infosecwriteups.com Open in urlscan Pro
162.159.153.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
Effective URL:
https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a
Submission: On October 17 via api (October 17th 2024, 5:54:43 am UTC) from RU — Scanned from US

Summary HTTP 73 Redirects Links 70 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 73 HTTP transactions. The main IP is 162.159.153.4, located in and belongs to CLOUDFLARENET, US. The main domain is infosecwriteups.com.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.

This is the only time infosecwriteups.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 18	162.159.153.4 162.159.153.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700:7::... 2606:4700:7::a29f:9904	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2606:4700:7::... 2606:4700:7::a29f:9804	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c02::63	15169 (GOOGLE) (GOOGLE)
1	3.171.139.39 3.171.139.39	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:400d:c0f::5e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:24f... 2600:9000:24f1:3800:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:251... 2600:9000:2512:6600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:400d:c02::68	15169 (GOOGLE) (GOOGLE)
73	11

18 162.159.153.4 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

infosecwriteups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:7::a29f:9904 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2606:4700:7::a29f:9804 (United States)

ASN13335 (CLOUDFLARENET, US)

glyph.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
miro.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-client.medium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::63 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.171.139.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-39.jfk52.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0f::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:3800:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2512:6600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::68 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	medium.com 1 redirects medium.com — Cisco Umbrella Rank: 12033 glyph.medium.com — Cisco Umbrella Rank: 24777 miro.medium.com — Cisco Umbrella Rank: 16623 cdn-client.medium.com — Cisco Umbrella Rank: 26576	1 MB
18	infosecwriteups.com 2 redirects infosecwriteups.com	53 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 958 api2.branch.io — Cisco Umbrella Rank: 1350	24 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	app.link app.link — Cisco Umbrella Rank: 2197	634 B
1	gstatic.com www.gstatic.com	216 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
73	8

	Domain	Requested by
36	cdn-client.medium.com	infosecwriteups.com cdn-client.medium.com
18	infosecwriteups.com	2 redirects cdn-client.medium.com infosecwriteups.com
8	glyph.medium.com	glyph.medium.com
4	miro.medium.com	infosecwriteups.com
2	api2.branch.io	cdn-client.medium.com
2	www.google.com	cdn-client.medium.com www.gstatic.com
1	app.link	cdn.branch.io
1	www.gstatic.com	www.google.com
1	cdn.branch.io	infosecwriteups.com
1	static.cloudflareinsights.com	infosecwriteups.com
1	medium.com	1 redirects
0	www.googletagmanager.com Failed	cdn-client.medium.com
73	12

This site contains links to these domains. Also see Links.

Domain
rsci.app.link
medium.com
github.com
www.fastly.com
next.redacted.com
twitter.com
www.linkedin.com
weekly.infosecwriteups.com
imavropoulos.medium.com
osintteam.blog
help.medium.com
medium.statuspage.io
blog.medium.com
policy.medium.com
speechify.com

Subject Issuer	Validity	Valid
infosecwriteups.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
medium.com Cloudflare Inc ECC CA-3	`2024-02-16` - `2024-12-31`	a year	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M03	`2024-08-11` - `2025-09-09`	a year	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
appipv4.link Amazon RSA 2048 M03	`2024-03-25` - `2025-04-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a
Frame ID: AD59012268C929268A8C51CDD6371CF5
Requests: 70 HTTP requests in this frame

Frame: https://infosecwriteups.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 71F5812A107387A7129522EED7B5A674
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly9pbmZvc2Vjd3JpdGV1cHMuY29tOjQ0Mw..&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=4zl89te77fwf
Frame ID: C3883BE9A5443815C9663350E5648184
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fastly Subdomain Takeover $2000 - Bug Bounty Writeup | InfoSec Write-ups

Page URL History Show full URLs

https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ffastly-s... HTTP 307
https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

73
Requests

97 %
HTTPS

80 %
IPv6

8
Domains

12
Subdomains

11
IPs

2
Countries

1353 kB
Transfer

3629 kB
Size

9
Cookies

70 Outgoing links

These are links going to different origins than the main page.

URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F217bb180730f&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderCollection&source=---two_column_layout_nav----------------------------------
Title: Open in app

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign up

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&source=post_page---two_column_layout_nav-----------------------global_nav-----------
Title: Sign in

Search URL Search Domain Scan URL

URL: https://medium.com/?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fnew-story&source=---two_column_layout_nav-----------------------new_post_topnav-----------
Title: Write

Search URL Search Domain Scan URL

URL: https://medium.com/search?source=---two_column_layout_nav----------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/@valluvarsploit?source=post_page-----217bb180730f--------------------------------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F5e2bf957aea1&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&user=ValluvarSploit&userId=5e2bf957aea1&source=post_page-5e2bf957aea1----217bb180730f---------------------post_header-----------
Title: Follow

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fbugbountywriteup%2F217bb180730f&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&user=ValluvarSploit&userId=5e2bf957aea1&source=-----217bb180730f---------------------clap_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F217bb180730f&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&source=-----217bb180730f---------------------bookmark_footer-----------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2Fplans%3Fdimension%3Dpost_audio_button%26postId%3D217bb180730f&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&source=-----217bb180730f---------------------post_audio_button-----------
Title: Listen

Search URL Search Domain Scan URL

URL: https://github.com/OWASP/Amass
Title: OWASP Amass

Search URL Search Domain Scan URL

URL: https://github.com/OJ/gobuster
Title: Gobuster

Search URL Search Domain Scan URL

URL: https://github.com/tomnomnom/anew
Title: Anew

Search URL Search Domain Scan URL

URL: https://github.com/projectdiscovery/httpx
Title: HTTPX

Search URL Search Domain Scan URL

URL: https://www.fastly.com/
Title: fastly.com

Search URL Search Domain Scan URL

URL: http://next.redacted.com/index.html%60
Title: http://next.redacted.com/index.html

Search URL Search Domain Scan URL

URL: https://twitter.com/ValluvarSploit
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/alexandar-t-345230220
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://weekly.infosecwriteups.com/
Title: Join our weekly newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&source=---post_footer_upsell--217bb180730f---------------------lo_non_moc_upsell-----------
Title: Sign up for free

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fmedium.com%2Fplans&source=---post_footer_upsell--217bb180730f---------------------lo_non_moc_upsell-----------
Title: Try for $5/month

Search URL Search Domain Scan URL

URL: https://medium.com/tag/bug-bounty?source=post_page-----217bb180730f--------------------------------
Title: Bug Bounty

Search URL Search Domain Scan URL

URL: https://medium.com/tag/bug-bounty-tips?source=post_page-----217bb180730f--------------------------------
Title: Bug Bounty Tips

Search URL Search Domain Scan URL

URL: https://medium.com/tag/web-security?source=post_page-----217bb180730f--------------------------------
Title: Web Security

Search URL Search Domain Scan URL

URL: https://medium.com/tag/bug-bounty-writeup?source=post_page-----217bb180730f--------------------------------
Title: Bug Bounty Writeup

Search URL Search Domain Scan URL

URL: https://medium.com/tag/penetration-testing?source=post_page-----217bb180730f--------------------------------
Title: Penetration Testing

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fsubscriptions%2Fnewsletters%2F1dd9338a904c&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f&newsletterV3=5e2bf957aea1&newsletterV3Id=1dd9338a904c&user=ValluvarSploit&userId=5e2bf957aea1&source=-----217bb180730f---------------------subscribe_user-----------

Search URL Search Domain Scan URL

URL: https://medium.com/@valluvarsploit/followers?source=post_page-----217bb180730f--------------------------------
Title: 346 Followers

Search URL Search Domain Scan URL

URL: https://medium.com/@SatyamPathania?source=author_recirc-----217bb180730f----0---------------------72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Ff7c3843b06b7&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fsecret-linux-commands-the-ones-your-teacher-never-told-you-about-f7c3843b06b7&source=-----217bb180730f----0-----------------bookmark_preview----72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/@sathyaprakashsahoo?source=author_recirc-----217bb180730f----1---------------------72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F38cc301e4bbf&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fheres-why-i-don-t-suggest-people-to-get-into-cybersecurity-38cc301e4bbf&source=-----217bb180730f----1-----------------bookmark_preview----72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/@SatyamPathania?source=author_recirc-----217bb180730f----2---------------------72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Ffaaca1dda42b&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fhow-to-actually-learn-hacking-in-2024-25-a-practical-guide-faaca1dda42b&source=-----217bb180730f----2-----------------bookmark_preview----72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://imavropoulos.medium.com/?source=author_recirc-----217bb180730f----3---------------------72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fd4c42d79d32c&operation=register&redirect=https%3A%2F%2Finfosecwriteups.com%2Fthe-ultimate-guide-cheatsheet-to-flipper-zero-d4c42d79d32c&source=-----217bb180730f----3-----------------bookmark_preview----72f141a8_aa77_4f11_8001_721bbd316034-------

Search URL Search Domain Scan URL

URL: https://medium.com/@nireshpandian19?source=read_next_recirc-----217bb180730f----0---------------------91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=read_next_recirc-----217bb180730f----0---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: Easy P1s on the fly if your site runs WP or DrupalHey guys, im back again.

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fa7700650f86b&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40nireshpandian19%2Fno-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b&source=-----217bb180730f----0-----------------bookmark_preview----91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@verylazytech?source=read_next_recirc-----217bb180730f----1---------------------91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=read_next_recirc-----217bb180730f----1---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: Mastering Subdomain TakeoverSubdomain takeovers are a critical vulnerability that allows attackers to seize control of a subdomain by exploiting misconfigurations in…

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F48d9b9d593a9&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40verylazytech%2Fmastering-subdomain-takeover-48d9b9d593a9&source=-----217bb180730f----1-----------------bookmark_preview----91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@MediumStaff/list/mediums-huge-list-of-publications-accepting-submissions-7c0ec8037e61?source=read_next_recirc-----217bb180730f--------------------------------
Title: Medium's Huge List of Publications Accepting Submissions334 stories·3702 saves

Search URL Search Domain Scan URL

URL: https://medium.com/@loyalonlytoday?source=read_next_recirc-----217bb180730f----0---------------------91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://osintteam.blog/?source=read_next_recirc-----217bb180730f----0---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: OSINT Team

Search URL Search Domain Scan URL

URL: https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b?source=read_next_recirc-----217bb180730f----0---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: Firefox&Chrome extensions for bugbounty hunters.Hello all .

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F4006707ee87b&operation=register&redirect=https%3A%2F%2Fosintteam.blog%2Ffirefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b&source=-----217bb180730f----0-----------------bookmark_preview----91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@BrownBearSec?source=read_next_recirc-----217bb180730f----1---------------------91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@BrownBearSec/what-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366?source=read_next_recirc-----217bb180730f----1---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: What I learnt from reading 217* Subdomain Takeover bug reports.A comprehensive analysis of Subdomain Takeovers (SDTO), DNS Hijacking, Dangling DNS, CNAME misconfigurations…

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fc0b94eda4366&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40BrownBearSec%2Fwhat-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366&source=-----217bb180730f----1-----------------bookmark_preview----91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@dub-flow?source=read_next_recirc-----217bb180730f----2---------------------91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=read_next_recirc-----217bb180730f----2---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: Subdomain Takeover: What is It? How to Exploit? How to Find Them?In this article, we shed light on Subdomain Takeovers and discuss 3 things:

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2Fd2b6b82b155b&operation=register&redirect=https%3A%2F%2Fmedium.com%2F%40dub-flow%2Fsubdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b&source=-----217bb180730f----2-----------------bookmark_preview----91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/@jeetpal2007?source=read_next_recirc-----217bb180730f----3---------------------91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://osintteam.blog/?source=read_next_recirc-----217bb180730f----3---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: OSINT Team

Search URL Search Domain Scan URL

URL: https://osintteam.blog/how-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009?source=read_next_recirc-----217bb180730f----3---------------------91026e05_ca17_494b_bbea_158785b87363-------
Title: How I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS)Free Article

Search URL Search Domain Scan URL

URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F34698ee54009&operation=register&redirect=https%3A%2F%2Fosintteam.blog%2Fhow-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009&source=-----217bb180730f----3-----------------bookmark_preview----91026e05_ca17_494b_bbea_158785b87363-------

Search URL Search Domain Scan URL

URL: https://medium.com/?source=post_page-----217bb180730f--------------------------------
Title: See more recommendations

Search URL Search Domain Scan URL

URL: https://help.medium.com/hc/en-us?source=post_page-----217bb180730f--------------------------------
Title: Help

Search URL Search Domain Scan URL

URL: https://medium.statuspage.io/?source=post_page-----217bb180730f--------------------------------
Title: Status

Search URL Search Domain Scan URL

URL: https://medium.com/about?autoplay=1&source=post_page-----217bb180730f--------------------------------
Title: About

Search URL Search Domain Scan URL

URL: https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e?source=post_page-----217bb180730f--------------------------------
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.medium.com/?source=post_page-----217bb180730f--------------------------------
Title: Blog

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9?source=post_page-----217bb180730f--------------------------------
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----217bb180730f--------------------------------
Title: Terms

Search URL Search Domain Scan URL

URL: https://speechify.com/medium?source=post_page-----217bb180730f--------------------------------
Title: Text to speech

Search URL Search Domain Scan URL

URL: https://medium.com/business?source=post_page-----217bb180730f--------------------------------
Title: Teams

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f HTTP 307
https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://infosecwriteups.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://infosecwriteups.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fastly-subdomain-takeover-2000-217bb180730f Show response
infosecwriteups.com/
Redirect Chain

https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Finfosecwriteups.com%2Ffastly-subdomain-takeover-2000-217bb180730f
https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

164 KB
37 KB

504ms
502ms

Document
text/html

162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

594a4b54f632b9b25c20774cb87bfd0565a76548f8bfb1d0fb0aabfa7ea6b265

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d3e08ee3daf422b-EWR
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://medium.com
content-type: text/html; charset=utf-8
date: Thu, 17 Oct 2024 05:54:36 GMT
link: <https://glyph.medium.com/css/unbound.css>; as="style"; rel="preload"
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, lite/main-20241016-185433-47f45c025f, rito/main-20241016-213127-8b1d598987, tutu/main-20241016-013349-14b72dab13
medium-missing-time: 156
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 435
x-request-received-at: 1729144475920

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d3e08edae1678d3-EWR
content-length: 0
content-type: text/plain;charset=UTF-8
date: Thu, 17 Oct 2024 05:54:35 GMT
location: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
worker-missing-cookies: 1
x-content-type-options: nosniff
x-envoy-upstream-service-time: 14

GET
H2 200 unbound.css
glyph.medium.com/css/ 19 KB
0 0ms
0ms Stylesheet
text/css 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/css/unbound.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 2078
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 07:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: text/css
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
cache-control: public, max-age=7200
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
x-envoy-decorator-operation: glyph.glyph-production.svc.cluster.local:80/*
cf-ray: 8d3e08ef0e3b1967-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 195ms
120ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f6e7bfd316a160cd611c23c79c3d0cf8fcbfe22e16592f4afffd03eedf45756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 9106494
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 20
access-control-allow-credentials: true
cf-ray: 8d3e08f27f6c8c96-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 216ms
142ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d63477fd28c0476d71f7d94269d37ebc13ee81002807b40bdcee28351da2019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 18796198
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 34
access-control-allow-credentials: true
cf-ray: 8d3e08f27f6f8c96-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
12 KB 225ms
151ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-serif-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cb0607a963a4d571ab612d010e4c124c2bb4cc0fd27048efa5f92eedab98ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 18133143
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 15
access-control-allow-credentials: true
cf-ray: 8d3e08f27f708c96-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 7 KB
7 KB 228ms
154ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/source-code-pro-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e3ee7afcbc3462ebf2164763c7f050fc4195d5efa4b039646ae0192c49e2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 10785529
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 18
access-control-allow-credentials: true
cf-ray: 8d3e08f27f718c96-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 12 KB
13 KB 125ms
52ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/sohne-500-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45bd34ce2bf3511cc126b1b12bc1597486e925141c10b05627857cb79810140c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 18791632
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 15
access-control-allow-credentials: true
cf-ray: 8d3e08f27f6e8c96-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ 1 KB
2 KB 93ms
50ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:64:64/1*dmbNkD5D-u45r44go_cf0g.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

x-request-id: f111220a-d174-434d-ac30-e815121a5a98
cf-cache-status: HIT
etag: "qUlGJkYhB4LINmyi_TVOvM25Dy409gGbmK5EqrHhPd0/RImNiNjU3ZGRlN2RhNjI0NjU3YTVmNmQ0ZDdhNzEyMDM3Ig"
age: 42193
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: image/png
content-disposition: inline; filename="1*dmbNkD5D-u45r44go_cf0g.png"
medium-fulfilled-by: miro-v2/main-20241009-233003-5bd962093e
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 62
cf-ray: 8d3e08f25fb01967-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1310
server: cloudflare

GET
H2 200 1*-5JvzvZVZgQx7K2XSgzu_w.jpeg
miro.medium.com/v2/resize:fill:88:88/ 9 KB
9 KB 86ms
44ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:88:88/1*-5JvzvZVZgQx7K2XSgzu_w.jpeg

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75c8f4eff4557b4248cf8493eff9f79a11f5856e14ddade73bd73d345812afb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

x-request-id: 40c1f6a5-242b-40db-b339-40ea359e689f
cf-cache-status: HIT
etag: "9ivaNyhTKaKecaYmZr68Fn9V98S0df7YQu7TMR33mwc/RImZiOTI2ZmNlZjY1NTY2MDQzMWVjYWQ5NzRhMGNlZWZmIg"
age: 160029
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: image/png
content-disposition: inline; filename="1*-5JvzvZVZgQx7K2XSgzu_w.png"
medium-fulfilled-by: miro-v2/main-20241009-233003-5bd962093e
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 76
cf-ray: 8d3e08f24fa91967-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8891
server: cloudflare

GET
H2 200 1*SWJxYWGZzgmBP1D0Qg_3zQ.png
miro.medium.com/v2/resize:fill:48:48/ 3 KB
3 KB 99ms
57ms Image
image/png 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/resize:fill:48:48/1*SWJxYWGZzgmBP1D0Qg_3zQ.png

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca50fd28461009340b5bb2835a10d843ea4b7fddf7f5fc109392a55998c70ffc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

x-request-id: eae30fa0-f824-4b2d-8023-677351fbaa25
cf-cache-status: HIT
etag: "c1CjgVkcafhdh7F-WEYEpOglzgQoBxTrHiRusf4J2s4/RIjQ5NjI3MTYxNjE5OWNlMDk4MTNmNTBmNDQyMGZmN2NkIg"
age: 45531
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: image/png
content-disposition: inline; filename="1*SWJxYWGZzgmBP1D0Qg_3zQ.png"
medium-fulfilled-by: miro-v2/main-20241009-233003-5bd962093e
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 72
cf-ray: 8d3e08f25faf1967-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2917
server: cloudflare

GET
H2 200 manifest.15129508.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
6 KB 94ms
52ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/manifest.15129508.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

816ce1d39c17a3a25c127048e5a1613432f59e5b0d92fd1cfd1ceb19b0ca50c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 7e3c5ryqqVtluE.z0zpfiuKn9ZkSkuKg
etag: W/"6b38602fb54f6f1bbf0cab6a728f3c7c"
age: 29198
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 19:04:25 GMT
vary: Accept-Encoding
x-amz-id-2: CE+JeOJfJFXFskfnFNl/s9br1Qiqr3DurMmjmpnTOoxjX8UHbFPqrSb8enKgGGGXTrQIYBcoWyvSZ3wiVB3wy3cn79SxNVtes52jHz+j9/Q=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: RF46TE9J4Y0FVDPB
cf-ray: 8d3e08f25fb11967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 9865.1496d74a.js Show response
cdn-client.medium.com/lite/static/js/ 618 KB
192 KB 97ms
57ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b436fafd50c4a34bb5478d817e964e3ee611849abbbe6557063140f9555f8931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 961vTxAP_4lmeUByLjRWeGFpTSLxcslW
etag: W/"cc9a9e5111ad77aabf3f379d0135b3cd"
age: 25762
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Thu, 22 Aug 2024 12:31:40 GMT
vary: Accept-Encoding
x-amz-id-2: 835tvIQr7smt/KUT+2lGwAC2SW29hPWv+DHeLxaQ9x7PTzLFbCGVNJJiexsljpSyQ4Gns6WvI2w=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 0HN37ZZC1J9C380Y
cf-ray: 8d3e08f25fb21967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 main.fa336689.js Show response
cdn-client.medium.com/lite/static/js/ 867 KB
200 KB 90ms
51ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/main.fa336689.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8dfef7ce210d03b43f64f67dc3fcd5f69be4b36460b0d471d133ad125bda1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: wt7AepUOHhjRA.tePXQdAAqaJgtY.DvE
etag: W/"9223579ad256ead92d8a123bedaa5675"
age: 38636
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 19:04:20 GMT
vary: Accept-Encoding
x-amz-id-2: LGXW3O19P8pBG+vjJc+nsP4cLoRdmRJQVxvGfi755AqE+j5C13XBmIEQNSFKaRKGFWItgAqmQyc=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 0APKN3A6B9RCZVY4
cf-ray: 8d3e08f25fb31967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 instrumentation.d9108df7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 110ms
71ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/instrumentation.d9108df7.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3edb3930e433b6ee76c26ed156d44196652363b4fa881a3e140b3e0b43d2a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: .o.5Xe59BjAug.2i7CIo5xR8KvX9Uh6Q
etag: W/"4d3916cdf704b083082b21a733ef176c"
age: 24831
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 01 Jul 2024 15:12:51 GMT
vary: Accept-Encoding
x-amz-id-2: nVg1x/otgsIlPGiiXvReQfjOyEst2ix5mlxN9BhIDTaas07zxm+9ML0bs3yOHmRne+8K0KBBP7g=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: R7H3DCYK9BJQMPCB
cf-ray: 8d3e08f25fb41967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 reporting.ff22a7a5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 1 KB
1 KB 122ms
83ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/reporting.ff22a7a5.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eada6d1c06b5d675e0c143a2fbef8bf83e3060e9ba20ceeb37ec9415ce9bdbaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: WdqYVC5hKfoxJxknk7bO0he3xYL6sW.H
etag: W/"d5998f5c1de61a2837a52be8d7d89310"
age: 27719
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2024 12:15:10 GMT
vary: Accept-Encoding
x-amz-id-2: +h/zVBcIzW87HKUFXTMPjs01PxxU5hXWaEk548p5ksVX1TGchvldDXaoreofSJrF18lLdgNCCV8=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: KMW8NP5C54ZDH53W
cf-ray: 8d3e08f25fb51967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 9120.5df29668.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
1 KB 90ms
51ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9120.5df29668.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6cdeafd22c26520e6da3d004bb4914e4bd16c17d78fbf7e57a147feaac97731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: Qu5r5mSnyEnqLJgretubmKfZD29MHWBh
etag: W/"73d2a07f82113b942d21bf750a39fc1f"
age: 27005
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2024 12:14:37 GMT
vary: Accept-Encoding
x-amz-id-2: nCFk6vGxctr9/r8Mxs5j0iwXYOXiKg39NDMRLqMJiblWH0lPAv08lAcT51vurzVLcJf/odlUj0/OcXPWltOt2Q==
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 1V68JCMSRWEPG927
cf-ray: 8d3e08f25fb61967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5049.d1ead72d.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 28 KB
12 KB 94ms
86ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5049.d1ead72d.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3985e3779ce6d21045b715324bc4837fc966d0c762a479e5da9764b438e41d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: lXRfPpt5JdTbUioBJcZxfOnTjjaqCp3p
etag: W/"c5c86c25fc0ad2a68f611bb580b457bd"
age: 30336
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 02 Jul 2024 17:39:38 GMT
vary: Accept-Encoding
x-amz-id-2: jsWJV8mpQ0xCzUuetiRSN7gfu8sd6tAZ1IfqW7cyHBpEg3G32cCngFBq0GegxeCokXNJvS5l/+U=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: GX8Y03C8EA0T1GBD
cf-ray: 8d3e08f2afd81967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 4810.6318add7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 6 KB
3 KB 99ms
91ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4810.6318add7.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3543a0133bd553f2dcd79a947b6eec53c2b16c46a3ebb63a77283ed0768f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: yL6ku3JinKR_0fAx.RxWdA0QoAz1R0iH
etag: W/"fee516db8548635142e0001d18f09104"
age: 25462
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Fri, 16 Aug 2024 20:57:37 GMT
vary: Accept-Encoding
x-amz-id-2: BgdL8IfeLrvsFQqrDHFisW390Rj0Uniyb4UZ8ndTu3MiuF+/das0E/bnOP2UnZ+gzj65epV8jhRc5BxDvIdNnDCTLLEflj31s6K1eH2LqOg=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: ZCJJS20S5TEPWHVV
cf-ray: 8d3e08f2afd91967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 6618.db187378.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 92ms
85ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6618.db187378.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c333a76ec82d35a4541956e0e8b4591b55d76f1d1ee4e47f3dd0ec33229e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: ZwCMHuCQ5h9dAQvOvOTD_48maUvIlL_r
etag: W/"7bbe09830788bb18d63591d1a7e255ce"
age: 24177
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Thu, 04 Jul 2024 13:33:59 GMT
vary: Accept-Encoding
x-amz-id-2: +SiVvxjxpof9GPw9pFPULBKjuhltA5uUmH+6le2SKnhmwMonhaslaAvZbQCH6fhaEWkk2849YgU=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: V7SNWX3VEBHRJZ4H
cf-ray: 8d3e08f2afdc1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1386.6a7a21a1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 15 KB
5 KB 98ms
90ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1386.6a7a21a1.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc026ae974354a5cbf6ad318e7e83217d3b1dc54e05aea5d99e132c7d39b03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: VfJ5S9pSpLwnB3xIeXnJhy8GwVlS9sds
etag: W/"32f9e8808517bcec8bbb6b7108ebf713"
age: 25580
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 20:25:35 GMT
vary: Accept-Encoding
x-amz-id-2: cg5mE+2BnD95pQhGGrWsTtyW6wTj0sj3N9LzNM9fQZs7rOvnMFs6VyIR0D7GNxyZCcVPoHM/ZW6ir6UDw8DHpQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: VRY683HKETE05CVE
cf-ray: 8d3e08f2afdd1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 9977.84e4bd5c.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 9 KB
4 KB 106ms
99ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9977.84e4bd5c.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd6808cf81123db247a3a175d6767bd1fe6665d28faecf9ce4537e5b90b55b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: LMKBYCuMgAaK1sFzofJVJ30s3ivcJNNN
etag: W/"d3e950bb172e9d4e4747d826705a9859"
age: 672870
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 15:20:32 GMT
vary: Accept-Encoding
x-amz-id-2: KlkdbM4FU9pfsgii2hEe3xn/AZXlnHF6wQhUBxjP2VBw5rf3RJblWQfF3+g5vzxThzvFPwK0/idfXA71/xdehogiAhyirJHXFMt/8SdCZWA=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 10E33AN7J6CNKH4H
cf-ray: 8d3e08f2afde1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 719.ae4dd3e0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 101ms
94ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/719.ae4dd3e0.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

379abb289ecad9b42e25baaa399964a33365d88eeab34822bd06016f97fcd8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 9hCgWBYziBFMIeQWy2O7yUueAEa9S0Od
etag: W/"ff2200800aeabfa6059f0edb1814c622"
age: 22902
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 16:31:25 GMT
vary: Accept-Encoding
x-amz-id-2: 1JL//fyJ0JiPanqiyFxPi4Ny05C2+Bb5aouFfJYs5uhYRclCdsMIZ5LGtc36MY2LqsXK08S9X08=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 13HAB01N73VH84XP
cf-ray: 8d3e08f2afdf1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5250.9f9e01d2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 33 KB
8 KB 117ms
109ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5250.9f9e01d2.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c526ee08811f04d7f0d5b393cd69c73d19d9fffe61773071deef3f364f00fa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 21R8z5oaOHicCDfQ9u19rdxA8jsmxuEX
etag: W/"559305b0cc3ed475000d0105eef44baf"
age: 109669
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 20:25:41 GMT
vary: Accept-Encoding
x-amz-id-2: OZRCre+lav0vQdcoebRHdrswUybVvF/1oyE4uYXZAqtMeTJ7QwR/iR0aMA5tZ55OxEODy9gGh2A=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 8CKG6FQ8VQ5M79JN
cf-ray: 8d3e08f2afe01967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 6349.b071a958.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 18 KB
5 KB 105ms
98ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6349.b071a958.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530c37d2934d0d6f065188c7816a8c237becd2dc810b2f1ec91cfeac60d7467d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: HxwstXNb6D7zw.6ZbrnQdmPVl5VbrzY7
etag: W/"5a3b804564e3ce32be47618a72fbc5a9"
age: 42268
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 16:31:25 GMT
vary: Accept-Encoding
x-amz-id-2: AibY9UMprCTTe3v4gXnJss0jBw7HtHTpj9y1ccWKip1ZzSRFtMOJ3HGBq7NwEyABvj9SlwCo6sY=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: F1EZSYGVQTHA5W89
cf-ray: 8d3e08f2afe11967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 2648.26563adf.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 13 KB
4 KB 100ms
93ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2648.26563adf.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57291da4c35041eeea04c8e251fd16bbf673f2f1322ce08a88411bf23c0ae6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: Dg71tHMESiDiyad9_ofwQFtIM_W.JfWh
etag: W/"b5fedea948f4858727c9357b5baefaed"
age: 32204
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:24:24 GMT
vary: Accept-Encoding
x-amz-id-2: K3YIIWt1npTRedp4eJcIe2hAuAXt1Ugkv2o0bko/Naxx4HEHW9BuUuelgVS+PrQqul3askNF5oPYCRrNR33AbVXw4I/VjBqb
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 7FSFRCY3MEAP4396
cf-ray: 8d3e08f2afe21967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 8393.826a25fb.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 21 KB
7 KB 118ms
111ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/8393.826a25fb.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6903f50388d3d1ad9b3e67033f700ba4ff5b89f89e80fdd7c04b427daa6b4c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: _6xkcoUI57wT1Jb5c2gsa3tBJ9OYEVsu
etag: W/"d5bcd37fbd5aa3233a9aec731befac41"
age: 23895
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:24:31 GMT
vary: Accept-Encoding
x-amz-id-2: C9wRsKi5CBmAHuuiP5mUQhptKrs6/+xHvIRs4Ex65GvBHOaG/n2gsvKBlgL+lOPW9eH3Q0WOh30=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: H22G46XC5T354FV1
cf-ray: 8d3e08f2afe31967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1443.598cb8b2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 68 KB
18 KB 126ms
119ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1443.598cb8b2.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5750b66e944006a6e2bf72b64ab9a0ccc4f77b4fdf59de850c29e9b319d1ebf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: HOJ9iQTlxfp1N_a_SEJ91njNEvUm5_84
etag: W/"76cbec7afa91a4e62f11a12bcf72fc20"
age: 31654
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 16:10:01 GMT
vary: Accept-Encoding
x-amz-id-2: CioEbTC8U0MCzA0N2RDGeTIc/C2Dwj0iSjsgPJXGFJmsu0EyjJR6R5Mv6sMSRvTniZ9E7H+uKr8=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 1P2S3ET6R1G7RANV
cf-ray: 8d3e08f2afe41967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 3735.8c38ede2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
6 KB 97ms
91ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/3735.8c38ede2.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d60e21b42b84ac06cfdf50cdb8c6e881d8f00bd5a7ff563e3602bcf95c8c521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: V01xJsJXsDzex3uYWx4UfK0Wu6AnFyZa
etag: W/"778b342e8c0f7ba84b991c9d786e2620"
age: 27263
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:28:29 GMT
vary: Accept-Encoding
x-amz-id-2: GinPhnLUI/DM43ahQ3iFqmdSu/wWu3953DFFQ7hZmBEbgDNCv032czdfEiGTJawA12TU5OGMF5rCR/hWqOizThuRSvkCesAQ
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: JGP4SR695TFHHWHN
cf-ray: 8d3e08f2afe51967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 5642.d10c9ba0.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
9 KB 106ms
99ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/5642.d10c9ba0.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9f6f0f3c68899457d793529433d47a89c1b4e966f83359090d2730a4ed9e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: lEF45wgviwwwKmHpPyJQSwXwkxCZGPOq
etag: W/"aa8325b1c212798cf3546bd8b5771ebf"
age: 33072
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 16:31:24 GMT
vary: Accept-Encoding
x-amz-id-2: q2800Xk3kcDs8k0Yud+S3l3AGAAqiOno4XD+n63EtJLnyO/+QlGbVyL+0YEGBM12HAcIiNE+pYzEVwus9R7IwZ9Hy6c7WQxO
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: C7BTCCF6QJ2NDWV9
cf-ray: 8d3e08f2afe61967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 6546.cd03f950.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 134 KB
36 KB 112ms
105ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6546.cd03f950.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cc38817027860ed5e04f9e11e01cac05094175d8d4c87caac335dde7d10e7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: MYjLVaBNF99bOHh1B3EzIlWdqdlBo8U3
etag: W/"34e298e305719d7f87d7a4901a792fa3"
age: 42641
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 20:25:43 GMT
vary: Accept-Encoding
x-amz-id-2: d3IOfVLXL8myJm8yBtcgptNloPb5LpfjxO2dB6zm3EUHENo+jq6jPj3HoPFb5DOprLtfTxMYlw0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 2S00K6Q4FVWHGT09
cf-ray: 8d3e08f2afe71967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 6834.08de95de.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
7 KB 103ms
96ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/6834.08de95de.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c9d6ecf94648c4dabff5923c433fd6d3a936440e4650b102cf4b4bc1a6a16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: w8on9i2WU6JQVNbowhcoh55AnG9nRDDq
etag: W/"8bfb3048c20dbcd0ee88e44f2ae2c575"
age: 32290
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 25 Sep 2024 21:18:19 GMT
vary: Accept-Encoding
x-amz-id-2: PAPZJlelyWo4iByPkPMGQ8tzlND63LJPMI5bn8kAYiJZO6/urv1MJ309Zd1tmcWBLVvqjGdTPPQ=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 0VJBW58Z8PCGH8HK
cf-ray: 8d3e08f2afe81967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 1781.db373833.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
2 KB 110ms
103ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/1781.db373833.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99770100ef97de7fafd08b0704039f46351fce02caf6d0ee55d02b77d7df6642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: mQNo2MtOBUfChQgiKZJLv79DMLxza2iZ
etag: W/"57b2f30c5e813829d5f709394593a95e"
age: 50425
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 15:41:53 GMT
vary: Accept-Encoding
x-amz-id-2: D3/HxH+ZcL+rl0EH6x9cMx1UH2v5wRfg82r1AFRGh9zs/36jt6J5+gcaQwQYxFjZlN3NZa5aI70=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: DZ5CE7KG9B9Q81BV
cf-ray: 8d3e08f2afea1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 2420.0330d157.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
4 KB 106ms
100ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2420.0330d157.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171cece4ac2237f1003b18b0fe31873be2d2dfcd6b835525fef7734dd3885b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: _5P0lSJaufDrl5cajeATE6F_8uI.XcAy
etag: W/"ab60dc899e489dc43eb7fb5e1321ec32"
age: 42652
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Mon, 08 Jul 2024 15:08:52 GMT
vary: Accept-Encoding
x-amz-id-2: 64camrj79j6xuve/8mEetoAD/eXx0+AICWagt+lpKP58nYpmBUBxe0QYsGRgvWgiynA98XXAVcE=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: E6ER7AN4JKH6WZPR
cf-ray: 8d3e08f2afeb1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 839.ca7937c2.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 26 KB
10 KB 110ms
104ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/839.ca7937c2.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

218e0f4907870a81cf5234f06b3c461bb52b46643850f39c5e4fd9466271bbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: cbVNCvYNrEuOjicdKIDyuAnKVjqScp1G
etag: W/"c84f7eaad8dc75c5baff756fbabd2a6a"
age: 742376
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:24:31 GMT
vary: Accept-Encoding
x-amz-id-2: tNUmnR2aZExCB1Cmome4Jb5YDzbukj7rrFvYO0K8eAf9k687ioWWblsY7g0BrnUcljY1lrZl22NdqBvLe1kt8dVDrpwpWFbphnEMm/CfM3M=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: JBCYDDKGN360REDP
cf-ray: 8d3e08f2afec1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 7975.d195c6f1.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 8 KB
3 KB 111ms
105ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7975.d195c6f1.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5198ac988c7643d99cc98c10976fdde3855e1c2c4f0fc76849924bd97bf7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: c8YEUoRgHrQKByilo.x6VjVxscqBV2VM
etag: W/"3fb074e4da6e5722bf7e4c8bea96cfef"
age: 31064
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 15:24:31 GMT
vary: Accept-Encoding
x-amz-id-2: NQBWY/n7PFrq59fD4OjBXeQkMg2CKWtP9IsCGNxytbO8uZ4jOolFsx+Lr6eaK/CKBPlc5DCSaxMyNxeRhiBTfQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 82AKP37MNYYESFWB
cf-ray: 8d3e08f2afed1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 2106.21ff89d3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 19 KB
5 KB 116ms
110ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2106.21ff89d3.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

642e68e2920d83ca866b88006ef18212354e0d5acd026ccdc0b21cdafe72746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: ZAOTHsY5yzhFtAIVlxWuUUSMd6WiuHdq
etag: W/"a33b4282f0980a9d6bfbebc42268cfe8"
age: 31992
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 17:53:41 GMT
vary: Accept-Encoding
x-amz-id-2: XV+x5R4RbG4reFbbWuCxqgk9ci5zstXqLSTOARO33ZP1V2cYZ9gtU/0yxEpwzVz2PeneAvtWgFg=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: CGR06YYEYJYDMJ03
cf-ray: 8d3e08f2bfef1967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 7394.55c925ce.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 53 KB
18 KB 117ms
112ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/7394.55c925ce.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

540f5dfd796f7f1bc7152667cc5e82e03c27937f7cc3d1b75f79ec5777d5a528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: j8oBY_CJ_tI.1BjjSPIh7uP04y.dIHsP
etag: W/"e11ef776e075f0640c7122d0d1ee304d"
age: 50425
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 15:42:00 GMT
vary: Accept-Encoding
x-amz-id-2: TgicPdPqk1m9lHTTECrV6E8RjfrGhrY0QYH5LVsbhIZB5fcusJUNJJcbW6pMcMg/5nRHD6OIHv0=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: DZ51ZEKV3HHG5ZCC
cf-ray: 8d3e08f2bff01967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 2961.00a48598.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 22 KB
6 KB 126ms
121ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2961.00a48598.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ce2b4112c125d608811e9b953271e8513adc8dd52d13650d8c0c24079bba17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: GuJQlqkxw4ZfGrbq1WIMLrwNGgOplH30
etag: W/"1bdbecec58b79953efd20c07f17646eb"
age: 50425
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 15:41:56 GMT
vary: Accept-Encoding
x-amz-id-2: i/oasT52VQwyvrWy3ps5KwS09wiVKPitkThIImk8pUyb6z9t/NR8FsC7W6ScBi2LiOr+Y+lEnKM=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: DZ5ECR9JMJR76BZG
cf-ray: 8d3e08f2bff11967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 230.4d7a2738.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 39 KB
6 KB 127ms
121ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/230.4d7a2738.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9a1704d31ba9516ff343f9a37aed9e118dd5aae307e46e23505126433247ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 0WTA.oVgr.8I1_AlPkHnqlXTCzXI4wt2
etag: W/"c6e1ae4060371b4178b2cccb32de3350"
age: 41104
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 15:41:55 GMT
vary: Accept-Encoding
x-amz-id-2: 1PB6rq2Lbf2FARWN20/n1Qcacsm0tChnMef1AvgFcc9OwBkaXfqN437PHEvLqP5yo+0C1AmMoRw=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: P4R300CHKV3PGMCB
cf-ray: 8d3e08f2bff21967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 4391.59acaed3.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 24 KB
7 KB 122ms
117ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/4391.59acaed3.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bde116ab519b4d0da72e48403035e2dc408f9baab3b829c59b5cca8b75a5b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: z50cGdf89dT8LWKW28ub_XfUlKXskRgH
etag: W/"40e962a4338753f39b26019883addfe2"
age: 30022
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 20:25:40 GMT
vary: Accept-Encoding
x-amz-id-2: FABq/5tXbp2TaingT6mbQQEDcWx3lI2P9sQtyL0WbjbxZzBBRLlbruFDhpbgKsTHddnqEZDKc+8=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: KQG25PGA92CDYZ7W
cf-ray: 8d3e08f2bff31967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 PostPage.MainContent.563d0db5.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 188 KB
42 KB 118ms
113ms Script
application/javascript 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/PostPage.MainContent.563d0db5.chunk.js

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783fcee1f4e483a90c8620a6fcf5dd9dfd10734f245625495a8ea65e4bcb7263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: gb3tkByhg8WISU_pzSR621rDDff_iEoB
etag: W/"7187e480cfea7ea1b22f07008bba5b5b"
age: 42637
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:36 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 17:51:39 GMT
vary: Accept-Encoding
x-amz-id-2: F9qWg8ab7CR35eKaXEsDubEzJhtQUBZpzeWadFDVaHsMDUQnOiUvE4AtM1wCL9qaEPGHZUSwIhI=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: 782C3PBHS9AVCV8Q
cf-ray: 8d3e08f2bff51967-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 153ms
61ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d3e08f2abf942de-EWR
access-control-allow-origin: *
date: Thu, 17 Oct 2024 05:54:36 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 /
infosecwriteups.com/_/clientele/reports/performance/ 0
0 76ms
74ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.fa336689.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Medium-Clientele-Client: lite
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
worker-missing-cookies: 0
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 12
x-content-type-options: nosniff
cf-ray: 8d3e08f71ff017f9-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, clientele/main-20241009-233003-5bd962093e
server: cloudflare

GET
H3 200 11.51005c90.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 20 KB
8 KB 42ms
41ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/11.51005c90.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.15129508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0451a587442fca6a380afc042f676122b442146e9aa1feae9e49b0e1151a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: 36cCO0pOnWiejNqRlW7IWOfErAeUvPZN
etag: W/"05baeb0cc66e723dd05d50bed964c411"
age: 44585
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2024 12:14:27 GMT
vary: Accept-Encoding
x-amz-id-2: YYqjRFBRVht2R16/dZpEDCLujf/qYb8x+pyjSqAaNUm9z+VnlTbcu5ezQUJgvAkWWagjrC+lUT+qtRpkMR+gXS6Cnu9exqD6Q3KA3gw6DgE=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: NRW8C7KE7KZPTASD
cf-ray: 8d3e08f72959de9a-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H3 200 /
infosecwriteups.com/_/clientele/reports/performance/ 0
0 77ms
77ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.fa336689.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Medium-Clientele-Client: lite
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
worker-missing-cookies: 0
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 12
x-content-type-options: nosniff
cf-ray: 8d3e08f73ffa17f9-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, clientele/main-20241009-233003-5bd962093e
server: cloudflare

GET
H3 200 GiveTipButton.7aab6761.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 5 KB
3 KB 39ms
38ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/GiveTipButton.7aab6761.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.15129508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cbe11384e7d7c8b3d65a7ef12d1ad010a5fd8ca33338162a7afc0eefe0ace8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: AIwLAfLc9j1zy7f18lDwzg3hxhh9RZje
etag: W/"1b6b1c9d7cf2982ac07f4974af89535d"
age: 109035
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/javascript
last-modified: Tue, 17 Sep 2024 20:25:56 GMT
vary: Accept-Encoding
x-amz-id-2: zUYa2ZTGvO0svZJpdgsParQq1kZ2B/UgBK9IsekQgzzlsXFL3qZSf0g/qTS0r8F/W3/ov2Ndww8=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: PX1R3X1YRM3V689G
cf-ray: 8d3e08f80a7dde9a-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ 13 KB
13 KB 47ms
47ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/gt-super-400-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 18800088
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 16
access-control-allow-credentials: true
cf-ray: 8d3e08f82af08c96-EWR
access-control-allow-origin: *
server: cloudflare

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 242ms
106ms Script
text/javascript 2607:f8b0:400d:c02::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::63 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9de380d1d4b42530036e63ec0fd7a4e3a3a462fbb0a4f7acc9c994013c07bf42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 17 Oct 2024 05:54:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 17 Oct 2024 05:54:37 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 75 KB
23 KB 239ms
71ms Script
text/javascript 3.171.139.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.171.139.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-171-139-39.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

cache-control: max-age=300
content-encoding: gzip
x-amz-version-id: JdSJSDd4bnNFPjlwdZ2RC7ixUU_rrhPQ
etag: "f4ec9657a3dc111d088e2eca7b9796a4"
age: 151
via: 1.1 faa1f1cd9e8aec6c42fd30b6d46e49f4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 23431
x-amz-cf-id: l_gtQvWkJMX_C30uUKyL2YJAcMvWZwYsz-u-xxyKVQ_dkBAsS8Mgbg==
date: Thu, 17 Oct 2024 05:52:07 GMT
content-type: text/javascript
last-modified: Wed, 10 Apr 2024 21:44:10 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P8

GET
H3 200 5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/ 300 KB
300 KB 42ms
42ms Image
image/png 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://miro.medium.com/v2/da:true/resize:fit:0/5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

x-request-id: 553367ea-2719-4e8d-8326-a6503efef6a6
cf-cache-status: HIT
etag: "_89iZTbMWFrDAXoszgLV1LA1pq4J7sBwEDXleeW4l1U/RIjIwZDEwN2Y4NjUyZGRjYWYzMDBkNGYxNjllNjMwODQ5Ig"
age: 31034
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: image/png
content-disposition: inline; filename="5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74.png"
medium-fulfilled-by: miro-v2/main-20241009-233003-5bd962093e
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 163
cf-ray: 8d3e08f83ad9de9a-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 306868
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 129 B
515 B 93ms
92ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba299622d4cde1b516ccf64c7212427f704610538e68833b60e17fe68b2df4f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: VisitorQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"81-oviLYWyx62fXLXoj4ci9bpTyJW8"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477644
worker-missing-cookies: 0
x-envoy-upstream-service-time: 24
cf-ray: 8d3e08f8f92d17f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 80 B
553 B 95ms
93ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: AvatarMenuQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"50-uwdNQiS1cauYvMsRotgPVGuGSSE"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477642
worker-missing-cookies: 0
x-envoy-upstream-service-time: 34
x-envoy-decorator-operation: valencia.valencia-production.svc.cluster.local:80/*
cf-ray: 8d3e08f8f92e17f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 1 KB
992 B 155ms
152ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91d682c73c844c45c56f75f12cbc65089c14d82490420d17de297b8298d2a535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: ClapCountQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"559-iA9q8iaSeB3WZqfphqEh3FwGsPg"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987, tutu/main-20241017-014627-9343e2f888
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477642
worker-missing-cookies: 0
x-envoy-upstream-service-time: 91
x-envoy-decorator-operation: valencia.valencia-production.svc.cluster.local:80/*
cf-ray: 8d3e08f9092f17f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 692 B
824 B 146ms
141ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7c167923c8c50d1867053060bd7299ee43ca9ef64ce555fddbd014f45eb341c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: InteractivePostBodyQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"2b4-xoLzLuDV32rfba5TXNwwAk/KOpQ"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987, tutu/main-20241017-014627-9343e2f888
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477650
worker-missing-cookies: 0
x-envoy-upstream-service-time: 83
cf-ray: 8d3e08f9093017f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 210 B
637 B 187ms
184ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b07fe700f3a3a79a226f223c0a76bcb7b0083237d8fcd3f8c918a6f1c7072c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: NewsletterV3ViewerEdge
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"d2-L/vravNhAw8qrYAhoK4Fgcl217I"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987, tutu/main-20241017-014627-9343e2f888
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477648
worker-missing-cookies: 0
x-envoy-upstream-service-time: 120
x-envoy-decorator-operation: valencia.valencia-production.svc.cluster.local:80/*
cf-ray: 8d3e08f9093217f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 21 KB
5 KB 343ms
327ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4be91d2259eb6fc5057f082b69adc7f028e1c247a1096c86ca6c78f59384f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: MoreFromMediumRecircQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"53f9-BjpTNJolRvio67mZ5yskx40IonE"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987, tutu/main-20241016-013349-14b72dab13
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477658
worker-missing-cookies: 0
x-envoy-upstream-service-time: 265
cf-ray: 8d3e08f9094717f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 27 B
477 B 104ms
102ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: ViewerQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

cf-cache-status: DYNAMIC
etag: W/"1b-zcE2qsOE110W+7rHoTa9C+cwT68"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477653
worker-missing-cookies: 0
x-envoy-upstream-service-time: 40
x-envoy-decorator-operation: valencia.valencia-production.svc.cluster.local:80/*
cf-ray: 8d3e08f9094917f9-EWR
access-control-allow-origin: *
content-length: 27
x-xss-protection: 0
server: cloudflare

GET
H3

200

main.js Show response
infosecwriteups.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 71F5
Redirect Chain

https://infosecwriteups.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://infosecwriteups.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

35ms
35ms

Script
application/javascript

162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Protocol

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0830ea55193eb1b9d45b78395aa691069310e9bb6c940f8da61c934094193f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: gzip
x-content-type-options: nosniff
cf-ray: 8d3e08f9698b17f9-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
x-content-type-options: nosniff
cf-ray: 8d3e08f9297117f9-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 9510.a4cbec34.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 3 KB
2 KB 67ms
67ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9510.a4cbec34.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.15129508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4bc175d37a6a734c6e043fd36ead4fdbc82bb5a972cbd6c912ea570cd16fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: zC38WWPa_gpm3S4ejlCdNPfSKMI5gk8y
etag: W/"ee1c35fd694f268031d23f2dbc63c55c"
age: 853995
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2024 12:14:37 GMT
vary: Accept-Encoding
x-amz-id-2: K2KSkyM9xnocOshu8RbDBzWaADx1CK2r7RZq/Bs2O5tAsodC6mPGmZ5e3A90A7ICDxftmta/I/9lQntERK2juOEJvB76BM4j0Md9yxCKh8M=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: N2V7EZ2RGTW1CKC9
cf-ray: 8d3e08f97cedde9a-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 2328.5b360117.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
2 KB 67ms
67ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/2328.5b360117.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.15129508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6cc165a81339de1b0675ab2b82cd77143fe1abf3bb18a936eb894f16d2d7158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: kYS7qL75BPSZ8BiznY31_0TjbPcwae2v
etag: W/"df22de8c22264407446f4494e4ed7c76"
age: 853413
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2024 12:14:28 GMT
vary: Accept-Encoding
x-amz-id-2: R2K18V845dlEpcHy4eA7Ulo4jmyIMHFHhDoYXQigYUK+1PaWErpfIjjDGD0Z62IVEI6VVz1eCac=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: Q2H03RQC82T7XK06
cf-ray: 8d3e08f97cefde9a-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 9359.e60eb8d7.chunk.js Show response
cdn-client.medium.com/lite/static/js/ 2 KB
1 KB 76ms
76ms Script
application/javascript 2606:4700:7::a29f:9904
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-client.medium.com/lite/static/js/9359.e60eb8d7.chunk.js

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.15129508.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b73368ebc8ed4a26431b1306b47a2d9fd5447baa081af9dcec230839eb2c28a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: X2jsGw3rA5tmRUAmtVpCmmpxAoFEWgMh
etag: W/"defab591afc3ddd02682cebce69837a3"
age: 853977
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:37 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/javascript
last-modified: Mon, 27 May 2024 12:14:37 GMT
vary: Accept-Encoding
x-amz-id-2: FN+CnmySdgGUMVR+LehIUSXSLMHKj+76Ag1JgbTXg7l4z/XfrmTDbhnpej3TVG7JnCTb1JrN2J8=
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-amz-request-id: V7NMAT6KRPG9CP48
cf-ray: 8d3e08f97cf0de9a-EWR
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 81 B
496 B 117ms
116ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db04880449cf76f73b35add9d29afc49629f19266f798cceb5aac835480a73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: PostGiveTipOnExternalPlatformQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"51-VQfdNk3ReUU3hKGDShyXCzXzjsI"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144477734
worker-missing-cookies: 0
x-envoy-upstream-service-time: 41
cf-ray: 8d3e08f9899517f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H3 200 8d3e08ee3daf422b Show response
infosecwriteups.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 71F5 0
727 B 48ms
40ms XHR
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d3e08ee3daf422b

Requested by

Host: infosecwriteups.com
URL: https://infosecwriteups.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8d3e08fad9f717f9-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 17 Oct 2024 05:54:37 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 544 KB
216 KB 469ms
58ms Script
text/javascript 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

content-encoding: gzip
age: 187684
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 01:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 01:46:34 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220736
x-xss-protection: 0
server: sffe

GET
H2 200 _r Show response
app.link/ 91 B
634 B 267ms
118ms Script
text/javascript 2600:9000:24f1:3800:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.85.0&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f1:3800:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

9567089433a8475d29ccb98e717b835a30ad0ebdf33cae975ed7f8bff35c65ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"5b-ML7k7am2aFADpAXHCU3GBACxq9k"
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-content-type-options: nosniff
via: 1.1 0afec277ba3e75e96fa6b4c76d8e130c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 91
x-amz-cf-id: SYjuVi7IWNSeFBadycfemjw0UbaFeb_w9nuYrpjL45CU11z5_cQnvA==
date: Thu, 17 Oct 2024 05:54:38 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: JFK50-P4
server: openresty

GET
H3 200 sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ 18 KB
18 KB 45ms
45ms Font
application/font-woff 2606:4700:7::a29f:9804
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/sohne-700-normal.woff

Requested by

Host: glyph.medium.com
URL: https://glyph.medium.com/css/unbound.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:9804 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e2f5dae6e68d982ce0401cd8c80e19fc939b0554bf0bc615249ed7bf192643a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://infosecwriteups.com
Referer: https://glyph.medium.com/css/unbound.css

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: HIT
age: 10772166
access-control-allow-methods: GET, POST, PUT, DELETE
x-content-type-options: nosniff
expires: Fri, 17 Oct 2025 05:54:38 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:38 GMT
content-type: application/font-woff
vary: Accept-Encoding
access-control-allow-headers: Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 45
access-control-allow-credentials: true
cf-ray: 8d3e08fd9e558c96-EWR
access-control-allow-origin: *
server: cloudflare

POST
H3 200 graphql Show response
infosecwriteups.com/_/ 821 B
625 B 132ms
131ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/graphql

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d180ca3c0928a2806c664b7f04e158b4e20cc41adbcf0448c072587a7ab064e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

graphql-operation: ClapCountQuery
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
medium-frontend-path: /fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: */*
medium-frontend-route: post
content-type: application/json
apollographql-client-version: main-20241016-185433-47f45c025f
apollographql-client-name: lite
medium-frontend-app: lite/main-20241016-185433-47f45c025f

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"335-mtJCi19yk+B9y5gpeo05oTAUEls"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 17 Oct 2024 05:54:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, rito/main-20241016-213127-8b1d598987
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-received-at: 1729144478413
worker-missing-cookies: 0
x-envoy-upstream-service-time: 52
cf-ray: 8d3e08fddbc317f9-EWR
access-control-allow-origin: *
x-xss-protection: 0
server: cloudflare

POST
H2 200 open Show response
api2.branch.io/v1/ 316 B
708 B 300ms
127ms XHR
application/json 2600:9000:2512:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

6ca1c6f849fe69b2a48018ab2c114d957657b7dc162dcd5b69a3d6351d2e2d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: 2mgaQroboRKhnz7osY1G8HklVZ-8fgGoWAMjEUZtotXoCMi8BoL-6Q==
cache-control: no-cache
via: 1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 316
x-branch-request-id: 3b805c76-8d68-4541-8bec-05c7a88001cf-2024101705
date: Thu, 17 Oct 2024 05:54:38 GMT
content-type: application/json; charset=utf-8
x-powered-by: Branch
x-amz-cf-pop: JFK50-P7

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame C388 0
0 186ms
52ms Document
text/html 2607:f8b0:400d:c02::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly9pbmZvc2Vjd3JpdGV1cHMuY29tOjQ0Mw..&hl=en&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=4zl89te77fwf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c02::68 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pWZp_lB68lPgzurAAzFAew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pWZp_lB68lPgzurAAzFAew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Oct 2024 05:54:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
351 B 131ms
129ms XHR
application/json 2600:9000:2512:6600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/9865.1496d74a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2512:6600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Branch

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 28
x-amz-cf-id: PxYHpvlf_xmcOMSnOPBgRObbBjUnWxPAxsRm31m7rumCnd1Nbxrfkg==
date: Thu, 17 Oct 2024 05:54:38 GMT
content-type: application/json; charset=utf-8
x-powered-by: Branch
x-amz-cf-pop: JFK50-P7

POST
H3 200 /
infosecwriteups.com/_/clientele/reports/performance/ 0
0 85ms
83ms Fetch
text/plain 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/clientele/reports/performance/

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.fa336689.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Medium-Clientele-Client: lite
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
worker-missing-cookies: 0
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 16
x-content-type-options: nosniff
x-envoy-decorator-operation: valencia.valencia-production.svc.cluster.local:80/*
cf-ray: 8d3e0916df2817f9-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Thu, 17 Oct 2024 05:54:42 GMT
content-type: text/plain;charset=UTF-8
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888, clientele/main-20241009-233003-5bd962093e
server: cloudflare

POST
H3 200 batch Show response
infosecwriteups.com/_/ 17 B
353 B 123ms
120ms Fetch
application/json 162.159.153.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecwriteups.com/_/batch

Requested by

Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.fa336689.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.153.4 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-xsrf-token: 1
Referer: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
worker-missing-cookies: 0
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 61
x-content-type-options: nosniff
x-envoy-decorator-operation: valencia.valencia-production.svc.cluster.local:80/*
cf-ray: 8d3e0918a87717f9-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 17
date: Thu, 17 Oct 2024 05:54:42 GMT
content-type: application/json
vary: Accept-Encoding
medium-fulfilled-by: edgy/8.8.0, valencia/main-20241017-004327-9343e2f888
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JY7T788PK

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.infosecwriteups.com/	1969-12-31 23:59:59	Name: _cfuvid Value: cJPCB_7jisw8wKSHmYmr32h386GeiIcx3zMYMGYzgec-1729144475597-0.0.1.1-604800000
.medium.com/	1970-01-21 09:55:04	Name: uid Value: lo_fca6caa77a87
.medium.com/	1970-01-21 09:55:04	Name: sid Value: 1:BReXWpJzC6WKl/ES5mCeLUZ1YfHVjF5mqTzyT5Wwh6sQKMp2qkHx+vUcuqWqSX7+
infosecwriteups.com/	1970-01-21 09:55:04	Name: uid Value: lo_fca6caa77a87
infosecwriteups.com/	1970-01-21 09:55:04	Name: sid Value: 1:oB/3YJZ0bNEu61ZGyCv84B/U12r7UOR48eYeF0mQ2DHWYHwG9ZsmGduVVrrBZtYe
.medium.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mPcrdydkmIHznyzH2k9VKOvLF1WId4hpZghyeRPlUTM-1729144476552-0.0.1.1-604800000
.infosecwriteups.com/	1970-01-21 09:04:40	Name: cf_clearance Value: 1jXfWa9EJ0_ksk6a_gbp37agfaIdVE_ZVo6cioB5mWw-1729144477-1.2.1.1-yYymc7mowlQ4vbhheUVDuGt5dn22LgCizstSOL28sI5JevT7LYZ2p4_bC2dMhXPaib2YLdHKC6kg2X9ygWGgCRdzXhQNURzvJVGHIp8SDxNjg0ZVRlLT2TFAR92fk1w7lR3O7scVp3vAIBYIFhcf3I3gHOIyckbYCmO2yPCwa3Ydviwf6vEfAk1gcGSlyXMR_rqk.VXhe3BrZO_qUw1_dpGUed5.WwvInbEnfy4hdnHZP7y8mN3CYmhGz5dsfXSTlWsSVUE3a_.m8f7NzNNiz5pcgwMeqoGvM2Adw_qiSUa7e7iBZDyb7tf6JvGVbwBqylnT71nc7oPalg7pmnQBeltRHiH7AoFyVSYf8Qr0qO4D3nr_JI6s_.RccU9_rB5X
.app.link/	1970-01-21 09:04:40	Name: _s Value: M5BlmpUAd%2B6nihTNlFRRGQeva0Ip7AXzmViFv2ceO0lLyd%2BVfA9DDHiq8iXMdV2Z
infosecwriteups.com/	1970-01-21 00:19:05	Name: _dd_s Value: rum=0&expire=1729145377782

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://infosecwriteups.com/fastly-subdomain-takeover-2000-217bb180730f?gi=fbc497ddf15a(Line 41) Message: document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://medium.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
infosecwriteups.com
medium.com
miro.medium.com
static.cloudflareinsights.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.googletagmanager.com
162.159.153.4
2600:9000:24f1:3800:19:9934:6a80:93a1
2600:9000:2512:6600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2606:4700::6810:5049
2607:f8b0:400d:c02::63
2607:f8b0:400d:c02::68
2607:f8b0:400d:c0f::5e
3.171.139.39
07e3ee7afcbc3462ebf2164763c7f050fc4195d5efa4b039646ae0192c49e2fb
0830ea55193eb1b9d45b78395aa691069310e9bb6c940f8da61c934094193f78
0bc026ae974354a5cbf6ad318e7e83217d3b1dc54e05aea5d99e132c7d39b03c
0d63477fd28c0476d71f7d94269d37ebc13ee81002807b40bdcee28351da2019
0db04880449cf76f73b35add9d29afc49629f19266f798cceb5aac835480a73b
12c333a76ec82d35a4541956e0e8b4591b55d76f1d1ee4e47f3dd0ec33229e43
171cece4ac2237f1003b18b0fe31873be2d2dfcd6b835525fef7734dd3885b72
1bde116ab519b4d0da72e48403035e2dc408f9baab3b829c59b5cca8b75a5b03
1e3543a0133bd553f2dcd79a947b6eec53c2b16c46a3ebb63a77283ed0768f39
218e0f4907870a81cf5234f06b3c461bb52b46643850f39c5e4fd9466271bbe2
379abb289ecad9b42e25baaa399964a33365d88eeab34822bd06016f97fcd8c7
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
45bd34ce2bf3511cc126b1b12bc1597486e925141c10b05627857cb79810140c
45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e
4ce2b4112c125d608811e9b953271e8513adc8dd52d13650d8c0c24079bba17a
4d60e21b42b84ac06cfdf50cdb8c6e881d8f00bd5a7ff563e3602bcf95c8c521
4d9f6f0f3c68899457d793529433d47a89c1b4e966f83359090d2730a4ed9e89
4e2f5dae6e68d982ce0401cd8c80e19fc939b0554bf0bc615249ed7bf192643a
530c37d2934d0d6f065188c7816a8c237becd2dc810b2f1ec91cfeac60d7467d
540f5dfd796f7f1bc7152667cc5e82e03c27937f7cc3d1b75f79ec5777d5a528
57291da4c35041eeea04c8e251fd16bbf673f2f1322ce08a88411bf23c0ae6f3
5750b66e944006a6e2bf72b64ab9a0ccc4f77b4fdf59de850c29e9b319d1ebf0
594a4b54f632b9b25c20774cb87bfd0565a76548f8bfb1d0fb0aabfa7ea6b265
5ab8f962752071d61b4c1613f2126ead5a5969b0157509532cb1cc43d1c0486d
642e68e2920d83ca866b88006ef18212354e0d5acd026ccdc0b21cdafe72746f
66c9d6ecf94648c4dabff5923c433fd6d3a936440e4650b102cf4b4bc1a6a16a
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
6903f50388d3d1ad9b3e67033f700ba4ff5b89f89e80fdd7c04b427daa6b4c72
6ca1c6f849fe69b2a48018ab2c114d957657b7dc162dcd5b69a3d6351d2e2d2d
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
75c8f4eff4557b4248cf8493eff9f79a11f5856e14ddade73bd73d345812afb0
783fcee1f4e483a90c8620a6fcf5dd9dfd10734f245625495a8ea65e4bcb7263
7c526ee08811f04d7f0d5b393cd69c73d19d9fffe61773071deef3f364f00fa9
7cb0607a963a4d571ab612d010e4c124c2bb4cc0fd27048efa5f92eedab98ebe
7e5198ac988c7643d99cc98c10976fdde3855e1c2c4f0fc76849924bd97bf7e3
816ce1d39c17a3a25c127048e5a1613432f59e5b0d92fd1cfd1ceb19b0ca50c0
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8cc38817027860ed5e04f9e11e01cac05094175d8d4c87caac335dde7d10e7a6
8f6e7bfd316a160cd611c23c79c3d0cf8fcbfe22e16592f4afffd03eedf45756
91d682c73c844c45c56f75f12cbc65089c14d82490420d17de297b8298d2a535
9567089433a8475d29ccb98e717b835a30ad0ebdf33cae975ed7f8bff35c65ba
99770100ef97de7fafd08b0704039f46351fce02caf6d0ee55d02b77d7df6642
9de380d1d4b42530036e63ec0fd7a4e3a3a462fbb0a4f7acc9c994013c07bf42
a3cbe11384e7d7c8b3d65a7ef12d1ad010a5fd8ca33338162a7afc0eefe0ace8
a3edb3930e433b6ee76c26ed156d44196652363b4fa881a3e140b3e0b43d2a3d
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
b3985e3779ce6d21045b715324bc4837fc966d0c762a479e5da9764b438e41d4
b436fafd50c4a34bb5478d817e964e3ee611849abbbe6557063140f9555f8931
b6cc165a81339de1b0675ab2b82cd77143fe1abf3bb18a936eb894f16d2d7158
b73368ebc8ed4a26431b1306b47a2d9fd5447baa081af9dcec230839eb2c28a6
ba299622d4cde1b516ccf64c7212427f704610538e68833b60e17fe68b2df4f8
bb8dfef7ce210d03b43f64f67dc3fcd5f69be4b36460b0d471d133ad125bda1d
ca50fd28461009340b5bb2835a10d843ea4b7fddf7f5fc109392a55998c70ffc
cd6808cf81123db247a3a175d6767bd1fe6665d28faecf9ce4537e5b90b55b5a
d180ca3c0928a2806c664b7f04e158b4e20cc41adbcf0448c072587a7ab064e8
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
e3b07fe700f3a3a79a226f223c0a76bcb7b0083237d8fcd3f8c918a6f1c7072c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cdeafd22c26520e6da3d004bb4914e4bd16c17d78fbf7e57a147feaac97731
e9a1704d31ba9516ff343f9a37aed9e118dd5aae307e46e23505126433247ed5
eada6d1c06b5d675e0c143a2fbef8bf83e3060e9ba20ceeb37ec9415ce9bdbaa
eb4bc175d37a6a734c6e043fd36ead4fdbc82bb5a972cbd6c912ea570cd16fc3
f0451a587442fca6a380afc042f676122b442146e9aa1feae9e49b0e1151a4d1
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f4be91d2259eb6fc5057f082b69adc7f028e1c247a1096c86ca6c78f59384f6a
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f7c167923c8c50d1867053060bd7299ee43ca9ef64ce555fddbd014f45eb341c
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3

infosecwriteups.com Open in urlscan Pro 162.159.153.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

97 %HTTPS

80 %IPv6

8 Domains

12 Subdomains

11 IPs

2 Countries

1353 kBTransfer

3629 kBSize

9 Cookies

70 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

infosecwriteups.com Open in urlscan Pro
162.159.153.4 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

97 %
HTTPS

80 %
IPv6

8
Domains

12
Subdomains

11
IPs

2
Countries

1353 kB
Transfer

3629 kB
Size

9
Cookies

73 HTTP transactions
0 data transactions