Azure App Service origins accessible directly, bypassing Akamai CDN/WAF
Sends the same payload via Akamai (CDN/WAF) and directly to the Azure origin. Compare status codes, headers, and response bodies.
Probes all 7 discovered Azure App Service origins. Shows accessibility, Akamai WAF presence, and response details.
This proof-of-concept is part of an authorized bug bounty submission
under the NBA Public Bug Bounty program on HackerOne.
All testing complies with the program's rate limit rules (max 3 req/s).