www.hackerone.com Open in urlscan Pro
2606:4700::6810:6434 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Submission: On June 24 via api (June 24th 2019, 12:40:39 pm UTC) from US

Summary HTTP 51 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 11 domains to perform 51 HTTP transactions. The main IP is 2606:4700::6810:6434, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.hackerone.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 23rd 2019. Valid for: 8 months.

This is the only time www.hackerone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700::68... 2606:4700::6810:6434	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC)
2	23.38.33.240 23.38.33.240	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2606:4700::68... 2606:4700::6811:5b04	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	192.28.148.159 192.28.148.159	53580 (MARKETO) (MARKETO - MARKETO)
2 3	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2620:109:c002... 2620:109:c002::6cae:a0a	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
51	11

34 2606:4700::6810:6434 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.hackerone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.96.80 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

app-sj17.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.33.240 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-38-33-240.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5b04 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

errors.hackerone.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.148.159 (United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

168-nau-732.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:f500:11:101::b93f:9005 (Ireland) 2 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:109:c002::6cae:a0a (United States) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	hackerone.com www.hackerone.com	5 MB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	bizible.com cdn.bizible.com	33 KB
2	hackerone.net errors.hackerone.net
2	marketo.net munchkin.marketo.net	6 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	mktoresp.com 168-nau-732.mktoresp.com
1	techtarget.com trk.techtarget.com apt.techtarget.com Failed	2 KB
1	licdn.com snap.licdn.com	5 KB
1	marketo.com app-sj17.marketo.com	57 KB
0	doubleclick.net Failed stats.g.doubleclick.net Failed
51	11

	Domain	Requested by
34	www.hackerone.com	www.hackerone.com
3	px.ads.linkedin.com	2 redirects
3	cdn.bizible.com	www.hackerone.com cdn.bizible.com
2	errors.hackerone.net	www.hackerone.com
2	munchkin.marketo.net	www.hackerone.com munchkin.marketo.net
2	www.google-analytics.com	www.hackerone.com www.google-analytics.com
1	www.linkedin.com	1 redirects
1	168-nau-732.mktoresp.com	munchkin.marketo.net
1	trk.techtarget.com	www.hackerone.com
1	snap.licdn.com	www.hackerone.com
1	app-sj17.marketo.com	www.hackerone.com
0	stats.g.doubleclick.net Failed	www.hackerone.com
0	apt.techtarget.com Failed	www.hackerone.com
51	13

This site contains links to these domains. Also see Links.

Domain
hackerone.com
support.hackerone.com
www.facebook.com
twitter.com
www.linkedin.com
labs.detectify.com
en.wikipedia.org
help.github.com
edoverflow.com
github.com
gist.github.com
cloud.google.com
pentester.io
public-dns.info
www.slideshare.net
developer.mozilla.org
tools.ietf.org
errors.hackerone.net
blog.pentestnepal.tech
docs.hackerone.com
facebook.com

Subject Issuer	Validity	Valid
hackerone.com DigiCert SHA2 Extended Validation Server CA	`2019-06-23` - `2020-02-21`	8 months	crt.sh
app-sj17.marketo.com CloudFlare Inc ECC CA-2	`2019-02-22` - `2020-02-22`	a year	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
trk.techtarget.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2020-02-15`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
errors.hackerone.net DigiCert SHA2 Extended Validation Server CA	`2019-01-03` - `2021-01-21`	2 years	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Frame ID: C32CC049F23C1D77B73A8AB7498CA40E
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

51
Requests

94 %
HTTPS

55 %
IPv6

11
Domains

13
Subdomains

11
IPs

6
Countries

5489 kB
Transfer

6301 kB
Size

1
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://hackerone.com/users/sign_in
Title: Sign In

Search URL Search Domain Scan URL

URL: https://hackerone.com/bugs
Title: Go to Inbox

Search URL Search Domain Scan URL

URL: https://hackerone.com/sign_up
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://hackerone.com/leaderboard/all-time
Title: Leaderboard

Search URL Search Domain Scan URL

URL: https://hackerone.com/hacktivity?sort_type=latest_disclosable_activity_at&filter=type%3Aall&page=1&range=forever
Title: Hacktivity

Search URL Search Domain Scan URL

URL: https://hackerone.com/directory?query=type%3Ahackerone&sort=resolved_reports_closed%3Adescending&page=1
Title: Program Directory

Search URL Search Domain Scan URL

URL: https://hackerone.com/disclosure-assistance
Title: Disclosure Assistance

Search URL Search Domain Scan URL

URL: https://support.hackerone.com/hc/en-us/sections/201108659-Hackers
Title: Hacker Support

Search URL Search Domain Scan URL

URL: https://hackerone.com/security
Title: Security

Search URL Search Domain Scan URL

URL: https://support.hackerone.com/hc/en-us/sections/201086269-Organizations
Title: Help Center

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&text=A%20Guide%20To%20Subdomain%20Takeovers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers

Search URL Search Domain Scan URL

URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Title: fantastic series on subdomain takeovers

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Domain_Name_System
Title: Domain Name System

Search URL Search Domain Scan URL

URL: https://help.github.com/articles/quick-start-setting-up-a-custom-domain/
Title: dedicated IP addresses for custom pages

Search URL Search Domain Scan URL

URL: https://edoverflow.com/2017/broken-link-hijacking
Title: broken link hijacking

Search URL Search Domain Scan URL

URL: https://github.com/aboul3la/Sublist3r
Title: Sublist3r

Search URL Search Domain Scan URL

URL: https://github.com/aboul3la/Sublist3r.git
Title: https://github.com/aboul3la/Sublist3r.git

Search URL Search Domain Scan URL

URL: https://gist.github.com/jhaddix/86a06c5dc309d08580a018c66354a056
Title: word list

Search URL Search Domain Scan URL

URL: https://github.com/infosec-au/altdns
Title: Altdns

Search URL Search Domain Scan URL

URL: https://github.com/pentester-io/commonspeak
Title: Commonspeak

Search URL Search Domain Scan URL

URL: https://cloud.google.com/bigquery/
Title: BigQuery

Search URL Search Domain Scan URL

URL: https://pentester.io/commonspeak-bigquery-wordlists/
Title: https://pentester.io/commonspeak-bigquery-wordlists/

Search URL Search Domain Scan URL

URL: https://github.com/subfinder/subfinder
Title: SubFinder

Search URL Search Domain Scan URL

URL: https://github.com/blechschmidt/massdns
Title: Massdns

Search URL Search Domain Scan URL

URL: https://public-dns.info/nameservers.txt
Title: https://public-dns.info/nameservers.txt

Search URL Search Domain Scan URL

URL: https://github.com/FortyNorthSecurity/EyeWitness
Title: EyeWitness

Search URL Search Domain Scan URL

URL: https://www.slideshare.net/fransrosen/dns-hijacking-using-cloud-providers-no-verification-needed-76812183
Title: DNS hijacking using cloud providers – No verification needed

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#Secure_and_HttpOnly_cookies
Title: HTTPOnly cookies

Search URL Search Domain Scan URL

URL: https://tools.ietf.org/html/rfc6749
Title: Oauth

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy?utm_source=mozilla&utm_medium=devtools-netmonitor&utm_campaign=default
Title: Content-Security Policy

Search URL Search Domain Scan URL

URL: https://hackerone.com/
Title: https://hackerone.com

Search URL Search Domain Scan URL

URL: https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c
Title: https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c

Search URL Search Domain Scan URL

URL: https://github.com/cure53/browser-sec-whitepaper/blob/master/browser-security-whitepaper.pdf
Title: Cure53 Browser Security White Paper

Search URL Search Domain Scan URL

URL: http://blog.pentestnepal.tech/post/149985438982/reading-ubers-internal-emails-uber-bug-bounty
Title: demonstrated

Search URL Search Domain Scan URL

URL: https://twitter.com/fransrosen
Title: Frans Rosén

Search URL Search Domain Scan URL

URL: https://twitter.com/filedescriptor
Title: Filedescriptor

Search URL Search Domain Scan URL

URL: https://twitter.com/mongobug
Title: Mongo

Search URL Search Domain Scan URL

URL: https://twitter.com/tomnomnom
Title: Tom Hudson

Search URL Search Domain Scan URL

URL: https://twitter.com/edoverflow
Title: @EdOverflow

Search URL Search Domain Scan URL

URL: https://docs.hackerone.com/programs.html
Title: Business Support

Search URL Search Domain Scan URL

URL: https://docs.hackerone.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://support.hackerone.com/hc/en-us/requests/new
Title: Support

Search URL Search Domain Scan URL

URL: https://facebook.com/Hacker0x01

Search URL Search Domain Scan URL

URL: https://twitter.com/Hacker0x01

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hackerone

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1 HTTP 302
https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561380024672%26pid%3D682812%26url%3Dhttps%253A%252F%252Fwww.hackerone.com%252Fblog%252FGuide-Subdomain-Takeovers%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1&cookiesTest=true&liSync=true

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Guide-Subdomain-Takeovers Show response
www.hackerone.com/blog/ 50 KB
14 KB 365ms
296ms Document
text/html 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a5196b7bddc2f7bc5d53dd0e0d2f1601579a90352da558360fa51d52244f29

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src js.driftt.com www.youtube-nocookie.com app-sj17.marketo.com; connect-src 'self' api.lever.co distillery.wistia.com pipedream.wistia.com embedwistia-a.akamaihd.net .litix.io embed-ssl.wistia.com hackerone.com .mktoresp.com checkout.stripe.com; font-src 'self' data: fonts.gstatic.com; form-action 'self' syndication.twitter.com platform.twitter.com; frame-ancestors 'self'; frame-src fast.wistia.com js.driftt.com www.youtube.com www.youtube-nocookie.com app-sj17.marketo.com platform.twitter.com syndication.twitter.com checkout.stripe.com; object-src 'self'; img-src 'self' data: go.techtarget.com cdn.ttgtmedia.com embedwistia-a.akamaihd.net fast.wistia.com www.google-analytics.com syndication.twitter.com platform.twitter.com .twimg.com q.stripe.com cdn.bizible.com; media-src 'self' blob: data: embedwistia-a.akamaihd.net fast.wistia.com; script-src 'self' 'sha256-XrP50Mq6s78GLH2Vyt4BfKhn8rx4OdU6FYqQGbxRuZc=' 'sha256-chw1FVji+ddLlO/RrcP3fhKOLsJUUh+FaKbjsOC2BiQ=' 'sha256-D6d37gZGDMRuNu3bDdYkGuOfCaaNGdTrB3eF5d5IU/Y=' .techtarget.com *.linkedin.com snap.licdn.com fast.wistia.com js.driftt.com www.google-analytics.com app-sj17.marketo.com munchkin.marketo.net platform.twitter.com cdn.syndication.twimg.com checkout.stripe.com cdn.bizible.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com fast.wistia.com app-sj17.marketo.com platform.twitter.com checkout.stripe.com; report-uri https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.hackerone.com
:scheme: https
:path: /blog/Guide-Subdomain-Takeovers
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 24 Jun 2019 12:40:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d61c69144f04c8b991db9564cda8e25411561380022; expires=Tue, 23-Jun-20 12:40:22 GMT; path=/; Domain=www.hackerone.com; HttpOnly; Secure
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=300, public
x-drupal-dynamic-cache: HIT
link: <https://www.hackerone.com/blog/Guide-Subdomain-Takeovers>; rel="alternate"; hreflang="en" </blog/Guide-Subdomain-Takeovers>; rel="canonical" </node/4681>; rel="shortlink" </blog/Guide-Subdomain-Takeovers>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-frame-options: DENY
last-modified: Mon, 24 Jun 2019 11:15:27 GMT
etag: W/"1561374927"
x-generator: Drupal 8 (https://www.drupal.org)
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src js.driftt.com www.youtube-nocookie.com app-sj17.marketo.com; connect-src 'self' api.lever.co distillery.wistia.com pipedream.wistia.com embedwistia-a.akamaihd.net *.litix.io embed-ssl.wistia.com hackerone.com *.mktoresp.com checkout.stripe.com; font-src 'self' data: fonts.gstatic.com; form-action 'self' syndication.twitter.com platform.twitter.com; frame-ancestors 'self'; frame-src fast.wistia.com js.driftt.com www.youtube.com www.youtube-nocookie.com app-sj17.marketo.com platform.twitter.com syndication.twitter.com checkout.stripe.com; object-src 'self'; img-src 'self' data: go.techtarget.com cdn.ttgtmedia.com embedwistia-a.akamaihd.net fast.wistia.com www.google-analytics.com syndication.twitter.com platform.twitter.com *.twimg.com q.stripe.com cdn.bizible.com; media-src 'self' blob: data: embedwistia-a.akamaihd.net fast.wistia.com; script-src 'self' 'sha256-XrP50Mq6s78GLH2Vyt4BfKhn8rx4OdU6FYqQGbxRuZc=' 'sha256-chw1FVji+ddLlO/RrcP3fhKOLsJUUh+FaKbjsOC2BiQ=' 'sha256-D6d37gZGDMRuNu3bDdYkGuOfCaaNGdTrB3eF5d5IU/Y=' *.techtarget.com *.linkedin.com snap.licdn.com fast.wistia.com js.driftt.com www.google-analytics.com app-sj17.marketo.com munchkin.marketo.net platform.twitter.com cdn.syndication.twimg.com checkout.stripe.com cdn.bizible.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com fast.wistia.com app-sj17.marketo.com platform.twitter.com checkout.stripe.com; report-uri https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598
x-drupal-cache: HIT
x-request-id: v-4b69505c-967c-11e9-a132-d375c50817c9
x-ah-environment: prod
x-geo-country
vary: Cookie,X-Geo-Country
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: enforce, max-age=31536000
age: 19
via: varnish
x-cache: HIT
x-cache-hits: 1
server: cloudflare
cf-ray: 4ebec516df3796bc-FRA
content-encoding: br

GET
H2 200 css_PjHbx1pBz4BgG4yxUNTdK-JCceIp0vdR6QKI8AjfSFk.css
www.hackerone.com/sites/default/files/css/ 26 KB
5 KB 271ms
271ms Stylesheet
text/css 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/sites/default/files/css/css_PjHbx1pBz4BgG4yxUNTdK-JCceIp0vdR6QKI8AjfSFk.css?pth0hg

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e31dbc75a41cf80601b8cb150d4dd2be24271e229d2f751e90288f008df4859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 222974
x-cache: HIT
status: 200
x-cache-hits: 27767
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: v-14e73eac-9476-11e9-8920-d7c0770da89c
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2019 15:48:08 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 4ebec518b9da96bc-FRA
expires: Fri, 05 Jul 2019 22:44:08 GMT

GET
H2 200 css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css
www.hackerone.com/sites/default/files/css/ 344 KB
48 KB 940ms
939ms Stylesheet
text/css 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

80dd180e825d34ba0ad8b42b54d3e18f4d80c563b617b18142c5633131d8b036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 222974
x-cache: HIT
status: 200
x-cache-hits: 27814
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: v-14e7bfb2-9476-11e9-bc75-3ff78f44a93e
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Jun 2019 16:24:32 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
cf-ray: 4ebec518b9db96bc-FRA
expires: Fri, 05 Jul 2019 22:44:08 GMT

GET
H2 200 tei-web-thumbnail.png
www.hackerone.com/sites/default/files/styles/medium/public/ 47 KB
47 KB 249ms
248ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/styles/medium/public/tei-web-thumbnail.png?itok=SFBPTO2t

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eb2cde623b4611d21b933b13f2bc3ba8d126549e87faf3fc641474288afded6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-geo-country
age: 222884
x-cache: HIT
status: 200
x-cache-hits: 5142
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 48284
x-xss-protection: 1; mode=block
x-request-id: v-4a794876-9476-11e9-baf0-4348ca127d49
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 May 2019 17:08:25 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country
content-type: image/png
x-permitted-cross-domain-policies: none
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9dc96bc-FRA
expires: Fri, 05 Jul 2019 22:45:38 GMT

GET
H2 200 H1_194_H101%20Social%20Cards_R1_V1Background_Green.jpg
www.hackerone.com/sites/default/files/styles/medium/public/ 2 KB
2 KB 239ms
239ms Image
image/jpeg 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/styles/medium/public/H1_194_H101%20Social%20Cards_R1_V1Background_Green.jpg?itok=eUG9c-yC

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4730284584b25e3aef898e2fdd8cf103362e406b3ebbc24dec6db004c5fad0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-geo-country
age: 222884
x-cache: HIT
status: 200
x-cache-hits: 5009
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 1953
x-xss-protection: 1; mode=block
x-request-id: v-4a7f6918-9476-11e9-8379-27c7fcda2923
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 24 Jan 2018 19:54:21 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country
content-type: image/jpeg
x-permitted-cross-domain-policies: none
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9dd96bc-FRA
expires: Fri, 05 Jul 2019 22:45:38 GMT

GET
H2 200 image1_17.png
www.hackerone.com/sites/default/files/inline-images/ 187 KB
187 KB 244ms
239ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image1_17.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b884f34720261bd66435a05a6dce55c457b12f60a96f94f2d96bb05d2f1c2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219715
x-cache: HIT
status: 200
x-cache-hits: 147
x-ah-environment: prod
content-length: 191069
x-xss-protection: 1; mode=block
x-request-id: v-ab5acdde-947d-11e9-abdd-bf631272790c
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:22:44 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9eb96bc-FRA
expires: Fri, 05 Jul 2019 23:38:27 GMT

GET
H2 200 image8_2.png
www.hackerone.com/sites/default/files/inline-images/ 71 KB
72 KB 282ms
277ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image8_2.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b92c739ed9ce2cfd24b9ee315423d2e5115ac407cbb5268d39c91cdf30b4def

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219715
x-cache: HIT
status: 200
x-cache-hits: 143
x-ah-environment: prod
content-length: 72968
x-xss-protection: 1; mode=block
x-request-id: v-ab5bf470-947d-11e9-9234-33c563a8b8f9
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:23:49 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9ed96bc-FRA
expires: Fri, 05 Jul 2019 23:38:27 GMT

GET
H2 200 image4_8.png
www.hackerone.com/sites/default/files/inline-images/ 727 KB
728 KB 307ms
303ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image4_8.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

160687bddb13a74d646bba1a9f766545acffc175f33cec9c8d3e5adcb34e6f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219715
x-cache: HIT
status: 200
x-cache-hits: 140
x-ah-environment: prod
content-length: 744642
x-xss-protection: 1; mode=block
x-request-id: v-ab5c85e8-947d-11e9-aaee-53ba500dd95f
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:24:16 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9ee96bc-FRA
expires: Fri, 05 Jul 2019 23:38:27 GMT

GET
H2 200 image7_1.png
www.hackerone.com/sites/default/files/inline-images/ 216 KB
216 KB 179ms
175ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image7_1.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ecf23b48c7f828e38265c85c31b2467fd0d8d6db001943681cdd88b64c9bb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219715
x-cache: HIT
status: 200
x-cache-hits: 151
x-ah-environment: prod
content-length: 220978
x-xss-protection: 1; mode=block
x-request-id: v-ab611324-947d-11e9-848b-63872cbe3963
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:25:04 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9ef96bc-FRA
expires: Fri, 05 Jul 2019 23:38:27 GMT

GET
H2 200 image6_3.png
www.hackerone.com/sites/default/files/inline-images/ 471 KB
472 KB 313ms
309ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image6_3.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

70d7b28af91ed0fe03c9fed560a31cebf96a2fe285645430fa488f5ca6e16f12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219714
x-cache: HIT
status: 200
x-cache-hits: 143
x-ah-environment: prod
content-length: 482351
x-xss-protection: 1; mode=block
x-request-id: v-aba5e35a-947d-11e9-9c85-3bae1acc6b08
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:25:39 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f096bc-FRA
expires: Fri, 05 Jul 2019 23:38:28 GMT

GET
H2 200 image2_15.png
www.hackerone.com/sites/default/files/inline-images/ 245 KB
245 KB 326ms
321ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image2_15.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a0f3809c84241f2fde6e1d6849f6e9e23912230a2ff3c3bf1934faaf56d308b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 218476
x-cache: HIT
status: 200
x-cache-hits: 141
x-ah-environment: prod
content-length: 250831
x-xss-protection: 1; mode=block
x-request-id: v-8da8312a-9480-11e9-92c1-0773de6fa377
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:26:39 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f196bc-FRA
expires: Fri, 05 Jul 2019 23:59:06 GMT

GET
H2 200 image3_12.png
www.hackerone.com/sites/default/files/inline-images/ 51 KB
51 KB 238ms
234ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image3_12.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cc4f15ace4dcef067a8ae189cfb0a3ef95fb08dbf6464b9cf4ca67f8306c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219715
x-cache: HIT
status: 200
x-cache-hits: 143
x-ah-environment: prod
content-length: 51740
x-xss-protection: 1; mode=block
x-request-id: v-ab8cf35e-947d-11e9-9a0d-077881ae3770
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:29:37 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f296bc-FRA
expires: Fri, 05 Jul 2019 23:38:28 GMT

GET
H2 200 image3_13.png
www.hackerone.com/sites/default/files/inline-images/ 51 KB
51 KB 241ms
237ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image3_13.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cc4f15ace4dcef067a8ae189cfb0a3ef95fb08dbf6464b9cf4ca67f8306c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219714
x-cache: HIT
status: 200
x-cache-hits: 145
x-ah-environment: prod
content-length: 51740
x-xss-protection: 1; mode=block
x-request-id: v-ab9e27aa-947d-11e9-b7c7-775119ee5698
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:30:34 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f396bc-FRA
expires: Fri, 05 Jul 2019 23:38:28 GMT

GET
H2 200 image9_3.png
www.hackerone.com/sites/default/files/inline-images/ 441 KB
442 KB 248ms
244ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image9_3.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79265065b5a116faeaca270702fee2506097a54854d900de92fb18a53f188164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 219714
x-cache: HIT
status: 200
x-cache-hits: 140
x-ah-environment: prod
content-length: 451484
x-xss-protection: 1; mode=block
x-request-id: v-ababa0d8-947d-11e9-a61a-6f72852506b5
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:31:43 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f496bc-FRA
expires: Fri, 05 Jul 2019 23:38:28 GMT

GET
H2 200 image10_2.png
www.hackerone.com/sites/default/files/inline-images/ 219 KB
220 KB 243ms
239ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image10_2.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e06708f2e03bdbe452fda721e4d8c3ca023ed920346578a6bb40211a31f4036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 218476
x-cache: HIT
status: 200
x-cache-hits: 143
x-ah-environment: prod
content-length: 224672
x-xss-protection: 1; mode=block
x-request-id: v-8d9cc466-9480-11e9-b35c-e3d1e04ebbd5
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:33:16 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f896bc-FRA
expires: Fri, 05 Jul 2019 23:59:06 GMT

GET
H2 200 image5_6.png
www.hackerone.com/sites/default/files/inline-images/ 1 MB
1 MB 310ms
306ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/inline-images/image5_6.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ead69d9c7ba27f401db31cbc76c1ec6f1350c06a370f9c98d3e7852a6950663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 218476
x-cache: HIT
status: 200
x-cache-hits: 142
x-ah-environment: prod
content-length: 1239617
x-xss-protection: 1; mode=block
x-request-id: v-8d9d67fe-9480-11e9-8c4c-831b37c7d7f5
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Aug 2018 16:34:17 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9f996bc-FRA
expires: Fri, 05 Jul 2019 23:59:06 GMT

GET
H2 200 50%20Mil.jpg
www.hackerone.com/sites/default/files/styles/large/public/ 32 KB
32 KB 203ms
200ms Image
image/jpeg 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/styles/large/public/50%20Mil.jpg?itok=fodF0tpu

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618e454943568122f8a8112c4df165df92a8d746d546f03511875942dff90c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-geo-country
age: 222083
x-cache: HIT
status: 200
x-cache-hits: 290
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 32939
x-xss-protection: 1; mode=block
x-request-id: v-281d5784-9478-11e9-a961-8b48f6c59561
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 08 Apr 2019 19:20:05 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country
content-type: image/jpeg
x-permitted-cross-domain-policies: none
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9fa96bc-FRA
expires: Fri, 05 Jul 2019 22:59:00 GMT

GET
H2 200 Test-Your-HAcking-Skills-blog-image.jpg
www.hackerone.com/sites/default/files/styles/large/public/ 28 KB
28 KB 249ms
245ms Image
image/jpeg 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/styles/large/public/Test-Your-HAcking-Skills-blog-image.jpg?itok=D9p2QMMD

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a39433c543dffece9f9b96e57c52459f46883dc1ddeb49846235e43f193c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-geo-country
age: 222082
x-cache: HIT
status: 200
x-cache-hits: 247
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 28679
x-xss-protection: 1; mode=block
x-request-id: v-2833ff66-9478-11e9-b042-8b3e1d82e2c8
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 Dec 2018 15:42:36 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country
content-type: image/jpeg
x-permitted-cross-domain-policies: none
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9fb96bc-FRA
expires: Fri, 05 Jul 2019 22:59:00 GMT

GET
H2 200 Icons_CTF_1.png
www.hackerone.com/sites/default/files/styles/large/public/ 151 KB
151 KB 239ms
236ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/sites/default/files/styles/large/public/Icons_CTF_1.png?itok=7VZzlq9v

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb92e86eeb16880b9072befd7c02e2225ca6b6827ffecd39d6d73054666980ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-geo-country
age: 222082
x-cache: HIT
status: 200
x-cache-hits: 254
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 154407
x-xss-protection: 1; mode=block
x-request-id: v-283a0442-9478-11e9-93a3-2bd10a518c03
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Nov 2018 17:09:57 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country
content-type: image/png
x-permitted-cross-domain-policies: none
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 4ebec518b9fd96bc-FRA
expires: Fri, 05 Jul 2019 22:59:00 GMT

GET
H2 200 logo_transparent.png
www.hackerone.com/assets/images/ 5 KB
6 KB 20ms
17ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/assets/images/logo_transparent.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

78d92353cbc5f54c63f75b10286150a1a8603f0cfe50c98f0353589703a5ae29

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: IQ
cf-polished: pngoptimizer, origSize=7204
x-cache: MISS
status: 200
cf-bgj: imgq:100
x-ah-environment: prod
vary: X-Geo-Country, Accept-Encoding
content-length: 5478
x-xss-protection: 1; mode=block
x-request-id: v-966e234a-5d45-11e9-854d-df94e5476eec
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:25 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec518b9fe96bc-FRA
expires: Thu, 25 Jul 2019 12:40:23 GMT

GET
H2 200 js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js Show response
www.hackerone.com/sites/default/files/js/ 292 KB
80 KB 944ms
939ms Script
text/javascript 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/sites/default/files/js/js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e296e6e27efdc1f7d8c0f0600c74adb217471a85fca50c8563be5be0046928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 222980
x-cache: HIT
status: 200
x-cache-hits: 28528
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: v-11786c32-9476-11e9-b403-439f2acb68c2
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2019 15:48:08 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 4ebec518b9e896bc-FRA
expires: Fri, 05 Jul 2019 22:44:03 GMT

GET
H2 200 forms2.min.js Show response
app-sj17.marketo.com/js/forms2/js/ 169 KB
57 KB 457ms
121ms Script
application/x-javascript 104.16.96.80
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj17.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d758f8e28f080e1fdcd247d1e4841420b97a56c1698db47705e41e0c6d8f659b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 05 Jun 2019 21:44:55 GMT
server: cloudflare
etag: "c2049d-2a24c-58a9a820c63c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=14400
strict-transport-security: max-age=63113904
cf-ray: 4ebec51b6f4cbdb4-AMS
expires: Mon, 24 Jun 2019 16:40:23 GMT

GET
H2 200 js_Yt75QYk4tR5AdgTOOEDN23ViUzVZmz_4cFZWPHxRaCI.js Show response
www.hackerone.com/sites/default/files/js/ 68 KB
15 KB 276ms
271ms Script
text/javascript 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/sites/default/files/js/js_Yt75QYk4tR5AdgTOOEDN23ViUzVZmz_4cFZWPHxRaCI.js

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

62def9418938b51e407604ce3840cddb75625335599b3ff87056563c7c516822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 222973
x-cache: HIT
status: 200
x-cache-hits: 29003
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: v-1561d144-9476-11e9-917a-a7e5b8805166
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 20 Jun 2019 17:31:13 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 4ebec518b9e996bc-FRA
expires: Fri, 05 Jul 2019 22:44:09 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 84 KB
32 KB 55ms
7ms Script
application/x-javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) / ASP.NET
Resource Hash: f1ff89ffe38441968fb3d114088e65c292c519039e55c39a3ba51dea56def85c

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
content-encoding: gzip
last-modified: Thu, 30 May 2019 00:41:27 GMT
server: ECS (fcn/40B4)
x-powered-by: ASP.NET
etag: "4fc7ae6a8016d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 32458

GET
H2 200 js_09q-2nINZLq-grz_lg6wRjXj61uWzqGBBYfPavnoho0.js Show response
www.hackerone.com/sites/default/files/js/ 403 B
385 B 255ms
250ms Script
text/javascript 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/sites/default/files/js/js_09q-2nINZLq-grz_lg6wRjXj61uWzqGBBYfPavnoho0.js

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3dabeda720d64babe82bcff960eb04635e3eb5b96cea1810587cf6af9e8868d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
via: varnish
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 222951
x-cache: HIT
status: 200
x-cache-hits: 10733
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-encoding: br
x-xss-protection: 1; mode=block
x-request-id: v-2267fcd8-9476-11e9-aaa0-47a05959f77b
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 Jun 2019 15:48:08 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
cf-ray: 4ebec518b9ea96bc-FRA
expires: Fri, 05 Jul 2019 22:44:31 GMT

GET
H2 200 h1_blog_logo.png
www.hackerone.com/assets/images/ 830 B
1 KB 16ms
16ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/assets/images/h1_blog_logo.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c010d2de80be46392aebafb52e53a987646f5332fbcaf3de2eac6cfd882a8eed

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country
cf-polished: origSize=2028
x-cache: HIT
status: 200
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
x-cache-hits: 11
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 830
x-xss-protection: 1; mode=block
x-request-id: v-9597dfaa-3b77-11e9-8fb2-d78134c758ca
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
content-type: image/png
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb1296bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 Hero%20Img.png
www.hackerone.com/assets/images/static_pages/press/ 262 KB
262 KB 16ms
15ms Image
image/png 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/assets/images/static_pages/press/Hero%20Img.png

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52d2e2b0da0fb08b3dc9dc171417d65b914227d4b9e72e87857235375a9a996a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country
cf-polished: origSize=292376
x-cache: HIT
status: 200
last-modified: Sat, 09 Feb 2019 07:49:25 GMT
x-cache-hits: 12
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 268184
x-xss-protection: 1; mode=block
x-request-id: v-7ffe8a08-3b8c-11e9-ac1e-f7a7dcefdc7e
referrer-policy: no-referrer-when-downgrade
cf-bgj: imgq:100
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
content-type: image/png
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb1396bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 footer-desktop-bkg.jpg
www.hackerone.com/assets/images/superman/ 143 KB
143 KB 20ms
20ms Image
image/jpeg 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hackerone.com/assets/images/superman/footer-desktop-bkg.jpg

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56536e1040215254f29927facd601d5492b32b627b38a7c4c1ccd26bae15e3e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: DE
cf-polished: origSize=149787
x-cache: MISS
status: 200
cf-bgj: imgq:100
x-ah-environment: prod
vary: X-Geo-Country, Accept-Encoding
content-length: 146187
x-xss-protection: 1; mode=block
x-request-id: v-42d8eeb6-4744-11e9-9eae-8bf7f2313601
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:25 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb1996bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 effra-regular.woff
www.hackerone.com/assets/fonts/effra/effra-regular/ 26 KB
26 KB 20ms
20ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/effra/effra-regular/effra-regular.woff

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

447f89ebd0d856515058930185bfe0eb54716368f39d2be50bde10bb296e8e89

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: DE
x-cache: HIT
status: 200
x-cache-hits: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 26116
x-xss-protection: 1; mode=block
x-request-id: v-46736df8-3c40-11e9-a40f-af16df453266
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb1b96bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 hackerone.ttf
www.hackerone.com/assets/fonts/ 17 KB
17 KB 59ms
59ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/hackerone.ttf

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436a28058e011ce8918c53dc5ccff3a9a7e448d729c99ec723e64f3e83ffce1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: UA
x-cache: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 17456
x-xss-protection: 1; mode=block
x-request-id: v-6cce04e4-4745-11e9-9f72-2303c1c44c0b
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb1e96bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 effra-light.woff
www.hackerone.com/assets/fonts/effra/effra-light/ 25 KB
25 KB 22ms
21ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/effra/effra-light/effra-light.woff

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3269b23a8d245902bf5c7edc82662884e1a45b4a4116c6e78adfb0d07276c51b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: BG
x-cache: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 25508
x-xss-protection: 1; mode=block
x-request-id: v-f2744e9a-5245-11e9-8be1-a7f9979b6b39
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb1f96bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 effra-medium.woff
www.hackerone.com/assets/fonts/effra/effra-medium/ 24 KB
24 KB 20ms
19ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/effra/effra-medium/effra-medium.woff

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

93102c54e14f85b42e97b24077e6cd2fc83d9be4b7a659bece4568d7af47863c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: DE
x-cache: HIT
status: 200
x-cache-hits: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 24256
x-xss-protection: 1; mode=block
x-request-id: v-37a6acea-7787-11e9-8cbf-5b3a79cb5eda
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb2196bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 Effra_He.ttf
www.hackerone.com/assets/fonts/ 191 KB
192 KB 22ms
22ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/Effra_He.ttf

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

25738098ed60544cceb77295c818a20f5c3c38d8cb3eaebb053fda5a77a49f57

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: BG
x-cache: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 195896
x-xss-protection: 1; mode=block
x-request-id: v-f277adf6-5245-11e9-aa5c-4b38f7448202
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fcb2396bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 fontawesome-webfont.ttf
www.hackerone.com/assets/fonts/ 162 KB
162 KB 15ms
15ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/fontawesome-webfont.ttf

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: DE
x-cache: HIT
status: 200
x-cache-hits: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 165548
x-xss-protection: 1; mode=block
x-request-id: v-46c486de-3c40-11e9-b708-df02fc99a41f
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fdb2596bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 Effra_Bd.ttf
www.hackerone.com/assets/fonts/ 190 KB
191 KB 19ms
19ms Font
text/plain 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/assets/fonts/Effra_Bd.ttf

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b5c600a869d635b447488f776bf7e308811b82331eee45d25138bdc2cd222d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/sites/default/files/css/css_gN0YDoJdNLoK2LQrVNPhj02AxWO2F7GBQsVjMTHYsDY.css?pth0hg
Origin: https://www.hackerone.com

Response headers

date: Mon, 24 Jun 2019 12:40:24 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
x-geo-country: IL
x-cache: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-ah-environment: prod
content-length: 194836
x-xss-protection: 1; mode=block
x-request-id: v-9852718e-3c43-11e9-aad3-5723a09dc031
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 09 Feb 2019 07:49:24 GMT
server: cloudflare
expect-ct: enforce, max-age=31536000
vary: X-Geo-Country, Accept-Encoding
x-permitted-cross-domain-policies: none
cache-control: public, max-age=2678400
content-security-policy: default-src 'none'; block-all-mixed-content;
accept-ranges: bytes
cf-ray: 4ebec51fdb2796bc-FRA
expires: Thu, 25 Jul 2019 12:40:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/sites/default/files/js/js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 2519
date: Mon, 24 Jun 2019 11:58:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Mon, 24 Jun 2019 13:58:25 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 49ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/sites/default/files/js/js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 12:40:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=15112
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H/1.1 200
OK tracking.js Show response
trk.techtarget.com/ 4 KB
2 KB 106ms
8ms Script
text/javascript 163.171.132.119
QUANTIL NETWORKS INC

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/sites/default/files/js/js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 12:34:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 20:11:17 GMT
Server: PWS/8.3.1.0.8
Age: 335
Content-Type: text/javascript
Via: 1.1 VMmgnyNY3on76:2 (W), 1.1 VMdgflkfFRA1uc69:2 (W), 1.1 PSdgflkfFRA2lp71:4 (W)
Cache-Control: max-age=600
X-Px: ht PSdgflkfFRA2lp71
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Mon, 24 Jun 2019 12:44:49 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 113ms
39ms Script
application/x-javascript 23.38.33.240
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/sites/default/files/js/js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.33.240 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-38-33-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 12:40:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 02:53:44 GMT
Server: Apache
ETag: "54520320df20b526337717d6d28181fc:1554432824"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
919 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 128
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 856
x-xss-protection: 0
expires: Mon, 24 Jun 2019 13:38:16 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
345 B 8ms
8ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=83bba1d03da14244e841155b82834c72&_biz_s=84e1fb&_biz_l=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&_biz_t=1561380024518&_biz_i=A%20Guide%20To%20Subdomain%20Takeovers%20%7C%20HackerOne&_biz_n=0&rnd=941664&cdn_o=a&_biz_z=1561380024520
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A2) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jun 2019 12:40:24 GMT
x-aspnetmvc-version: 4.0
last-modified: Sat, 22 Jun 2019 17:42:25 GMT
server: ECS (fcn/41A2)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

POST
H2 200 statistics.php Show response
www.hackerone.com/core/modules/statistics/ 0
164 B 626ms
626ms XHR
text/html 2606:4700::6810:6434
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hackerone.com/core/modules/statistics/statistics.php

Requested by

Host: www.hackerone.com
URL: https://www.hackerone.com/sites/default/files/js/js_NOKW5uJ-_cH32MDwYAx0rbIXRxqF_KUMhWO-W-AEaSg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6434 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Origin: https://www.hackerone.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Jun 2019 12:40:25 GMT
via: varnish
x-content-type-options: nosniff
x-geo-country
age: 0
x-cache: MISS
status: 200
x-ah-environment: prod
content-encoding: br
vary: Accept-Encoding,X-Geo-Country
x-xss-protection: 1; mode=block
x-request-id: v-3d09268a-967d-11e9-a4f5-cbf0e0fc3b8b
referrer-policy: no-referrer-when-downgrade
server: cloudflare
expect-ct: enforce, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=UTF-8
x-permitted-cross-domain-policies: none
cf-ray: 4ebec5218d9b96bc-FRA

POST
H2 201 /
errors.hackerone.net/api/30/csp-report/ 0
0 681ms
633ms Other
text/html 2606:4700::6811:5b04
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5b04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Origin: https://www.hackerone.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

GET activity.gif
apt.techtarget.com/activity/ 0
0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
4 KB 57ms
56ms Script
application/x-javascript 23.38.33.240
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.33.240 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-38-33-240.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 24 Jun 2019 12:40:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Wed, 02 Oct 2019 12:40:24 GMT

GET
H2 200 BizibleAcct.js Show response
cdn.bizible.com/ 376 B
519 B 119ms
119ms Script
text/javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=83bba1d03da14244e841155b82834c72&_biz_h=-1906410348&cdn_o=a&jsVer=4.19.05.29
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d76fd79d7c84094a4880fba7a4e81c20a875b1d1920d357682d1a86bf61c6bb

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:23 GMT
content-encoding: gzip
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
etag: 4CEDBD30
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 322

GET collect
www.google-analytics.com/r/ 0
0

POST
H2 201 /
errors.hackerone.net/api/30/csp-report/ 0
0 1157ms
1131ms Other
text/html 2606:4700::6811:5b04
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598
Requested by: Host: www.hackerone.com
URL: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:5b04 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Origin: https://www.hackerone.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/csp-report

Response headers

GET collect
stats.g.doubleclick.net/r/ 0
0

GET
H/1.1 200
OK visitWebPage
168-nau-732.mktoresp.com/webevents/ 43 B
0 1072ms
245ms XHR
image/gif 192.28.148.159
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://168-nau-732.mktoresp.com/webevents/visitWebPage?_mchNc=1561380024604&_mchCn=&_mchId=168-NAU-732&_mchTk=_mch-hackerone.com-1561380024604-78113&_mchHo=www.hackerone.com&_mchPo=&_mchRu=%2Fblog%2FGuide-Subdomain-Takeovers&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=

Requested by

Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/155/munchkin.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.148.159 , United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
Origin: https://www.hackerone.com

Response headers

Pragma: no-cache
Date: Mon, 24 Jun 2019 12:40:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Jun 2019 07:40:25 -0500
Server: Apache
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: -1

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1
https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1561380024672%26pid%3D682812%26url%3Dhttps%253A%252F%252Fwww.hackerone.com%252Fblog%252FGuide-Su...
https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1&cookiesTest=true&liSync=true

0
96 B

244ms
243ms

Script
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1&cookiesTest=true&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.hackerone.com/blog/Guide-Subdomain-Takeovers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 24 Jun 2019 12:40:25 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: Y3N2KdsiqxUAJperKisAAA==

Redirect headers

date: Mon, 24 Jun 2019 12:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
x-li-pop: prod-edc2
content-length: 20
x-li-uuid: QmWCWNwiqxWg0QeMTCsAAA==
pragma: no-cache
server: Play
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect/?time=1561380024672&pid=682812&url=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apt.techtarget.com
URL: https://apt.techtarget.com/activity/activity.gif?activityTypeId=31&cid=16607667&version=2.0&ref=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&r=1561380024543

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/r/collect?v=1&_v=j76&a=179586338&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hackerone.com%2Fblog%2FGuide-Subdomain-Takeovers&ul=en-us&de=UTF-8&dt=A%20Guide%20To%20Subdomain%20Takeovers%20%7C%20HackerOne&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAAEIh~&jid=2086862038&gjid=1088416392&cid=564845494.1561380025&tid=UA-49905813-1&_gid=974057965.1561380025&_r=1&z=1354569307

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-49905813-1&cid=564845494.1561380025&jid=2086862038&_gid=974057965.1561380025&gjid=1088416392&_v=j76&z=1354569307

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hackerone.com/	1970-01-19 10:28:36	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22XDomain%22%3A%221%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; child-src js.driftt.com www.youtube-nocookie.com app-sj17.marketo.com; connect-src 'self' api.lever.co distillery.wistia.com pipedream.wistia.com embedwistia-a.akamaihd.net .litix.io embed-ssl.wistia.com hackerone.com .mktoresp.com checkout.stripe.com; font-src 'self' data: fonts.gstatic.com; form-action 'self' syndication.twitter.com platform.twitter.com; frame-ancestors 'self'; frame-src fast.wistia.com js.driftt.com www.youtube.com www.youtube-nocookie.com app-sj17.marketo.com platform.twitter.com syndication.twitter.com checkout.stripe.com; object-src 'self'; img-src 'self' data: go.techtarget.com cdn.ttgtmedia.com embedwistia-a.akamaihd.net fast.wistia.com www.google-analytics.com syndication.twitter.com platform.twitter.com .twimg.com q.stripe.com cdn.bizible.com; media-src 'self' blob: data: embedwistia-a.akamaihd.net fast.wistia.com; script-src 'self' 'sha256-XrP50Mq6s78GLH2Vyt4BfKhn8rx4OdU6FYqQGbxRuZc=' 'sha256-chw1FVji+ddLlO/RrcP3fhKOLsJUUh+FaKbjsOC2BiQ=' 'sha256-D6d37gZGDMRuNu3bDdYkGuOfCaaNGdTrB3eF5d5IU/Y=' .techtarget.com *.linkedin.com snap.licdn.com fast.wistia.com js.driftt.com www.google-analytics.com app-sj17.marketo.com munchkin.marketo.net platform.twitter.com cdn.syndication.twimg.com checkout.stripe.com cdn.bizible.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com fast.wistia.com app-sj17.marketo.com platform.twitter.com checkout.stripe.com; report-uri https://errors.hackerone.net/api/30/csp-report/?sentry_key=61c1e2f50d21487c97a071737701f598
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

168-nau-732.mktoresp.com
app-sj17.marketo.com
apt.techtarget.com
cdn.bizible.com
errors.hackerone.net
munchkin.marketo.net
px.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
trk.techtarget.com
www.google-analytics.com
www.hackerone.com
www.linkedin.com
apt.techtarget.com
stats.g.doubleclick.net
www.google-analytics.com
104.16.96.80
163.171.132.119
192.28.148.159
23.38.33.240
2606:4700::6810:6434
2606:4700::6811:5b04
2620:109:c002::6cae:a0a
2a00:1450:4001:81c::200e
2a02:26f0:6c00:28c::25ea
2a05:f500:11:101::b93f:9005
93.184.220.178
07a5196b7bddc2f7bc5d53dd0e0d2f1601579a90352da558360fa51d52244f29
1436a28058e011ce8918c53dc5ccff3a9a7e448d729c99ec723e64f3e83ffce1
160687bddb13a74d646bba1a9f766545acffc175f33cec9c8d3e5adcb34e6f94
25738098ed60544cceb77295c818a20f5c3c38d8cb3eaebb053fda5a77a49f57
2b92c739ed9ce2cfd24b9ee315423d2e5115ac407cbb5268d39c91cdf30b4def
2ead69d9c7ba27f401db31cbc76c1ec6f1350c06a370f9c98d3e7852a6950663
3269b23a8d245902bf5c7edc82662884e1a45b4a4116c6e78adfb0d07276c51b
34e296e6e27efdc1f7d8c0f0600c74adb217471a85fca50c8563be5be0046928
3e31dbc75a41cf80601b8cb150d4dd2be24271e229d2f751e90288f008df4859
447f89ebd0d856515058930185bfe0eb54716368f39d2be50bde10bb296e8e89
4e06708f2e03bdbe452fda721e4d8c3ca023ed920346578a6bb40211a31f4036
52d2e2b0da0fb08b3dc9dc171417d65b914227d4b9e72e87857235375a9a996a
56536e1040215254f29927facd601d5492b32b627b38a7c4c1ccd26bae15e3e6
5d76fd79d7c84094a4880fba7a4e81c20a875b1d1920d357682d1a86bf61c6bb
62def9418938b51e407604ce3840cddb75625335599b3ff87056563c7c516822
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
6b884f34720261bd66435a05a6dce55c457b12f60a96f94f2d96bb05d2f1c2f9
6ecf23b48c7f828e38265c85c31b2467fd0d8d6db001943681cdd88b64c9bb25
70d7b28af91ed0fe03c9fed560a31cebf96a2fe285645430fa488f5ca6e16f12
77a39433c543dffece9f9b96e57c52459f46883dc1ddeb49846235e43f193c89
78d92353cbc5f54c63f75b10286150a1a8603f0cfe50c98f0353589703a5ae29
79265065b5a116faeaca270702fee2506097a54854d900de92fb18a53f188164
7eb2cde623b4611d21b933b13f2bc3ba8d126549e87faf3fc641474288afded6
80dd180e825d34ba0ad8b42b54d3e18f4d80c563b617b18142c5633131d8b036
8a0f3809c84241f2fde6e1d6849f6e9e23912230a2ff3c3bf1934faaf56d308b
8b51552f523ecd57ca4f82df5ab10610349f91cacb7c0f72d0290bed3cc37e4e
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93102c54e14f85b42e97b24077e6cd2fc83d9be4b7a659bece4568d7af47863c
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c010d2de80be46392aebafb52e53a987646f5332fbcaf3de2eac6cfd882a8eed
c7cc4f15ace4dcef067a8ae189cfb0a3ef95fb08dbf6464b9cf4ca67f8306c92
d3dabeda720d64babe82bcff960eb04635e3eb5b96cea1810587cf6af9e8868d
d618e454943568122f8a8112c4df165df92a8d746d546f03511875942dff90c9
d758f8e28f080e1fdcd247d1e4841420b97a56c1698db47705e41e0c6d8f659b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5c600a869d635b447488f776bf7e308811b82331eee45d25138bdc2cd222d
eb92e86eeb16880b9072befd7c02e2225ca6b6827ffecd39d6d73054666980ef
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f1ff89ffe38441968fb3d114088e65c292c519039e55c39a3ba51dea56def85c
f4730284584b25e3aef898e2fdd8cf103362e406b3ebbc24dec6db004c5fad0b

www.hackerone.com Open in urlscan Pro 2606:4700::6810:6434 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

51 Requests

94 %HTTPS

55 %IPv6

11 Domains

13 Subdomains

11 IPs

6 Countries

5489 kBTransfer

6301 kBSize

1 Cookies

47 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hackerone.com Open in urlscan Pro
2606:4700::6810:6434 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

94 %
HTTPS

55 %
IPv6

11
Domains

13
Subdomains

11
IPs

6
Countries

5489 kB
Transfer

6301 kB
Size

1
Cookies

51 HTTP transactions
0 data transactions