d35410fda1e2de6ec33b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://labs.detectify.com
Referer
https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 02:51:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Oct 2020 18:52:51 GMT
server
sffe
age
167938
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18320
x-xss-protection
0
expires
Wed, 12 Jan 2022 02:51:31 GMT
red2.png
labsdetectify.wpengine.com/wp-content/uploads/2016/02
27 KB
27 KB
Image
General
Full URL
https://labsdetectify.wpengine.com/wp-content/uploads/2016/02/red2.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
793acec2f8d584b55d9921216da08fe25b3713efaf597d0f1bb257d99ab0eeb9

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 13 Sep 2016 17:33:53 GMT
server
nginx
etag
"57d83881-6a04"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27140
all.png
labsdetectify.wpengine.com/wp-content/uploads/2016/02
550 KB
551 KB
Image
General
Full URL
https://labsdetectify.wpengine.com/wp-content/uploads/2016/02/all.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bcfbcea42950c5e32722fb230626e4323b445e7b332d2f60562b17b87ef41bd7

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 13 Sep 2016 17:33:54 GMT
server
nginx
etag
"57d83882-8975e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
563038
embed.js
detectify.disqus.com
72 KB
24 KB
Script
General
Full URL
https://detectify.disqus.com/embed.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
d91b957d91da6313dea39f16e9f378779d94695dffc1cd05f81837f781fe382c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 01:30:29 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
23902
gtm.js?id=GTM-TWT88B
www.googletagmanager.com
116 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWT88B
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba3a031eb1841b8944dd1642d07d632293041dec00cb281a66205542937b65db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39863
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 00:54:02 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Jan 2021 01:30:29 GMT
CircularPro-Medium.otf
/wp-content/themes/detectify2.0.5/assets/CircularPro-Medium
93 KB
93 KB
Font
General
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/assets/CircularPro-Medium/CircularPro-Medium.otf
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8df65c16e955a73528fdc581781364fd6059da9c7ffb7d9e84ebea9e34f894b6

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=5.6
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Tue, 24 Nov 2020 10:01:37 GMT
server
nginx
etag
"5fbcda01-173ec"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
95212
analytics.js
www.google-analytics.com
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWT88B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
657
date
Thu, 14 Jan 2021 01:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 14 Jan 2021 03:19:32 GMT
conversion_async.js
www.googleadservices.com/pagead
30 KB
13 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWT88B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
5e79436d1f00cd00ece18c935a3835b2db0dc1f36db9146ba08ea9b1bfefa2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12183
x-xss-protection
0
server
cafe
etag
13630185657052990885
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Jan 2021 01:30:29 GMT
fbevents.js
connect.facebook.net/en_US
90 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-fb-rlafr
0
pragma
public
x-fb-debug
dEt3pZtjirB3cN0xBqoowV0zsnL4LdYAWsKhUHj26krRK+XlRVeP2ZlIIIAqP8jUfyDaGfMM448YuZ4MYZx+2Q==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 14 Jan 2021 01:30:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
www.redditstatic.com/ads
17 KB
6 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 30 Jun 2020 17:04:46 GMT
server
snooserv
etag
"85ee817cda81317b49d1d3056f6bdf95"
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-encoding
gzip
content-length
5809
qevents.js
a.quora.com
39 KB
14 KB
Script
General
Full URL
https://a.quora.com/qevents.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding
gzip
etag
"f32ebb1e93a72c0a57add6d07f688510"
age
5582
x-cache
HIT, HIT
content-length
13681
x-amz-id-2
Mr082XSAeK5gl9ne6fLo1egLVz8sHPMcqMfXWnw8NHeADkQ5FLNiVu7jFuWInpu3I/gnYljCvGE=
x-served-by
cache-bwi5140-BWI, cache-fra19121-FRA
last-modified
Fri, 25 Oct 2019 19:28:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer
S1610587829.200189,VS0,VE0
date
Thu, 14 Jan 2021 01:30:29 GMT
vary
Accept-Encoding
x-amz-request-id
F2C73976BA935DDF
via
1.1 varnish, 1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
1, 333
bat.js
bat.bing.com
27 KB
8 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:28 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref
Ref A: 9DA9CCBC669B46ABBB090A7FB2FF98C4 Ref B: FRAEDGE1215 Ref C: 2021-01-14T01:30:29Z
etag
"0b27f152fa7d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8454
insight.min.js
snap.licdn.com/li.lms-analytics
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 01:30:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=20266
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
fpb367pdwab4.js
js.driftt.com/include/1610588100000
285 KB
81 KB
Script
General
Full URL
https://js.driftt.com/include/1610588100000/fpb367pdwab4.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
9e75487e743a232de81010377a58dbdfa686ab218d263e06949492b8b24d995a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:48:20 GMT
server
nginx
etag
W/"f45d3e277640fcd63987b8f145779557"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-version-id
AFHp_aaeONLsS368i1Mu8M0Mngp3xcay
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/javascript; charset=utf-8
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
s2kjCIrdL3IEWcrnMOf0UyPLYreNTq6btwjDWEEGU-qA04ZKkpZuIg==
js?id=OPT-P729945&t=gtm4&cid=193270723.1610587829
www.google-analytics.com/gtm
85 KB
34 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-P729945&t=gtm4&cid=193270723.1610587829
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5541cfb67684ceba743744d4496dc9dc41fce81af5f56c16a1c95e1acb454335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34127
x-xss-protection
0
expires
Thu, 14 Jan 2021 01:30:29 GMT
670320013354403?v=2.9.32&r=stable
connect.facebook.net/signals/config
240 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/670320013354403?v=2.9.32&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
813d6874bd1f23696f3719fde392eadd516f7e314a58afe0c82a954c42ecf558
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
xzLtNr4PMww05TLemhLB4VampZGNPF5b1i/fYyP6mAn6luFE9LWsC1cGti72caUgjMOvLmlplQAELb1vgKsIqA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 14 Jan 2021 01:30:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
814255232
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&liSync=true
px.ads.linkedin.com
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D669017%26time%3D1610587829163%26url%3Dhttps%253A%252F%252Flabs.detectify.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&liSync...
0
61 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&liSync=true
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
AjQZARn1WRaQ0RM/sSoAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
/Kj4+hj1WRawWqyu7yoAAA==
pragma
no-cache
x-li-pop
afd-prod-ltx1
x-msedge-ref
Ref A: 384B99C02A7748148B2C858C027FCADD Ref B: FRAEDGE1109 Ref C: 2021-01-14T01:30:29Z
x-frame-options
sameorigin
date
Thu, 14 Jan 2021 01:30:28 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-27509029-1&cid=193270723.1610587829&jid=1474360352&gjid=605342860&_gid=1077403745.1610587829&_u=aGDAgEADQAAAAE~&z=2072571408
stats.g.doubleclick.net/j
4 B
90 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-27509029-1&cid=193270723.1610587829&jid=1474360352&gjid=605342860&_gid=1077403745.1610587829&_u=aGDAgEADQAAAAE~&z=2072571408
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Jan 2021 01:30:29 GMT
content-type
text/plain
access-control-allow-origin
https://labs.detectify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect?v=1&_v=j87&a=758442445&t=pageview&_s=1&dl=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&dr=&ul=en-us&de=UTF-8&dt=Hostile%20Su...
www.google-analytics.com
35 B
120 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=758442445&t=pageview&_s=1&dl=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&dr=&ul=en-us&de=UTF-8&dt=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more%20%7C%20Detectify%20Labs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=1474360352&gjid=605342860&cid=193270723.1610587829&tid=UA-27509029-1&_gid=1077403745.1610587829&gtm=2wg161TWT88B&z=372073103
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jan 2021 12:31:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46731
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27509029-1&cid=193270723.1610587829&jid=1474360352&_u=aGDAgEADQAAAAE~&z=816535006
www.google.com/ads
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27509029-1&cid=193270723.1610587829&jid=1474360352&_u=aGDAgEADQAAAAE~&z=816535006
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27509029-1&cid=193270723.1610587829&jid=1474360352&_u=aGDAgEADQAAAAE~&z=816535006
www.google.de/ads
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-27509029-1&cid=193270723.1610587829&jid=1474360352&_u=aGDAgEADQAAAAE~&z=816535006
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
?id=670320013354403&ev=PageView&dl=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&rl=&if=false&ts=1610587829238&cd[site_websiteName]=u...
www.facebook.com/tr
44 B
410 B
Image
General
Full URL
https://www.facebook.com/tr/?id=670320013354403&ev=PageView&dl=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&rl=&if=false&ts=1610587829238&cd[site_websiteName]=undefined&cd[site_websiteID]=undefined&cd[page_path]=undefined&cd[page_title]=undefined&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.1.1610587829236.905496946&it=1610587829160&coo=false&rqm=GET
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 14 Jan 2021 01:30:29 GMT
pixel?j=1&u=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&tag=ViewContent&ts=1610587829247
q.quora.com/_/ad/1fdf7ccfca6242509a1527df793b82c7
43 B
420 B
Image
General
Full URL
https://q.quora.com/_/ad/1fdf7ccfca6242509a1527df793b82c7/pixel?j=1&u=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&tag=ViewContent&ts=1610587829247
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.100.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-100-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 01:30:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,284ad5869ebb95064076877da700c181,10.0.0.113,5214,82.102.18.114,,58679441874,1,1610587829.587,0.002,,.,0,0,0.000,0.004,-,0,0,197,146,73,10,26847,,,,,,-,
Content-Type
image/gif
rp.gif?ts=1610587829250&id=t2_7xml9zo6&event=PageVisit&uuid=359890ec-5bca-46ae-adf0-4f1d4789a61a&s=IlQsdM9JC9W4H7tyKmVceyRVQjdQU3dqbmrsfWFmDE0%3D
alb.reddit.com
42 B
125 B
Image
General
Full URL
https://alb.reddit.com/rp.gif?ts=1610587829250&id=t2_7xml9zo6&event=PageVisit&uuid=359890ec-5bca-46ae-adf0-4f1d4789a61a&s=IlQsdM9JC9W4H7tyKmVceyRVQjdQU3dqbmrsfWFmDE0%3D
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
via
1.1 varnish
server
Varnish
accept-ranges
bytes
content-length
42
retry-after
0
content-type
image/gif
?random=1610587829308&cv=9&fst=1610587829308&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg161&sendb=1&ig...
googleads.g.doubleclick.net/pagead/viewthroughconversion/963762917
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963762917/?random=1610587829308&cv=9&fst=1610587829308&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg161&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&tiba=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more%20%7C%20Detectify%20Labs&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c350e5341423e3e509feec39d45a1fc91cb67466c58a5e78924d58a8f6bd0637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1083
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
notification.d46d7db1.mp3
js.driftqa.com/conductor/assets/media
20 KB
21 KB
Media
General
Full URL
https://js.driftqa.com/conductor/assets/media/notification.d46d7db1.mp3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.143.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-143-221.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ad80ac33ed04b4e6d78167b4162ecd3d2e8c29d17b43eb3df1f35b216b2ac5c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Thu, 14 Jan 2021 00:07:02 GMT
server
nginx
access-control-allow-origin
*
etag
"d46d7db110874da77e094dcbc4bec8e6"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
content-type
audio/mpeg
Content-Range
bytes 0-20896/20897
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
20897
lounge.93b42de3124a0dd0533f88d602ff11e8.css
c.disquscdn.com/next/embed/styles
0
22 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.93b42de3124a0dd0533f88d602ff11e8.css
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
625327
strict-transport-security
max-age=300; includeSubdomains
content-length
22661
cf-request-id
07a01d0c6b0000d72d5b02d000000001
timing-allow-origin
*
last-modified
Thu, 17 Dec 2020 22:41:59 GMT
server
cloudflare
etag
"5fdbdeb7-5885"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW55-C3
accept-ranges
bytes
cf-ray
6113978d791dd72d-FRA
x-amz-cf-id
FoLAKKYeyCVOQCHjxkf648euNl2eE6RaXpXOfpVsO0oF_J48wSAC-w==
expires
Thu, 06 Jan 2022 19:48:21 GMT
common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js
c.disquscdn.com/next/embed
0
93 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/common.bundle.38ea27189bdb723eae3dabf5bc7b8c0b.js
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
181044
strict-transport-security
max-age=300; includeSubdomains
content-length
94778
cf-request-id
07a01d0c6b0000d72d7319f000000001
timing-allow-origin
*
last-modified
Mon, 11 Jan 2021 21:10:38 GMT
server
cloudflare
etag
"5ffcbece-1723a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW55-C3
accept-ranges
bytes
cf-ray
6113978d7921d72d-FRA
x-amz-cf-id
IPH2Ychi9ylfThDq4vOs9o2Rc8M0Ypdu-s2Q_SL2aA1yH56ait05kA==
expires
Tue, 11 Jan 2022 23:13:03 GMT
lounge.bundle.e99bef264ab1dbdf324efcfb446cf290.js
c.disquscdn.com/next/embed
0
114 KB
Other
General
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.e99bef264ab1dbdf324efcfb446cf290.js
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
181044
strict-transport-security
max-age=300; includeSubdomains
content-length
116439
cf-request-id
07a01d0c6b0000d72d170b1000000001
timing-allow-origin
*
last-modified
Mon, 11 Jan 2021 21:10:38 GMT
server
cloudflare
etag
"5ffcbece-1c6d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW55-C3
accept-ranges
bytes
cf-ray
6113978d7923d72d-FRA
x-amz-cf-id
RpxEggxphocoSC2TYivFfRA1ZJSY_j6ULQ7_6jad6RGUblRyJB-kZQ==
expires
Tue, 11 Jan 2022 23:13:03 GMT
config.js
disqus.com/next
0
11 KB
Other
General
Full URL
https://disqus.com/next/config.js
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 14 Jan 2021 01:30:29 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
47
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
10242
X-XSS-Protection
1; mode=block
?random=1610587829308&cv=9&fst=1610586000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg161&sendb=1&frm=0&url=https%3A%2F%2F...
www.google.com/pagead/1p-user-list/963762917
42 B
530 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/963762917/?random=1610587829308&cv=9&fst=1610586000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg161&sendb=1&frm=0&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&tiba=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more%20%7C%20Detectify%20Labs&async=1&fmt=3&is_vtc=1&random=688219027&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
?random=1610587829308&cv=9&fst=1610586000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg161&sendb=1&frm=0&url=https%3A%2F%2F...
www.google.de/pagead/1p-user-list/963762917
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/963762917/?random=1610587829308&cv=9&fst=1610586000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg161&sendb=1&frm=0&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&tiba=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more%20%7C%20Detectify%20Labs&async=1&fmt=3&is_vtc=1&random=688219027&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Jan 2021 01:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
use.typekit.net/af/dacbbb/000000000000000000014a3f/27
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/dacbbb/000000000000000000014a3f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4f6b15171db948a3719ec5d9ad29101296dbfe801dc29040db8b5d9974fc037

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
server
nginx
etag
"9f69a3fb9ccd97d61c83bc04e10301a095b7a449"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
15600
l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
use.typekit.net/af/5e5e35/000000000000000000014a3e/27
15 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/5e5e35/000000000000000000014a3e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ebaa235bd73fd575f091a0d36701d7d4fee2fc38b0aeea515e28f10ab3bf001e

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
server
nginx
etag
"552cbdb1c37116efa6da228cc29728b358eb1e4c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
15772
l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
use.typekit.net/af/c19086/000000000000000000014a3b/27
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/c19086/000000000000000000014a3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9db911c69298b73dcac7905443fa87aa253bb2d1a2b0d0e2840c696bf9ea97d4

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
server
nginx
etag
"dda97810a2e0dcc5cea33a3d827efaac98f39199"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14920
l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
use.typekit.net/af/59af34/000000000000000000014a3d/27
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/59af34/000000000000000000014a3d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5b9db5acc5e9d4fa4baf66b5a8385d3ed4d697faa7f60148f757bf509792f8d2

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
server
nginx
etag
"1b875ac65d89bbbcbc04766acc6ceae8d1e45209"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
17028
l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
use.typekit.net/af/143f81/000000000000000000014a40/27
35 KB
35 KB
Font
General
Full URL
https://use.typekit.net/af/143f81/000000000000000000014a40/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8e479c3cd41c52d18a82dd032758a93e98242987ff281d04a163a50a3fe984ac

Request headers

Origin
https://labs.detectify.com
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
server
nginx
etag
"9eb6f2d6fc5498c8f83e6e2d042c442386ba5a88"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
35756
0?ti=17423398&Ver=2&mid=38810eae-381c-47a1-92a3-034ef7243d17&sid=16054db0560811ebb432a9f5e67ee598&vid=16055150560811ebb5c4b35407590448&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hostile%20Subdom...
bat.bing.com/action
0
115 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=17423398&Ver=2&mid=38810eae-381c-47a1-92a3-034ef7243d17&sid=16054db0560811ebb432a9f5e67ee598&vid=16055150560811ebb5c4b35407590448&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more%20%7C%20Detectify%20Labs&p=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&r=&lt=1671&evt=pageLoad&msclkid=N&sv=1&rn=552091
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Jan 2021 01:30:29 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 7120446D10E245C7AAC85E8F3C059538 Ref B: FRAEDGE1215 Ref C: 2021-01-14T01:30:29Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
p.gif?s=1&k=tzo5nif&ht=tk&h=labs.detectify.com&f=15759.15760.15761.22737.22740&a=520577&js=1.20.0&app=typekit&e=js&_=1610587829436
p.typekit.net
35 B
182 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=tzo5nif&ht=tk&h=labs.detectify.com&f=15759.15760.15761.22737.22740&a=520577&js=1.20.0&app=typekit&e=js&_=1610587829436
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
last-modified
Wed, 24 Jun 2020 18:11:26 GMT
server
nginx
etag
"5ef3974e-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35
?base=default&f=detectify&t_u=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&t_d=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGit...
disqus.com/embed/comments
0
0
Document
General
Full URL
https://disqus.com/embed/comments/?base=default&f=detectify&t_u=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&t_d=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more&t_t=Hostile%20Subdomain%20Takeover%20using%20Heroku%2FGithub%2FDesk%20%2B%20more&s_o=default
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/

Response headers

Connection
keep-alive
Content-Length
8862
Server
nginx
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Type
text/html; charset=utf-8
Last-Modified
Tue, 12 Jan 2021 10:06:52 GMT
ETag
W/"lounge:view:4644724845.379911b9ca2ebdfca46431e9f7f711fb.2"
Content-Encoding
gzip
Date
Thu, 14 Jan 2021 01:30:29 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
/
www.facebook.com/tr
0
86 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8EIubUnpP4eCx2G5

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 14 Jan 2021 01:30:29 GMT
content-type
text/plain
access-control-allow-origin
https://labs.detectify.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed
78 KB
26 KB
Script
General
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1655265
strict-transport-security
max-age=300; includeSubdomains
content-length
26578
cf-request-id
07a01d0e6d0000d72d41295000000001
timing-allow-origin
*
last-modified
Mon, 23 Nov 2020 17:22:41 GMT
server
cloudflare
etag
"5fbbefe1-67d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW55-C3
accept-ranges
bytes
cf-ray
61139790ab21d72d-FRA
x-amz-cf-id
iwXvkWWneYUzTgpoGXrolZxBkoZQ2bfC3Qst_9vVPBWLaqb-vIiHXg==
expires
Mon, 29 Nov 2021 02:25:38 GMT
pixel.gif?ch=1&rn=1.6752899422964853
cdn.viglink.com/images
43 B
387 B
Image
General
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=1.6752899422964853
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:25 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
age
4
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
OrL2-363jAO6tVFC5PvujT10v3imtLYKYSKqPvG9Sp1gRMY0qf9-jw==
pixel.gif?ch=2&rn=1.6752899422964853
cdn.viglink.com/images
43 B
388 B
Image
General
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=1.6752899422964853
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:25 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
age
4
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
DOFmnqxXUCkA6NhHdUsFmNU-7Cr7Q2BtRXPT4XeVvXcsGw5UDyVBlw==
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles
337 B
715 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1632777
strict-transport-security
max-age=300; includeSubdomains
content-length
244
cf-request-id
07a01d0ec10000d72d5b03e000000001
timing-allow-origin
*
last-modified
Tue, 17 Nov 2020 19:25:20 GMT
server
cloudflare
etag
"5fb423a0-f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
611397913b7fd72d-FRA
x-amz-cf-id
bXIMJ1-lqAO3UdooVh5uxIMFBzfzU1TPN0UMbp_Yhh2TonBiviCwsA==
expires
Thu, 18 Nov 2021 12:38:46 GMT
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles
337 B
354 B
Stylesheet
General
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: detectify.disqus.com
URL: https://detectify.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 01:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1632777
strict-transport-security
max-age=300; includeSubdomains
content-length
244
cf-request-id
07a01d0ec70000d72d731b1000000001
timing-allow-origin
*
last-modified
Tue, 17 Nov 2020 19:25:20 GMT
server
cloudflare
etag
"5fb423a0-f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
DFW3-C1
accept-ranges
bytes
cf-ray
611397913b84d72d-FRA
x-amz-cf-id
bXIMJ1-lqAO3UdooVh5uxIMFBzfzU1TPN0UMbp_Yhh2TonBiviCwsA==
expires
Thu, 18 Nov 2021 12:38:46 GMT
core?embedId=fpb367pdwab4&forceShow=false&skipCampaigns=false&sessionId=ddd79beb-f8f1-4a8f-b492-f48b5c72bd12&sessionStarted=1610587830&campaignRefreshToken=9f83bc41-6b71-479d-a89b-547df5828f7c&page...
js.driftt.com
0
0
Document
General
Full URL
https://js.driftt.com/core?embedId=fpb367pdwab4&forceShow=false&skipCampaigns=false&sessionId=ddd79beb-f8f1-4a8f-b492-f48b5c72bd12&sessionStarted=1610587830&campaignRefreshToken=9f83bc41-6b71-479d-a89b-547df5828f7c&pageLoadStartTime=1610587828730
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1610588100000/fpb367pdwab4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/core?embedId=fpb367pdwab4&forceShow=false&skipCampaigns=false&sessionId=ddd79beb-f8f1-4a8f-b492-f48b5c72bd12&sessionStarted=1610587830&campaignRefreshToken=9f83bc41-6b71-479d-a89b-547df5828f7c&pageLoadStartTime=1610587828730
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 13 Jan 2021 22:48:10 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
ZEOrLjfBtyw31jWBTNbrkGrp7nHIFp91
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 14 Jan 2021 01:30:30 GMT
cache-control
no-cache
etag
W/"6d0234471404f1a2e00d378e30611d6e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
dE0Y_rkdTQauu8eHKdWlGssRXQ0DYJ7NxEBAM9IX_qbLL8QKCRh7Eg==
chat
js.driftt.com/core
0
0
Document
General
Full URL
https://js.driftt.com/core/chat
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1610588100000/fpb367pdwab4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-88.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/core/chat
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 13 Jan 2021 22:48:10 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
ZEOrLjfBtyw31jWBTNbrkGrp7nHIFp91
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 14 Jan 2021 01:30:30 GMT
cache-control
no-cache
etag
W/"6d0234471404f1a2e00d378e30611d6e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hgmW4nm7muWjgOMrFlqU_X9piZYo-zZSFLBxrHMPoy5sv5WnCbbAMg==
ping
links.services.disqus.com/api
299 B
925 B
XHR
General
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e772ed85c401fe340ba074b1ae7b83e25f6a00febabd53faa247671b65672443

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 01:30:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://labs.detectify.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
299
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
links.services.disqus.com/api
43 B
565 B
Image
General
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 01:30:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif;charset=UTF-8
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api
76 B
701 B
XHR
General
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
8c7f5c2d81ced50109b62b9501837c677c06a262e6ed50713e7b20ba29413ce2

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 01:30:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://labs.detectify.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
76
Expires
Thu, 01 Jan 1970 00:00:00 GMT
domains
links.services.disqus.com/api
42 B
667 B
XHR
General
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
4f5ef0b77621bfff889f1eafa87bd915d715c60b6b63d7702c951f6ea76f381b

Request headers

Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 14 Jan 2021 01:30:30 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://labs.detectify.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=
  • http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-he=/
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Request 46
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D669017%26time%3D1610587829163%26url%3Dhttps%253A%252F%252Flabs.detectify.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=669017&time=1610587829163&url=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&liSync...

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Typekit object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data function| fbq function| _fbq function| rdt function| qp object| uetq string| _linkedin_partner_id object| _linkedin_data_partner_ids function| drift undefined| driftt object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| UET object| google_optimize object| qevents function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| __SENTRY__ object| _driftFrames object| __post_robot_10_0_16__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ function| disqus_config object| DISQUS boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrintElem function| prettyPrint object| PR object| wp object| twemoji boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16105878298976 object| vglnk number| drift_page_view_started number| drift_session_started object| drift_event_listeners