urlscan.io logo urlscan.io
SecurityTrails logo

labs.detectify.com Open in urlscan Pro
104.196.191.243  Public Scan

Go To Rescan Add Verdict Report
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Submission: On November 28 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 48 HTTP transactions. The main IP is 104.196.191.243, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is labs.detectify.com.
TLS certificate: Issued by R3 on November 11th 2022. Valid for: 3 months.
This is the only time labs.detectify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 25 104.196.191.243 396982 (GOOGLE-CL...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
48 8
25    104.196.191.243 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 243.191.196.104.bc.googleusercontent.com
labs.detectify.com
labsdetectify.wpengine.com
10    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
6    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Apex Domain
Subdomains		 Transfer
23 detectify.com
labs.detectify.com
510 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 535
138 KB
7 typekit.net
use.typekit.net — Cisco Umbrella Rank: 873
p.typekit.net — Cisco Umbrella Rank: 1025
106 KB
4 gstatic.com
fonts.gstatic.com
135 KB
2 wpengine.com
labsdetectify.wpengine.com
577 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
53 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 939
304 B
48 8
Domain Requested by
23 labs.detectify.com 2 redirects labs.detectify.com
10 cdn.cookielaw.org labs.detectify.com
cdn.cookielaw.org
6 use.typekit.net labs.detectify.com
4 fonts.gstatic.com fonts.googleapis.com
2 labsdetectify.wpengine.com labs.detectify.com
2 fonts.googleapis.com labs.detectify.com
1 p.typekit.net
1 www.googletagmanager.com labs.detectify.com
1 geolocation.onetrust.com cdn.cookielaw.org
48 9
Subject Issuer Validity Valid
labs.detectify.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.wpengine.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-01 -
2023-09-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Frame ID: 7266272DFC22B2E4E09EF3C9A5006A70
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hostile Subdomain Takeover using Heroku/Github/Desk + more - Detectify LabsBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more HTTP 301
    http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ HTTP 301
    https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

48
Requests

100 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

1521 kB
Transfer

2460 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more HTTP 301
    http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ HTTP 301
    https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Redirect Chain
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more
  • http://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
  • https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
55d124e169614c9b4fdc130ed8f80eaab3fdf0b83ab55a55bab65fa1278aa15a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 10:04:11 GMT
link
<https://labs.detectify.com/wp-json/>; rel="https://api.w.org/" <https://labs.detectify.com/wp-json/wp/v2/posts/113>; rel="alternate"; type="application/json" <https://labs.detectify.com/?p=113>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-pingback
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 28 Nov 2022 10:04:11 GMT
Keep-Alive
timeout=20
Location
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Server
nginx
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bKkFjZE43AfZo3jm8gqLew==
age
40556
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Fri, 25 Nov 2022 09:17:45 GMT
server
cloudflare
etag
0x8DACEC5E9C800F3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
205f9382-f01e-0007-272b-012e63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7712472e3ecadcdb-LHR
tzo5nif.js
use.typekit.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tzo5nif.js
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c6fe4921b97e0ea0d8539aa19960a27a404a993949eb5a56cbb381478d89dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Mon, 28 Nov 2022 10:04:12 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6767
css
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c36458c0c4f4b4f11f68633f973bba803435f48ab6ffb385c5c5468c0271668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 10:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 10:04:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 10:04:11 GMT
style.min.css
labs.detectify.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:11 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
server
nginx
etag
W/"62c2d8bd-15b64"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/ 		35 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=6.0.3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a6ae246c866a46d3f05684141e346b8a307a216e05f2f5ac72aa88eec9c9b42

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:11 GMT
content-encoding
br
last-modified
Tue, 05 Jul 2022 10:04:16 GMT
server
nginx
etag
W/"62c40ca0-8dd7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
labs.detectify.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:11 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
labs.detectify.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:11 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
detectify.svg
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/detectify.svg
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
45781771a95e51ea8c04de1c05790c612e80d6303e29e54be4dab70007efaa08

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-fe8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
icon-ycombinator.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		683 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-ycombinator.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
61c16dfeb22d02ddbf5c8e30d305ad199979d7a7e2d6f8cab66f2cddf6a2c7dd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
"62751ac0-2ab"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
683
icon-reddit.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-reddit.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2adf55d07c4c8e4790cf2404f54551ee1609e2490df08356b95c4f4314a4587

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
"62751ac0-5dc"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1500
icon-linkedin.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		709 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-linkedin.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
f15a612820ee6932e59908a502c52ea6370c7bacadec59a2153aed31ad876480

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
"62751ac0-2c5"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
709
icon-twitter.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-twitter.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b0353d7ceb6b95d450a0cbe4c2fb7d53839a3f1b7832d53bd3bfd2da8b6d49db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
"62751ac0-467"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1127
icon-facebook.png
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		760 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/icon-facebook.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbc2dc58ab6e0cfbcade44534efd0747d86ffacc856207a30202ef6b76198a34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
"62751ac0-2f8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
760
image-10-400x480.png
labs.detectify.com/wp-content/uploads/2022/06/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/uploads/2022/06/image-10-400x480.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
00690deca16b2a92633691a0b2dbcce98f48680fe0b2717bf91e074b5249c827

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Mon, 27 Jun 2022 11:31:43 GMT
server
nginx
etag
"62b9951f-17996"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
96662
d_OAuth-400x480.png
labs.detectify.com/wp-content/uploads/2022/07/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/uploads/2022/07/d_OAuth-400x480.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
78c9cebc76d62a5a034093ab926e177f1c304c0a673c923833a8fd7770b05920

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Wed, 06 Jul 2022 13:17:13 GMT
server
nginx
etag
"62c58b59-3751"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
14161
Frans-shortcuts-thumbnail-400x400.png
labs.detectify.com/wp-content/uploads/2021/09/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/uploads/2021/09/Frans-shortcuts-thumbnail-400x400.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
92be4207cf44562a037e50ecaef3fad09c98c313c7771bb9cb4d5fd7e31470e0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
last-modified
Fri, 06 May 2022 12:55:09 GMT
server
nginx
etag
"62751aad-1c946"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
117062
giticon.svg
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/giticon.svg
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
427983bf4df560de5f4483b66589e4ca471177f7d61dde88410a325c30382c4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-610"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
linkedinicon.svg
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		1 KB
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/linkedinicon.svg
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c5df9a212b7e5b7678fbfc9faca25929f82e044d39de48186302f20a17497db1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-572"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
twittericon.svg
labs.detectify.com/wp-content/themes/detectify2.0.5/images/ 		1 KB
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/images/twittericon.svg
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b0d0a5021b71453efb69e19768232b13d3f385e81e6a4f41a4bae5e21f34dbd5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-534"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
main.js
labs.detectify.com/wp-content/themes/detectify2.0.5/dist/js/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/js/main.js?ver=1
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
63a4306a05ad325868f376e75966ee349e8dc5d7ec95bdd9894b8c3f91e67a05

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
last-modified
Fri, 06 May 2022 12:55:28 GMT
server
nginx
etag
W/"62751ac0-4166e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
12502c33-9d3f-4160-9787-050cb6d0ca91.json
cdn.cookielaw.org/consent/12502c33-9d3f-4160-9787-050cb6d0ca91/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/12502c33-9d3f-4160-9787-050cb6d0ca91/12502c33-9d3f-4160-9787-050cb6d0ca91.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cf491bf8f612a69eda6dab562fab711910729762f327ffb3cdfe98f17d8e096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
iFvGmu7XDmyEZiO8KRpWxA==
age
37736
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1360
x-ms-lease-status
unlocked
last-modified
Wed, 29 Jun 2022 08:55:56 GMT
server
cloudflare
etag
0x8DA59AD2DF61E75
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e35241f4-001e-011d-0956-904759000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7712472f6a8f886b-LHR
expires
Tue, 29 Nov 2022 10:04:12 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://labs.detectify.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
77124731d914770d-LHR
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.37.0/ 		367 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
84QDGKEUCS7BR7wlSH5now==
age
37704
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
89029
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:58 GMT
server
cloudflare
etag
0x8DA6BAB51B19C0E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
55dbfc92-801e-00ed-7f9a-9dd162000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77124734186adcdb-LHR
gtm.js
www.googletagmanager.com/ 		151 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWT88B
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56e9aa1fa12c6d7ef288b7568d18d4e76c70eeaf7f169cabdda5bd5e3ae4b987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53647
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 10:04:12 GMT
wp-emoji-release.min.js
labs.detectify.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
br
last-modified
Tue, 12 Apr 2022 05:56:23 GMT
server
nginx
etag
W/"62551487-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		2 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d19d23087cab4754d99e1b93eef0c81607dbe0e235928d00d0ec3e89fac2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 10:04:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 08:45:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 10:04:12 GMT
/
labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:12 GMT
x-cache-group
normal
content-encoding
br
x-cacheable
SHORT
server
nginx
x-powered-by
WP Engine
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-pingback
content-type
text/html; charset=UTF-8
x-cache
HIT: 1
cache-control
max-age=600, must-revalidate
link
<https://labs.detectify.com/wp-json/>; rel="https://api.w.org/", <https://labs.detectify.com/wp-json/wp/v2/posts/113>; rel="alternate"; type="application/json", <https://labs.detectify.com/?p=113>; rel=shortlink
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v22/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotomono/v22/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7295944e0067d71c5d5276d397dc0299afb519f277ba644aec0b96343e4185d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 18:52:53 GMT
x-content-type-options
nosniff
age
400279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12312
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 18:52:53 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
573228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 18:50:24 GMT
4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:12:47 GMT
x-content-type-options
nosniff
age
179485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39860
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:47:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 08:12:47 GMT
red2.png
labsdetectify.wpengine.com/wp-content/uploads/2016/02/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labsdetectify.wpengine.com/wp-content/uploads/2016/02/red2.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
793acec2f8d584b55d9921216da08fe25b3713efaf597d0f1bb257d99ab0eeb9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
last-modified
Fri, 06 May 2022 12:55:24 GMT
server
nginx
etag
"62751abc-6a04"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27140
all.png
labsdetectify.wpengine.com/wp-content/uploads/2016/02/ 		550 KB
551 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labsdetectify.wpengine.com/wp-content/uploads/2016/02/all.png
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
bcfbcea42950c5e32722fb230626e4323b445e7b332d2f60562b17b87ef41bd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
last-modified
Fri, 06 May 2022 12:55:23 GMT
server
nginx
etag
"62751abb-8975e"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
563038
CircularPro-Medium.otf
labs.detectify.com/wp-content/themes/detectify2.0.5/assets/CircularPro-Medium/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://labs.detectify.com/wp-content/themes/detectify2.0.5/assets/CircularPro-Medium/CircularPro-Medium.otf
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=6.0.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.191.243 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
243.191.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
8df65c16e955a73528fdc581781364fd6059da9c7ffb7d9e84ebea9e34f894b6

Request headers

Referer
https://labs.detectify.com/wp-content/themes/detectify2.0.5/dist/css/style.css?ver=6.0.3
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
last-modified
Fri, 06 May 2022 12:55:29 GMT
server
nginx
etag
"62751ac1-173ec"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
95212
4UaHrEBBsBhlBjvfkSLk96rp5w.woff2
fonts.gstatic.com/s/alegreya/v29/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/alegreya/v29/4UaHrEBBsBhlBjvfkSLk96rp5w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:400,400i,700,700i|Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6be5055a9d73556375ae3a2a4797d5445195ccc79817d94b2c042f432975efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 10:59:57 GMT
x-content-type-options
nosniff
age
428655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40572
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:50:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 10:59:57 GMT
l
use.typekit.net/af/dacbbb/000000000000000000014a3f/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/dacbbb/000000000000000000014a3f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3a60515edb1d4731353d11bc1936a877ac3101cbe24f2a5fd3711e0ba0f7b2bc

Request headers

Referer
https://labs.detectify.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
server
nginx
etag
"9f69a3fb9ccd97d61c83bc04e10301a095b7a449"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15612
l
use.typekit.net/af/5e5e35/000000000000000000014a3e/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5e5e35/000000000000000000014a3e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4ff1a8e0a0a0e904ce1a092efab1600b68750e93cb4b5378d5740410dcd68d0b

Request headers

Referer
https://labs.detectify.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
server
nginx
etag
"552cbdb1c37116efa6da228cc29728b358eb1e4c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16396
l
use.typekit.net/af/c19086/000000000000000000014a3b/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c19086/000000000000000000014a3b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a285f297dcc122da30752e584a7352b29a82ce319cfefb1c79dc1044d4b80fd

Request headers

Referer
https://labs.detectify.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
server
nginx
etag
"dda97810a2e0dcc5cea33a3d827efaac98f39199"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14924
l
use.typekit.net/af/59af34/000000000000000000014a3d/27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/59af34/000000000000000000014a3d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c7e3a30ac845ce62f52949b04b14b0535db6f15ba4c693a907d11c1ae4a67365

Request headers

Referer
https://labs.detectify.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
server
nginx
etag
"1b875ac65d89bbbcbc04766acc6ceae8d1e45209"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17024
l
use.typekit.net/af/143f81/000000000000000000014a40/27/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/143f81/000000000000000000014a40/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: labs.detectify.com
URL: https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
881d772a176c749e14d84cf25d009f0df058066a1798ac894da3cfacf540b424

Request headers

Referer
https://labs.detectify.com/
Origin
https://labs.detectify.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:04:13 GMT
server
nginx
etag
"9eb6f2d6fc5498c8f83e6e2d042c442386ba5a88"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35752
en.json
cdn.cookielaw.org/consent/12502c33-9d3f-4160-9787-050cb6d0ca91/15d67750-28e8-4039-a415-d72499d15b6b/ 		76 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/12502c33-9d3f-4160-9787-050cb6d0ca91/15d67750-28e8-4039-a415-d72499d15b6b/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c748fd1549c5fe53a8cc0651a5e73484162ae81e51a1d953e3e354c01e90d2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Bi54I0WTuKZAAsMEmFV5gQ==
age
37736
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
16750
x-ms-lease-status
unlocked
last-modified
Wed, 29 Jun 2022 08:56:01 GMT
server
cloudflare
etag
0x8DA59AD30D83E54
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ae5bcc98-701e-0095-4957-90b9d5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77124735ae9a886b-LHR
expires
Tue, 29 Nov 2022 10:04:13 GMT
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCenterRounded.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
jJ92ugb3vTKmo4DWRdkKLw==
age
37736
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2612
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:49 GMT
server
cloudflare
etag
0x8DA6BAB4CB923B2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
96b9f016-701e-0034-7bac-9d774e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77124736e8dc886b-LHR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
fvP30c6fmdIqmF2AUGLdbQ==
age
37736
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13258
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:51 GMT
server
cloudflare
etag
0x8DA6BAB4DA69567
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
003d79e6-a01e-015f-16ac-9d6c4d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77124736e8e1886b-LHR
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.37.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/DFUXitcMJ2ll605wxeAsg==
age
37736
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:27:50 GMT
server
cloudflare
etag
0x8DA6BAB4D5C02AE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
77ee8a48-c01e-00a5-7fb0-9de3ff000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
77124736e8e2886b-LHR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.37.0/assets/ 		22 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.37.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
TLLtdkuMahUQRVIfmZNHNw==
age
37736
x-ms-lease-status
unlocked
last-modified
Fri, 22 Jul 2022 06:28:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
73c26b97-301e-0173-57b0-9dee70000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
77124736e8e3886b-LHR
p.gif
p.typekit.net/ 		35 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=tzo5nif&ht=tk&h=labs.detectify.com&f=15759.15760.15761.22737.22740&a=520577&js=1.21.0&app=typekit&e=js&_=1669629853390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

unused62
8096267
date
Mon, 28 Nov 2022 10:04:13 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
493 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.37.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
37736
x-ms-lease-status
unlocked
last-modified
Fri, 25 Nov 2022 09:17:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
9847d20b-501e-0168-7341-01c0e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
771247392d14886b-LHR
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://labs.detectify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 28 Nov 2022 10:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
39763
x-ms-lease-status
unlocked
last-modified
Fri, 25 Nov 2022 09:17:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
e9f1716b-f01e-0121-3032-01f382000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
77124739284cdcdb-LHR

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Typekit object| _wpemojiSettings undefined| $ function| jQuery boolean| PR_SHOULD_USE_CONTINUATION function| prettyPrintOne function| prettyPrintElem function| prettyPrint object| PR object| google_tag_manager object| google_tag_data object| Optanon object| OneTrust object| twemoji object| wp

1 Cookies

Domain/Path Name / Value
.detectify.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Nov+28+2022+10%3A04%3A13+GMT%2B0000+(GMT)&version=6.37.0&isIABGlobal=false&hosts=&consentId=325c3b19-bada-4b54-abff-c8c94630009e&interactionCount=0&landingPath=https%3A%2F%2Flabs.detectify.com%2F2014%2F10%2F21%2Fhostile-subdomain-takeover-using-herokugithubdesk-more%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
labs.detectify.com
labsdetectify.wpengine.com
p.typekit.net
use.typekit.net
www.googletagmanager.com
104.196.191.243
2606:4700::6810:9540
2606:4700::6812:1a55
2a00:1450:4001:80b::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
00690deca16b2a92633691a0b2dbcce98f48680fe0b2717bf91e074b5249c827
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c6fe4921b97e0ea0d8539aa19960a27a404a993949eb5a56cbb381478d89dac
17770d05051a8a4f270ba5bdf049b90cc166ac42bd4513f419308a5804d7a161
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
3a60515edb1d4731353d11bc1936a877ac3101cbe24f2a5fd3711e0ba0f7b2bc
427983bf4df560de5f4483b66589e4ca471177f7d61dde88410a325c30382c4e
45781771a95e51ea8c04de1c05790c612e80d6303e29e54be4dab70007efaa08
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4c36458c0c4f4b4f11f68633f973bba803435f48ab6ffb385c5c5468c0271668
4ff1a8e0a0a0e904ce1a092efab1600b68750e93cb4b5378d5740410dcd68d0b
52d19d23087cab4754d99e1b93eef0c81607dbe0e235928d00d0ec3e89fac2e0
54c09d17405fc079c641533fb989b284d6b25fe4a402017701cfbf0d22b31611
55d124e169614c9b4fdc130ed8f80eaab3fdf0b83ab55a55bab65fa1278aa15a
56e9aa1fa12c6d7ef288b7568d18d4e76c70eeaf7f169cabdda5bd5e3ae4b987
5a6ae246c866a46d3f05684141e346b8a307a216e05f2f5ac72aa88eec9c9b42
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61c16dfeb22d02ddbf5c8e30d305ad199979d7a7e2d6f8cab66f2cddf6a2c7dd
63a4306a05ad325868f376e75966ee349e8dc5d7ec95bdd9894b8c3f91e67a05
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
7295944e0067d71c5d5276d397dc0299afb519f277ba644aec0b96343e4185d1
78c9cebc76d62a5a034093ab926e177f1c304c0a673c923833a8fd7770b05920
793acec2f8d584b55d9921216da08fe25b3713efaf597d0f1bb257d99ab0eeb9
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
881d772a176c749e14d84cf25d009f0df058066a1798ac894da3cfacf540b424
8a285f297dcc122da30752e584a7352b29a82ce319cfefb1c79dc1044d4b80fd
8c748fd1549c5fe53a8cc0651a5e73484162ae81e51a1d953e3e354c01e90d2d
8df65c16e955a73528fdc581781364fd6059da9c7ffb7d9e84ebea9e34f894b6
92be4207cf44562a037e50ecaef3fad09c98c313c7771bb9cb4d5fd7e31470e0
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9cf491bf8f612a69eda6dab562fab711910729762f327ffb3cdfe98f17d8e096
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a6be5055a9d73556375ae3a2a4797d5445195ccc79817d94b2c042f432975efb
b0353d7ceb6b95d450a0cbe4c2fb7d53839a3f1b7832d53bd3bfd2da8b6d49db
b0d0a5021b71453efb69e19768232b13d3f385e81e6a4f41a4bae5e21f34dbd5
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bcfbcea42950c5e32722fb230626e4323b445e7b332d2f60562b17b87ef41bd7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0c36470d3b6f534495768bdd7ed92dbb0d6d8d1f3b7b69adba7153b68b90f35
c5df9a212b7e5b7678fbfc9faca25929f82e044d39de48186302f20a17497db1
c7e3a30ac845ce62f52949b04b14b0535db6f15ba4c693a907d11c1ae4a67365
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d94edd219d965011aa7c423435675f8fc3aba340d1d2a45840c88592b922dbf2
dbc2dc58ab6e0cfbcade44534efd0747d86ffacc856207a30202ef6b76198a34
e2adf55d07c4c8e4790cf2404f54551ee1609e2490df08356b95c4f4314a4587
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f15a612820ee6932e59908a502c52ea6370c7bacadec59a2153aed31ad876480