blog.yeswehack.com
Open in
urlscan Pro
164.132.15.54
Public Scan
Submission: On July 05 via manual from US — Scanned from FR
Summary
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.
This is the only time blog.yeswehack.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 164.132.15.54 164.132.15.54 | 16276 (OVH) (OVH) | |
5 | 176.31.240.69 176.31.240.69 | 16276 (OVH) (OVH) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700:10:... 2606:4700:10::ac43:2794 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
28 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
yeswehack.com
blog.yeswehack.com |
580 KB |
5 |
bi.tk
pad.bi.tk |
133 KB |
3 |
addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4009 |
27 KB |
2 |
gstatic.com
fonts.gstatic.com |
39 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88 |
952 B |
28 | 5 |
Domain | Requested by | |
---|---|---|
17 | blog.yeswehack.com |
blog.yeswehack.com
|
5 | pad.bi.tk |
blog.yeswehack.com
|
3 | static.addtoany.com |
blog.yeswehack.com
static.addtoany.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
blog.yeswehack.com
|
28 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.yeswehack.com |
yeswehack.com |
helpcenter.yeswehack.io |
twitter.com |
www.linkedin.com |
github.com |
portswigger.net |
firebounty.com |
zerodisclo.com |
jobs.yeswehack.com |
www.addtoany.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
blog.yeswehack.com R3 |
2023-06-05 - 2023-09-03 |
3 months | crt.sh |
bi.tk R3 |
2023-07-01 - 2023-09-29 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-04 - 2024-05-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://blog.yeswehack.com/talent-development/server-side-prototype-pollution-how-to-detect-and-exploit/
Frame ID: 4456567FE4627AC276253BE2A408DE6B
Requests: 29 HTTP requests in this frame
Frame:
https://static.addtoany.com/menu/sm.24.html
Frame ID: 83BCEFAE560D0989F189E16EC685DD5D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Server side prototype pollution, how to detect and exploitDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
AddToAny (Widgets) Expand
Detected patterns
- addtoany\.com/menu/page\.js
Page Statistics
25 Outgoing links
These are links going to different origins than the main page.
Title: Back to website
Search URL Search Domain Scan URL
Title: Hackers, Join Us!
Search URL Search Domain Scan URL
Title: OUR PROGRAMS
Search URL Search Domain Scan URL
Title: HELPCENTER
Search URL Search Domain Scan URL
Title: CAREER
Search URL Search Domain Scan URL
Title: YESWEHACK EDU
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: PHP unserialize gadgets
Search URL Search Domain Scan URL
Title: https://github.com/yeswehack/pp-finder
Search URL Search Domain Scan URL
Title: Gareth Heyes
Search URL Search Domain Scan URL
Title: Server-side prototype pollution: Black-box detection without the DoS
Search URL Search Domain Scan URL
Title: Choose YESWEHACK
Search URL Search Domain Scan URL
Title: FireBounty.com
Search URL Search Domain Scan URL
Title: ZeroDisclo.com
Search URL Search Domain Scan URL
Title: Infosec Jobs
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Legal notices
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Cookies Policy
Search URL Search Domain Scan URL
Title: AddToAny
Search URL Search Domain Scan URL
Title: Cookies Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
blog.yeswehack.com/talent-development/server-side-prototype-pollution-how-to-detect-and-exploit/ |
95 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head-0c7028e112976c73d9bd2e5b71b247fb858eed1a.css
blog.yeswehack.com/wp-content/cache/asset-cleanup/css/ |
259 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head-bdf2e55a2e5ec0eed5df5576d0e8178082a2162d.js
blog.yeswehack.com/wp-content/cache/asset-cleanup/js/ |
170 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twentytwenty-js-v5bd26468ca9671e3e5daddcd1a10ef70c4a7ffda.js
blog.yeswehack.com/wp-content/cache/asset-cleanup/js/item/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.svg
blog.yeswehack.com/wp-content/themes/yeswehack/dist/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin.svg
blog.yeswehack.com/wp-content/themes/yeswehack/dist/images/ |
729 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upload_959e3e5db8367eef77607053333c64d6.png
pad.bi.tk/uploads/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upload_5ce37256d407c83635ab2cb5aea5486b.png
pad.bi.tk/uploads/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upload_f944fdffb01682058d59236a4d5bd9d2.png
pad.bi.tk/uploads/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upload_18b935e1c86c73ba9b0b10112c316bd2.png
pad.bi.tk/uploads/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
upload_c79be7f6878bd544db41d83bdfffcc43.png
pad.bi.tk/uploads/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body-d52e3ac93fc62257bf22d7ad14adc99e2bc54a34.js
blog.yeswehack.com/wp-content/cache/asset-cleanup/js/ |
57 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twentytwenty-print-style-v70ac61d62229343fd1dc33475db5da70b8f8f557.css
blog.yeswehack.com/wp-content/cache/asset-cleanup/css/item/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 952 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page.js
static.addtoany.com/menu/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-retina-yeswehack.png.webp
blog.yeswehack.com/wp-content/uploads/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2023-02-15_10-11-1200x383.png.webp
blog.yeswehack.com/wp-content/uploads/ |
135 KB 136 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
upload_7e5c188cad68c8592bc22bc74fc44998.png.webp
blog.yeswehack.com/wp-content/uploads/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-pagination.jpg
blog.yeswehack.com/wp-content/themes/yeswehack/dist/images/ |
27 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ptRPTiqXYfZMCOiVj9kQ3FLdPQxPqA.woff2
fonts.gstatic.com/s/inriasans/v14/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ptRMTiqXYfZMCOiVj9kQ1On4KA.woff2
fonts.gstatic.com/s/inriasans/v14/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Inter-upright-var.woff2
blog.yeswehack.com/wp-content/themes/twentytwenty/assets/fonts/inter/ |
219 KB 219 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loadingAnimation.gif
blog.yeswehack.com/wp-includes/js/thickbox/ |
15 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sm.24.html
static.addtoany.com/menu/ Frame 83BC |
677 B 541 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
core.6f073af7.js
static.addtoany.com/menu/modules/ |
69 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tac.min.css
blog.yeswehack.com/wp-content/themes/yeswehack/assets/TAC/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tac.en.min.js
blog.yeswehack.com/wp-content/themes/yeswehack/assets/TAC/lang/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tac.services.min.js
blog.yeswehack.com/wp-content/themes/yeswehack/assets/TAC/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
76 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| thumbs_rating_ajax object| EM function| em_load_jquery_css function| em_setup_datepicker function| em_setup_timepicker function| em_ajaxify boolean| em_maps_loaded object| maps object| maps_markers undefined| infoWindow function| em_maps_load function| em_maps_load_locations function| em_maps_load_location function| em_maps function| em_map_infobox function| em_esc_attr function| thumbs_rating_vote undefined| $ function| jQuery object| a2a_config object| Arrive boolean| ewww_webp_supported function| check_webp_feature function| ewwwLoadImages function| ewwwWebPInit function| ewwwAttr function| ewwwJSONParserInit function| ewwwWooParseVariations function| ewwwNggParseGalleries function| ewwwNggLoadGalleries function| ewwwNggParseImageList object| twentytwenty function| twentytwentyDomReady function| twentytwentyToggleAttribute function| twentytwentyMenuToggle function| twentytwentyFindParents object| thickboxL10n string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| scripts string| path string| tacForceCDN string| cdn number| alreadyLaunch string| tacForceLanguage number| tacForceExpire string| tacCustomText boolean| tacExpireInDay number| timeExpire undefined| tacProLoadServices boolean| tacNoAdBlocker object| tac string| pUrl object| imgLoader object| a2a function| a2a_init function| a2a_show_dropdown function| a2a_miniLeaveDelay number| a2apage_init string| fixed function| arrive function| unbindArrive function| leave function| unbindLeave1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
blog.yeswehack.com/ | Name: cookieConsent Value: !googletagmanager=wait!Gartner=wait!HubSpot=wait |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 ; includeSubDomains ; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blog.yeswehack.com
fonts.googleapis.com
fonts.gstatic.com
pad.bi.tk
static.addtoany.com
164.132.15.54
176.31.240.69
2606:4700:10::ac43:2794
2a00:1450:4001:828::200a
2a00:1450:4001:831::2003
02e8dd7a82cfc4ceb20ecd18e407825e406a76a24c9e0e9ee6c167f4929dd730
067c7461dc44b1062fb8a4895d8a8b17a38c667d1e43e2fc61c2ecd80e0b0b66
165a912eee0fdd3cfa25bff1284daecffd303ed8bf6862f19a5eb2ee6cd31740
1881d41c12961ae92cc80d73abed82c537d3b64b8cb46dab759cd5b62bbb83c0
22c08d79e5120bf9ebf3bb8b28eeb86856d020ac65603003f793eb5703fd3f21
2ea667238f2faea24b677c78868e2d1ac69a5487bdbbe6cbaf3c99135fcf72f4
3ba9fcb18720dfbe3ef458ba0fc92d6acfc36ea6d0ca29894d9064ce9b586ac6
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
63b9f6f7263dd6fa6a50c26af86bdcc37c1c49460628d4fd1fc417f7b2d3c229
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6fac18ccb7a33e511f17693145cbd8b28df428b2ae7c91ca7462e1ba4de6c66f
76602eca67db90ce9d3c8af602aac60dc18cbb28c5d1ec2a179efe768c20531f
78b3586445d41473829fa04ff632394918f1651d5799c643377684191e9f27d4
7a27c7fd70237b241e645af858e0168c8d2a9587d0815a859897434da14c5ced
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
81f6b825ac1e1aa7ba3be0053ffc54ec4cb13adf58de1e8050a9bb1b1d613cea
9f34ab2d8ad8033df4b0b19472f39c7dbee666d62d3e83c9e3b3da429bc4e59d
a6d6d4a886842ef22b5b1034c0a6f34466a030026befb59b60c5511748487bd0
a746bd18e23da7f9828107309456a14b85a93026e4be638a5874db59926272a2
a8563a35cb97960ea377574ea92235994f95ebc6d5676c989bdae296c5a3fb90
aa12e665f75bd5d8755a4fcdebfdc9075d964d902bcbeebc33e08345940d50a5
ca15e7261ad574c6e3bb7ad3ad0a1fca55c8a831864491bb59fa642837209e9f
d770f5a53ca357c49318ef35a1c0db9b668cdf93fa374be88085e32616ac1687
d7bbb69b790fc083cab67ba8d645c2893fd7837ac4a057558bcf09c179ab3042
db8d97383705f9bd71b5d6ce2dbf3cceb3e412e7911fdef651dd2e4392c3f2bc
dc708cd99d49cb014d9f7580f1b5f2adee69880200ae646249d53c8c1969dae7
e03c2df7ef439d2708bbc168a21c0a00da63e5664d286120c994c39644addd03
e1e8553f1e70135025455dec7908d35bfc320eb0da5b6ae3be585d153a124cbd
f6c70ba49ffd5b2a4474790cf5490f7230ad35c8188c949dbbf2967ecd5da8d2
f86b7ee6a6c9dd467c84750dc144a34ce9b27ebcd7e9f7998d7bb4fc1f9adc3f