www.yassineaboukir.com Open in urlscan Pro
2606:50c0:8001::153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Effective URL:
https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Submission: On December 13 via api (December 13th 2021, 3:45:35 am UTC) from US — Scanned from DE

Summary HTTP 51 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 6 domains to perform 51 HTTP transactions. The main IP is 2606:50c0:8001::153, located in United States and belongs to FASTLY, US. The main domain is www.yassineaboukir.com.
TLS certificate: Issued by R3 on November 10th 2021. Valid for: 3 months.

This is the only time www.yassineaboukir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 6	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
7	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
20	2600:9000:205... 2600:9000:2057:aa00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
3	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:a30d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	199.232.192.64 199.232.192.64	54113 (FASTLY) (FASTLY)
51	10

6 185.199.110.153 (United States) 6 redirects

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

yassineaboukir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

www.yassineaboukir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

yassineaboukir.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:2057:aa00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a30d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.232.192.64 (United States)

ASN54113 (FASTLY, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	disquscdn.com c.disquscdn.com a.disquscdn.com	777 KB
16	disqus.com yassineaboukir.disqus.com disqus.com referrer.disqus.com links.services.disqus.com	111 KB
13	yassineaboukir.com 6 redirects yassineaboukir.com www.yassineaboukir.com	1 MB
2	viglink.com cdn.viglink.com	530 B
2	google-analytics.com www.google-analytics.com	20 KB
1	googleapis.com fonts.googleapis.com	1 KB
51	6

	Domain	Requested by
20	c.disquscdn.com	yassineaboukir.disqus.com disqus.com c.disquscdn.com
8	disqus.com	yassineaboukir.disqus.com c.disquscdn.com
7	www.yassineaboukir.com	www.yassineaboukir.com
6	yassineaboukir.com	6 redirects
4	links.services.disqus.com	c.disquscdn.com
3	a.disquscdn.com	c.disquscdn.com
2	cdn.viglink.com
2	referrer.disqus.com
2	www.google-analytics.com	www.yassineaboukir.com www.google-analytics.com
2	yassineaboukir.disqus.com	www.yassineaboukir.com yassineaboukir.disqus.com
1	fonts.googleapis.com	www.yassineaboukir.com
51	11

This site contains links to these domains. Also see Links.

Domain
www.crunchbase.com
blog.redbooth.com
teambox-redirect-to-new-blog.herokuapp.com
yassineaboukir.com
heroku.com
support.redbooth.com
labs.detectify.com
www.facebook.com
github.com
instagram.com
www.linkedin.com
www.twitter.com
youtube.com

Subject Issuer	Validity	Valid
www.yassineaboukir.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
a.disquscdn.com Amazon	`2021-10-31` - `2022-11-28`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Frame ID: E83D1F5F4D275541AEDE656933BA28CE
Requests: 34 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
Frame ID: 154AA34AAD71527197333D55BF8B4913
Requests: 17 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant
Frame ID: F64E0096076CB53608790950A89EE707
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Neglected DNS records exploited to takeover subdomains – Yassine Aboukir – Hacker & Application Security Consultant

Page URL History Show full URLs

http://yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/ HTTP 301
https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/ Page URL

Page Statistics

51
Requests

90 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

10
IPs

2
Countries

2326 kB
Transfer

3120 kB
Size

5
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.crunchbase.com/organization/redbooth
Title: https://www.crunchbase.com/organization/redbooth

Search URL Search Domain Scan URL

URL: http://blog.redbooth.com/
Title: blog.redbooth.com

Search URL Search Domain Scan URL

URL: http://teambox-redirect-to-new-blog.herokuapp.com/
Title: teambox-redirect-to-new-blog.herokuapp.com

Search URL Search Domain Scan URL

URL: https://yassineaboukir.com/wp-content/uploads/2015/02/1-1.png

Search URL Search Domain Scan URL

URL: http://heroku.com/
Title: Heroku.com

Search URL Search Domain Scan URL

URL: https://yassineaboukir.com/wp-content/uploads/2015/02/2-2.png

Search URL Search Domain Scan URL

URL: https://yassineaboukir.com/wp-content/uploads/2015/02/3-3.png

Search URL Search Domain Scan URL

URL: https://support.redbooth.com/
Title: https://support.redbooth.com/

Search URL Search Domain Scan URL

URL: https://yassineaboukir.com/wp-content/uploads/2015/02/4-4.png

Search URL Search Domain Scan URL

URL: https://labs.detectify.com/post/109964122636/hostile-subdomain-takeover-using
Title: https://labs.detectify.com/post/109964122636/hostile-subdomain-takeover-using

Search URL Search Domain Scan URL

URL: https://www.facebook.com/y.aboukir

Search URL Search Domain Scan URL

URL: https://github.com/yassineaboukir

Search URL Search Domain Scan URL

URL: https://instagram.com/yassine.jpeg

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/yaboukir

Search URL Search Domain Scan URL

URL: https://www.twitter.com/yassineaboukir

Search URL Search Domain Scan URL

URL: https://youtube.com/Yaaboukir

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/ HTTP 301
https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://yassineaboukir.com/wp-content/uploads/2012/04/Screenshot-2018-10-28-at-01.42.55.png HTTP 301
https://www.yassineaboukir.com/wp-content/uploads/2012/04/Screenshot-2018-10-28-at-01.42.55.png

Request Chain 3

https://yassineaboukir.com/wp-content/uploads/2015/02/1-1.png HTTP 301
https://www.yassineaboukir.com/wp-content/uploads/2015/02/1-1.png

Request Chain 4

https://yassineaboukir.com/wp-content/uploads/2015/02/2-2.png HTTP 301
https://www.yassineaboukir.com/wp-content/uploads/2015/02/2-2.png

Request Chain 5

https://yassineaboukir.com/wp-content/uploads/2015/02/3-3.png HTTP 301
https://www.yassineaboukir.com/wp-content/uploads/2015/02/3-3.png

Request Chain 6

https://yassineaboukir.com/wp-content/uploads/2015/02/4-4.png HTTP 301
https://www.yassineaboukir.com/wp-content/uploads/2015/02/4-4.png

51 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Redirect Chain

http://yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/

10 KB
4 KB

200ms
104ms

Document
text/html

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 0e0f72027dd2ca5459218b881f572760e98890cf659a30944a27d75ab63f57f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Thu, 25 Nov 2021 00:14:53 GMT
access-control-allow-origin: *
etag: W/"619ed57d-26b1"
expires: Mon, 13 Dec 2021 03:55:30 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3B04:F87A:BEDF3A:C59B5F:61B6C1DA
accept-ranges: bytes
date: Mon, 13 Dec 2021 03:45:30 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-fra19124-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1639367131.669910,VS0,VE97
vary: Accept-Encoding
x-fastly-request-id: 015fb2c9e5c6ab2d5115b34badb14a74b6461ed9
content-length: 3408

Redirect headers

Server: GitHub.com
Content-Type: text/html
Location: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
X-GitHub-Request-Id: 935E:BA7F:599B60:5E78A8:61B6C1DA
Content-Length: 162
Accept-Ranges: bytes
Date: Mon, 13 Dec 2021 03:45:30 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-fra19144-FRA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1639367130.482931,VS0,VE84
Vary: Accept-Encoding
X-Fastly-Request-ID: 71a06167fb8ce8cc83775b930b23a98220979545

GET
H2 200 style.css
www.yassineaboukir.com/ 62 KB
23 KB 97ms
97ms Stylesheet
text/css 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.yassineaboukir.com/style.css
Requested by: Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 5516b1bc058a46487bf05cfd2a492750c2b6f1351a77ab89352dd726b68914ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: c14d50ad954b738cc68194c5dbda3b785bddafd1
date: Mon, 13 Dec 2021 03:45:30 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 22957
x-served-by: cache-fra19124-FRA
access-control-allow-origin: *
last-modified: Thu, 25 Nov 2021 00:14:53 GMT
server: GitHub.com
x-github-request-id: 4CEA:D589:BE1C4B:C4BA89:61B6C1DA
x-timer: S1639367131.794709,VS0,VE91
etag: W/"619ed57d-f615"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Mon, 13 Dec 2021 03:55:30 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Mono|Roboto+Slab:300|Roboto:500

Requested by

Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0de78e0767264d8ef3b6826aaaf137f0ec7598d4a20e4f7c9d9213c40b5b8f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 03:45:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 13 Dec 2021 03:45:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Dec 2021 03:45:30 GMT

GET
H2

200

Screenshot-2018-10-28-at-01.42.55.png
www.yassineaboukir.com/wp-content/uploads/2012/04/
Redirect Chain

https://yassineaboukir.com/wp-content/uploads/2012/04/Screenshot-2018-10-28-at-01.42.55.png
https://www.yassineaboukir.com/wp-content/uploads/2012/04/Screenshot-2018-10-28-at-01.42.55.png

1 MB
1 MB

107ms
107ms

Image
image/png

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yassineaboukir.com/wp-content/uploads/2012/04/Screenshot-2018-10-28-at-01.42.55.png
Requested by: Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: b2210258d5b72042906644b1f441cd0b0bd074ad188b20be28cade1843ab89e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: adf782919e697487c8018d03fceb6b34a0e858cf
date: Mon, 13 Dec 2021 03:45:31 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 1338786
x-served-by: cache-fra19124-FRA
last-modified: Thu, 25 Nov 2021 00:14:47 GMT
server: GitHub.com
x-github-request-id: 6F16:7536:C28D1E:C947C8:61B6C1DA
x-timer: S1639367131.927887,VS0,VE98
etag: "619ed577-146da2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Mon, 13 Dec 2021 03:55:30 GMT

Redirect headers

x-fastly-request-id: a190ae31093d02c3d3c9522a8f49f93b71d9fee0
date: Mon, 13 Dec 2021 03:45:30 GMT
via: 1.1 varnish
server: GitHub.com
x-github-request-id: 4CFE:A47D:BB9AE1:C23832:61B6C1DA
age: 0
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
location: https://www.yassineaboukir.com/wp-content/uploads/2012/04/Screenshot-2018-10-28-at-01.42.55.png
accept-ranges: bytes
x-timer: S1639367131.814225,VS0,VE84
content-length: 162
x-cache-hits: 0

GET
H2

200

1-1.png
www.yassineaboukir.com/wp-content/uploads/2015/02/
Redirect Chain

https://yassineaboukir.com/wp-content/uploads/2015/02/1-1.png
https://www.yassineaboukir.com/wp-content/uploads/2015/02/1-1.png

14 KB
14 KB

94ms
94ms

Image
image/png

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yassineaboukir.com/wp-content/uploads/2015/02/1-1.png
Requested by: Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: f912ae31977ea6ea67f4666718e966f10a9efa06f48700900e2f7e6d53b5d8d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 371c0c4c8bf141bc81c6af044ab33791adab2147
date: Mon, 13 Dec 2021 03:45:31 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 14196
x-served-by: cache-fra19124-FRA
last-modified: Thu, 25 Nov 2021 00:14:47 GMT
server: GitHub.com
x-github-request-id: 839C:8F1E:58F36E:5DD1F5:61B6C1DA
x-timer: S1639367131.927529,VS0,VE88
etag: "619ed577-3774"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Mon, 13 Dec 2021 03:55:30 GMT

Redirect headers

x-fastly-request-id: 50b6a6ece78bb90347b02ad6080df6c208be8fc4
date: Mon, 13 Dec 2021 03:45:30 GMT
via: 1.1 varnish
server: GitHub.com
x-github-request-id: C594:D589:BE1C4B:C4BA8A:61B6C1DA
age: 0
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
location: https://www.yassineaboukir.com/wp-content/uploads/2015/02/1-1.png
accept-ranges: bytes
x-timer: S1639367131.814281,VS0,VE84
content-length: 162
x-cache-hits: 0

GET
H2

200

2-2.png
www.yassineaboukir.com/wp-content/uploads/2015/02/
Redirect Chain

https://yassineaboukir.com/wp-content/uploads/2015/02/2-2.png
https://www.yassineaboukir.com/wp-content/uploads/2015/02/2-2.png

28 KB
28 KB

97ms
96ms

Image
image/png

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yassineaboukir.com/wp-content/uploads/2015/02/2-2.png
Requested by: Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 3ed1295002f7594871c6e8cb42599dc61156ecd948d596ec18983ba1b223fbfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: f770dea501f81207650202aa6c4fec5da0f50012
date: Mon, 13 Dec 2021 03:45:31 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 28576
x-served-by: cache-fra19124-FRA
last-modified: Thu, 25 Nov 2021 00:14:47 GMT
server: GitHub.com
x-github-request-id: BC58:4B16:336EE5:3535E7:61B6C1DA
x-timer: S1639367131.927410,VS0,VE89
etag: "619ed577-6fa0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Mon, 13 Dec 2021 03:55:30 GMT

Redirect headers

x-fastly-request-id: ea9ab2d61bb078e46e61d97a4dc3d8250ef11089
date: Mon, 13 Dec 2021 03:45:30 GMT
via: 1.1 varnish
server: GitHub.com
x-github-request-id: 9032:D1F0:BAC08F:C15A69:61B6C1DA
age: 0
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
location: https://www.yassineaboukir.com/wp-content/uploads/2015/02/2-2.png
accept-ranges: bytes
x-timer: S1639367131.814350,VS0,VE83
content-length: 162
x-cache-hits: 0

GET
H2

200

3-3.png
www.yassineaboukir.com/wp-content/uploads/2015/02/
Redirect Chain

https://yassineaboukir.com/wp-content/uploads/2015/02/3-3.png
https://www.yassineaboukir.com/wp-content/uploads/2015/02/3-3.png

10 KB
10 KB

95ms
94ms

Image
image/png

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yassineaboukir.com/wp-content/uploads/2015/02/3-3.png
Requested by: Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 138ad0cd7a094c46d564c9762d3a861c925dcf15740374931745db55ed31b83e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: b1f953027c51208418e2a8dcd92221fae39ca35c
date: Mon, 13 Dec 2021 03:45:31 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 10444
x-served-by: cache-fra19124-FRA
last-modified: Thu, 25 Nov 2021 00:14:47 GMT
server: GitHub.com
x-github-request-id: 9D2C:5F4C:886B3:C0218:61B6C1DA
x-timer: S1639367131.928181,VS0,VE88
etag: "619ed577-28cc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Mon, 13 Dec 2021 03:55:30 GMT

Redirect headers

x-fastly-request-id: b3f42b3ec93e8f782943182cdb79bbec121ad977
date: Mon, 13 Dec 2021 03:45:30 GMT
via: 1.1 varnish
server: GitHub.com
x-github-request-id: 9948:4B15:17F90D:194195:61B6C1DA
age: 0
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
location: https://www.yassineaboukir.com/wp-content/uploads/2015/02/3-3.png
accept-ranges: bytes
x-timer: S1639367131.814394,VS0,VE84
content-length: 162
x-cache-hits: 0

GET
H2

200

4-4.png
www.yassineaboukir.com/wp-content/uploads/2015/02/
Redirect Chain

https://yassineaboukir.com/wp-content/uploads/2015/02/4-4.png
https://www.yassineaboukir.com/wp-content/uploads/2015/02/4-4.png

30 KB
30 KB

101ms
100ms

Image
image/png

2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yassineaboukir.com/wp-content/uploads/2015/02/4-4.png
Requested by: Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/
Protocol: H2
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 5c7e4ae9bf675c45b87c53f199bbf8cb9ae8d6a6747b303e304bee211969624f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 52e7cf015f99a4595396bd499ec6a0b6cbab1343
date: Mon, 13 Dec 2021 03:45:31 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-cache-hits: 0
content-length: 30267
x-served-by: cache-fra19124-FRA
last-modified: Thu, 25 Nov 2021 00:14:47 GMT
server: GitHub.com
x-github-request-id: 487A:A47C:5C13DC:60F6AB:61B6C1DA
x-timer: S1639367131.928658,VS0,VE88
etag: "619ed577-763b"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
expires: Mon, 13 Dec 2021 03:55:30 GMT

Redirect headers

x-fastly-request-id: e3a9698f0ce1874a045fa7f83dcf83041835bc64
date: Mon, 13 Dec 2021 03:45:30 GMT
via: 1.1 varnish
server: GitHub.com
x-github-request-id: 2916:5F4E:6288BE:67817C:61B6C1DA
age: 0
x-served-by: cache-fra19130-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/html
location: https://www.yassineaboukir.com/wp-content/uploads/2015/02/4-4.png
accept-ranges: bytes
x-timer: S1639367131.814438,VS0,VE88
content-length: 162
x-cache-hits: 0

GET
H/1.1 200
OK embed.js Show response
yassineaboukir.disqus.com/ 74 KB
24 KB 213ms
177ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://yassineaboukir.disqus.com/embed.js

Requested by

Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

329d0c66a105f81bf3a9f45d260d22bfc8da9792d4e4da26c67e923df6a015c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24581
Cross-Origin-Resource-Policy: cross-origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.yassineaboukir.com
URL: https://www.yassineaboukir.com/blog/neglected-dns-records-exploited-to-takeover-subdomains/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 636
date: Mon, 13 Dec 2021 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 13 Dec 2021 05:34:54 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb0d57dd34ef7aeaca8e216978f08a98133497e9b9c27b5f430eff87d51cb934

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c556d31a4e68362f14119ab3f99def3ae1fbcf3f43fd1deba622511758242e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce087f1d38e538eee6a5084654d66a9c7b70025f2fb04a6885aab962250ea6fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b69e7a21552fc6b14d0faf4c60d5c9799ba8477426eb1533d76a6c6d5dca83dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3960b7858957eeade28addd3ae652d325d1e55f0339a501914ec6c0fd622a034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be659f0e130aafc1fd04b1da193ff4a89da8aa0c7486238bea79f33343cbc4cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea07848b95b996e50ef887e2df00c6b827bf709d73b78a3700df799e43d638de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=472871532&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&dp=%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&ul=en-us&de=UTF-8&dt=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2104924889&gjid=732539542&cid=699882474.1639367131&tid=UA-146028141-1&_gid=62953794.1639367131&_r=1&_slc=1&z=1078537041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.yassineaboukir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 03:45:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.yassineaboukir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 65ms
8ms Other
text/css 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447504
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: FBWnSnvt_ZEmp8tCmIlbgPUF5-dVeB6sYKExdheeUxUMs4rszye1Ag==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js
c.disquscdn.com/next/embed/ 0
93 KB 70ms
13ms Other
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4194001
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: O1uOUn3vgA-t-N1g6jGLwq4Ut9YjBud9q8jFrXbAw2tQ9v7XyZ_zcw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js
c.disquscdn.com/next/embed/ 0
121 KB 81ms
24ms Other
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447504
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: l0NgODWR68RIKxGGrikyvHZBrjBZUu4WCKGWUmL1qcaxAw-RmPuIjQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
15 KB 46ms
6ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 10
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
yassineaboukir.disqus.com/ 63 KB
21 KB 115ms
115ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://yassineaboukir.disqus.com/recommendations.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

6f0ab1fd5eb000b26bcde16b2cdc00a40df8078e0d64e8dcedfa9bbb06550960

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router_gunicorn
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20895
Cross-Origin-Resource-Policy: cross-origin

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 154A 18 KB
6 KB 200ms
200ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c64d4f2d48a20fc27fe2407d01810d37dc79265ed9e0f1fb3c3a75a275b85fdb

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/

Response headers

Connection: keep-alive
Content-Length: 4765
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Wed, 14 Aug 2019 09:01:39 GMT
ETag: W/"lounge:view:7389455772.912799bf6cd546c580a2284217f1d0e8.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Mon, 13 Dec 2021 03:45:31 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ 0
3 KB 8ms
8ms Other
text/css 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4774926
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: LnNsqw3QTo_ppnfirxrwuE1L9_pAK5XiM1lAjL7osFSabOTK3SM56g==
x-cache-hits: 0

GET
H2 200 common.bundle.6c6defcc206edabe5048d82459ee0a0e.js
c.disquscdn.com/next/recommendations/ 0
87 KB 10ms
9ms Other
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4774926
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: vzr-qTKUDbb04JbjFZQ7JPYDp6OxJdnUcpfGNLMEcWMxR6rRRxIJUQ==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js
c.disquscdn.com/next/recommendations/ 0
20 KB 18ms
17ms Other
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5383188
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 0DAsW5fZzuLIU3G0GXn2gGQlh76svL8LdrupTwrChnYuh9eC3fkPmg==
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame F64E 5 KB
3 KB 126ms
112ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a9820458bb44d4dce69f4dd991a9a9742f2317739232d200e04c53a2363309c5

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/

Response headers

Connection: keep-alive
Content-Length: 2300
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 13 Aug 2019 01:34:33 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Mon, 13 Dec 2021 03:45:31 GMT
Age: 0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.9068118211410bc5f67f5bb8d6806cba.js Show response
c.disquscdn.com/next/embed/ Frame 154A 958 B
1 KB 27ms
11ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447504
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 494
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1ee"
content-type: application/javascript; charset=utf-8
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: RqQnIwcNr7OYTOvJwy6jrP59-BqfDWnloYFtrSuimop74IGSebVDDQ==
x-cache-hits: 0

GET
H2 200 common.bundle.2f2f40d40785c9541a90e9086c8770a3.js Show response
c.disquscdn.com/next/embed/ Frame 154A 282 KB
93 KB 9ms
9ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9068118211410bc5f67f5bb8d6806cba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 14:45:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4194001
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 94779
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Fri, 22 Oct 2021 00:26:02 GMT
server: nginx
etag: "6172051a-1723b"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 25 Oct 2022 14:45:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: XtFWEHnE7Jx2X5-HPAUPVkCrSUS33pHA1kuVdIXfVYK4BOVN4MU-4Q==
x-cache-hits: 0

GET
H2 200 lounge.7ab903feba7624935283ca4c7d8c7203.css
c.disquscdn.com/next/embed/styles/ Frame 154A 165 KB
26 KB 10ms
8ms Stylesheet
text/css 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447504
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 26065
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-65d1"
content-type: text/css; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: BqTIvlwjRFMOLLI2iKPxBe4w1q3P8p2ZSm86Qp43OvrNncRACs2eeA==
x-cache-hits: 0

GET
H2 200 recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js Show response
c.disquscdn.com/next/recommendations/ Frame F64E 923 B
1018 B 11ms
9ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4774925
x-cache: Hit from cloudfront
content-length: 446
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-1be"
content-type: application/javascript; charset=utf-8
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: HWuH6PvQO6BSlhB6wipTrSasUFOd1OD3YIqUkgL2W8JZb20E5jF8cQ==
x-cache-hits: 0

GET
H2 200 lounge.bundle.920cdf639b386b42eddc25a8b2755561.js Show response
c.disquscdn.com/next/embed/ Frame 154A 475 KB
121 KB 12ms
11ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 23:27:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447504
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 122873
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 07 Dec 2021 22:32:35 GMT
server: nginx
etag: "61afe103-1dff9"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Wed, 07 Dec 2022 23:27:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: WWf_CzaGnrWDaqu5mJRGSff4CsLRwOiEd-CN7qF-PLtIr21szyLq3w==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 154A 14 KB
15 KB 15ms
15ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 10
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H2 200 common.bundle.6c6defcc206edabe5048d82459ee0a0e.js Show response
c.disquscdn.com/next/recommendations/ Frame F64E 262 KB
87 KB 15ms
15ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.42dfcc5041eed24b84f85a10a88fa215.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4774926
x-cache: Hit from cloudfront
content-length: 88862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-15b1e"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: AeiK_ARZLN7fQPMfeI9wqnrUtpJBc7xfSTuLVimStD51fjOCXe6u_Q==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 154A 3 KB
3 KB 113ms
113ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=yassineaboukir&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.2f2f40d40785c9541a90e9086c8770a3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

92f34c8b7ca13a232c874f23c6eddb5526477fbee3473440867a159d36107c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3112
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1638827995/images/ Frame 154A 2 KB
2 KB 39ms
6ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1638827995/images/noavatar92.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:45:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 450690
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 2LY82J9qCa_-WIZlRzBRDCqFd9d4zRrWEaprVHFbKcwbcpLZkyYaqg==
expires: Thu, 06 Jan 2022 22:34:02 GMT

GET
DATA 200
OK truncated
/ Frame 154A 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 8ms
8ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: yassineaboukir.disqus.com
URL: https://yassineaboukir.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19138801
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: 6_ifwJwJOH0tG_hRpoe8WKVAxIDkDGA9MFpjPdwVrvh5LG3q61MoMA==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 154A 13 KB
13 KB 16ms
7ms Image
image/svg+xml 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19746470
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Sb0rxxHGr7n499SNrjM9dLyU13n6Pg363-rQf9SghelQRDOgshAoSw==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 154A 3 KB
3 KB 12ms
7ms Image
image/gif 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 27038844
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9hsrqCkVQgyeihXtiPryN22Hx6nh1HZcOoX8VOV129VFOPE1Yuh6Sw==
x-cache-hits: 0

GET
H2 200 sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 154A 2 KB
2 KB 11ms
7ms Image
image/png 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:47:48 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7027063
x-cache: Hit from cloudfront
content-length: 1763
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 22 Sep 2021 19:30:27 GMT
server: nginx
etag: "614b8453-6e3"
content-type: image/png
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 19:47:48 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 31tvZS0HxI-5JGB-76omZqdn1uuj7zdwG9CxzCCjDw0VEE3hCRtwgw==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 154A 8 KB
8 KB 10ms
8ms Font
application/octet-stream 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
Origin: https://disqus.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:58:18 GMT
via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8876833
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Tue, 24 Aug 2021 21:06:44 GMT
server: nginx
etag: "61255f64-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Thu, 01 Sep 2022 09:58:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: loQawyMYp2_jkqKh0CF6m4b6j1tq-UYKI42geKOAtfufk_zJ-IKC1g==
x-cache-hits: 0

GET
H2 200 recommendations.10022a97346f1c6e3798931bbd8e4bb5.css
c.disquscdn.com/next/recommendations/styles/ Frame F64E 14 KB
3 KB 9ms
9ms Stylesheet
text/css 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.10022a97346f1c6e3798931bbd8e4bb5.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 21:23:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4774926
x-cache: Hit from cloudfront
content-length: 2978
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 18 Oct 2021 21:05:37 GMT
server: nginx
etag: "616de1a1-ba2"
content-type: text/css; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 18 Oct 2022 21:23:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Dn9znFA-519AxCk3sl3O-vXrV3IfG6gK70dZB16mjLiEzER9jc-wvg==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1638827995/images/ Frame 154A 2 KB
2 KB 6ms
6ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1638827995/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:45:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 450690
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 2LY82J9qCa_-WIZlRzBRDCqFd9d4zRrWEaprVHFbKcwbcpLZkyYaqg==
expires: Thu, 06 Jan 2022 22:34:02 GMT

GET
H2 200 recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js Show response
c.disquscdn.com/next/recommendations/ Frame F64E 65 KB
20 KB 14ms
14ms Script
application/javascript 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.926bc472e4859a48daa346b4ba2ab4f4.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 20:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5383188
x-cache: Hit from cloudfront
content-length: 20244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 11 Oct 2021 20:15:56 GMT
server: nginx
etag: "61649b7c-4f14"
content-type: application/javascript; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
expires: Tue, 11 Oct 2022 20:25:43 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
timing-allow-origin: *
x-amz-cf-id: Pj9VmAu7tZ9DLO9SLayVIMpqZJ-XTqA2l4F9zMGkmHJ8mI4qDV6V0A==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame F64E 14 KB
15 KB 12ms
12ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/recommendations/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 10
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 14500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 154A 43 B
339 B 129ms
98ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=184&event=init_embed&thread=7389455772&forum=yassineaboukir&forum_id=5779649&imp=8lndd62nop56n&thread_slug=neglected_dns_records_exploited_to_takeover_subdomains&user_type=anon&referrer=https%3A%2F%2Fwww.yassineaboukir.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
428 B 57ms
16ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=0.43711692068995966
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:45:31 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 6
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6bcc333e68996993-FRA
x-amz-request-id: PRWRG3QYDH9YWHTE
x-amz-id-2: gfRATvbujnOBmnaE036SleuMrB1J3wYii8FL2ug/NqP3Y1VaN+G8mIF/uoZEbuIpjItbtXD/Qe8=

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 57ms
17ms Image
image/gif 2606:4700::6810:a30d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=0.43711692068995966
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a30d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:45:31 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 6
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6bcc333e689a6993-FRA
x-amz-request-id: PRWRG3QYDH9YWHTE
x-amz-id-2: gfRATvbujnOBmnaE036SleuMrB1J3wYii8FL2ug/NqP3Y1VaN+G8mIF/uoZEbuIpjItbtXD/Qe8=

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 154A 13 KB
13 KB 9ms
8ms Image
image/svg+xml 2600:9000:2057:aa00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:aa00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7ab903feba7624935283ca4c7d8c7203.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 19746470
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6JbX-g-lkzVe5do5hPG_C6lkPwJzFvfPLphHSDebL_jaeb4F1t2vqA==
x-cache-hits: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1638827995/images/ Frame 154A 2 KB
2 KB 16ms
15ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1638827995/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.920cdf639b386b42eddc25a8b2755561.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://disqus.com/embed/comments/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 03:45:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 450690
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
content-length: 1644
x-amz-cf-id: 2LY82J9qCa_-WIZlRzBRDCqFd9d4zRrWEaprVHFbKcwbcpLZkyYaqg==
expires: Thu, 06 Jan 2022 22:34:02 GMT

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame F64E 3 KB
3 KB 7ms
7ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=yassineaboukir&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

92f34c8b7ca13a232c874f23c6eddb5526477fbee3473440867a159d36107c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3112
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame F64E 1 KB
2 KB 172ms
172ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=yassineaboukir&thread=url%3Ahttps%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.6c6defcc206edabe5048d82459ee0a0e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d37d940e04c0751ccb807003c3e2a90240ce1713084ce92132840707d56760a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=yassineaboukir&t_u=https%3A%2F%2Fwww.yassineaboukir.com%2Fblog%2Fneglected-dns-records-exploited-to-takeover-subdomains%2F&t_d=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant&t_t=Neglected%20DNS%20records%20exploited%20to%20takeover%20subdomains%20%E2%80%93%20Yassine%20Aboukir%20%E2%80%93%20Hacker%20%26%20Application%20Security%20Consultant
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 1359
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
339 B 95ms
95ms Image
image/gif 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=failed_recommendations.server.undefined

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 03:45:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 300 B
740 B 82ms
54ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 21acdf9870a6a192a278ce48edde765a1125a5cf09723a95a20320e44a89d630

Request headers

Referer: https://www.yassineaboukir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 03:45:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.yassineaboukir.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 300
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 33ms
33ms Image
image/gif 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.yassineaboukir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 03:45:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 76 B
515 B 83ms
71ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5f0f235e87459f24ce3a9b5217eb68e7f58413af2434bda801300944855fb624

Request headers

Referer: https://www.yassineaboukir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 03:45:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.yassineaboukir.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 76
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 42 B
481 B 48ms
35ms XHR
text/javascript 199.232.192.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: b20dacadb8519d7568084f1a8ff0fb0295be119ddfbff65c7fb0b43c1cdb1449

Request headers

Referer: https://www.yassineaboukir.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 03:45:32 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.yassineaboukir.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yassineaboukir.com/	1970-01-20 16:53:59	Name: _ga Value: GA1.2.699882474.1639367131
.yassineaboukir.com/	1970-01-19 23:24:13	Name: _gid Value: GA1.2.62953794.1639367131
.yassineaboukir.com/	1970-01-19 23:22:47	Name: _gat Value: 1
disqus.com/	1970-01-19 23:22:48	Name: __jid Value: 8lndce73sjnscl
.disqus.com/	1970-01-20 08:08:23	Name: disqus_unique Value: 8lndceu3ul8sk8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
c.disquscdn.com
cdn.viglink.com
disqus.com
fonts.googleapis.com
links.services.disqus.com
referrer.disqus.com
www.google-analytics.com
www.yassineaboukir.com
yassineaboukir.com
yassineaboukir.disqus.com
151.101.0.134
185.199.110.153
199.232.192.64
199.232.196.134
199.232.198.49
2600:9000:2057:aa00:6:8656:f5c0:93a1
2606:4700::6810:a30d
2606:50c0:8001::153
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
01b1844125589a15317239014be029ba024bc0d6e059222bc99bd913a82ecb88
0376879a45be95f1d718c2a90d0b35986973e87d6f4c790b4c7046343464b72a
0de78e0767264d8ef3b6826aaaf137f0ec7598d4a20e4f7c9d9213c40b5b8f7b
0e0f72027dd2ca5459218b881f572760e98890cf659a30944a27d75ab63f57f2
138ad0cd7a094c46d564c9762d3a861c925dcf15740374931745db55ed31b83e
21acdf9870a6a192a278ce48edde765a1125a5cf09723a95a20320e44a89d630
2c556d31a4e68362f14119ab3f99def3ae1fbcf3f43fd1deba622511758242e7
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
329d0c66a105f81bf3a9f45d260d22bfc8da9792d4e4da26c67e923df6a015c3
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3960b7858957eeade28addd3ae652d325d1e55f0339a501914ec6c0fd622a034
3ed1295002f7594871c6e8cb42599dc61156ecd948d596ec18983ba1b223fbfc
3eee15d11eb29b6f2258cabfeeca39b3b900a7cae96fc7919b27789f3470b9f9
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4d958aa0fe56b2c9ef407522721c72a3f0ac4f0ae063a2e2d05c134b7a79fa85
5516b1bc058a46487bf05cfd2a492750c2b6f1351a77ab89352dd726b68914ad
5c7e4ae9bf675c45b87c53f199bbf8cb9ae8d6a6747b303e304bee211969624f
5f0f235e87459f24ce3a9b5217eb68e7f58413af2434bda801300944855fb624
5fae79754e7af92e6afadc3060797e3d35188221e60d63d0625f66cf921e7ebb
6f0ab1fd5eb000b26bcde16b2cdc00a40df8078e0d64e8dcedfa9bbb06550960
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
92f34c8b7ca13a232c874f23c6eddb5526477fbee3473440867a159d36107c9e
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9f05592df6a80686d7216adbbc60dd18c978741182ed9e09a863de7374931f0e
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9820458bb44d4dce69f4dd991a9a9742f2317739232d200e04c53a2363309c5
b20dacadb8519d7568084f1a8ff0fb0295be119ddfbff65c7fb0b43c1cdb1449
b2210258d5b72042906644b1f441cd0b0bd074ad188b20be28cade1843ab89e9
b69e7a21552fc6b14d0faf4c60d5c9799ba8477426eb1533d76a6c6d5dca83dd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be659f0e130aafc1fd04b1da193ff4a89da8aa0c7486238bea79f33343cbc4cb
c64d4f2d48a20fc27fe2407d01810d37dc79265ed9e0f1fb3c3a75a275b85fdb
ce087f1d38e538eee6a5084654d66a9c7b70025f2fb04a6885aab962250ea6fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d37d940e04c0751ccb807003c3e2a90240ce1713084ce92132840707d56760a7
dbffe4825c6ba1f19ff48607381ad4384b0609b64998830502c130f00abe887d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea07848b95b996e50ef887e2df00c6b827bf709d73b78a3700df799e43d638de
eb0d57dd34ef7aeaca8e216978f08a98133497e9b9c27b5f430eff87d51cb934
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f2bfdbf7d2df8d37016a17d53674d2799bb77996a763bf2bee8b1f604dd31a9f
f8b30a2aaa19326c2f546b8e22134512c9e5486fa6fec2f0d1c8ca2bbc8acb04
f912ae31977ea6ea67f4666718e966f10a9efa06f48700900e2f7e6d53b5d8d5

www.yassineaboukir.com Open in urlscan Pro 2606:50c0:8001::153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

51 Requests

90 %HTTPS

50 %IPv6

6 Domains

11 Subdomains

10 IPs

2 Countries

2326 kBTransfer

3120 kBSize

5 Cookies

16 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.yassineaboukir.com Open in urlscan Pro
2606:50c0:8001::153 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

90 %
HTTPS

50 %
IPv6

6
Domains

11
Subdomains

10
IPs

2
Countries

2326 kB
Transfer

3120 kB
Size

5
Cookies

51 HTTP transactions
8 data transactions