2 Subdomains Takeover at readfu.com

Hi , I believe that `readfu.com` is now belong to `Twitter,inc`. I was able to takeover 2 subdomains via Heroku Services & Normal domain Buy! {F1147316} # `Poc :` * Please visit http://alpha.readfu.com/ via Heroku steps : https://youtu.be/mpPXrvhvD4A * Please check dns of `rb.readfu.com ` you will see it `hqn.ro` `hqn.ro` is available to Buy for 9 euro at https://www.eureg.ro/ so anyone can buy it and Takeover `rb.readfu.com` {F1147314} # `Suggested fix :` > remove your subdomains DNS` ## Impact Takeovers can be use in many things : Malware Phishing / Spear phishing XSS Authentication bypass Open Redirects True access .. etc Kind Regards, Mohamed Haron.