id: frontify-takeover

info:
  name: frontify takeover detection
  author: pdteam
  severity: high
  description: frontify takeover was detected.
  reference:
    - https://github.com/EdOverflow/can-i-take-over-xyz/issues/170
  metadata:
    max-request: 1
  tags: takeover

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - Host != ip

      - type: word
        words:
          - 404 - Page Not Found
          - Oops… looks like you got lost
        condition: and

    extractors:
      - type: dsl
        dsl:
          - cname
# digest: 490a00463044022073257d87b3c8f7bac57f11010374f90ebc1ad0ed82fa373cb8bc52f060a59a9f02207f2df96e3872cb18f759d103ee1eafa6100f1e1cb4d752047366abcd71da4c79:922c64590222798bb761d5b6d8e72950