www.harmj0y.net
Open in
urlscan Pro
104.145.225.3
Public Scan
URL:
http://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/
Submission: On October 28 via manual from GB
Submission: On October 28 via manual from GB
Summary
This website contacted 14 IPs
in 3 countries
across 11 domains to perform 88 HTTP transactions.
The main IP is 104.145.225.3, located in
Piscataway, United States and
belongs to AS-DIGITALFYRE - DigitalFyre Internet Solutions, LLC., US.
The main domain is www.harmj0y.net.
This is the only time www.harmj0y.net was scanned on urlscan.io!
This is the only time www.harmj0y.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 51 | 104.145.225.3 104.145.225.3 | 64245 (AS-DIGITA...) (AS-DIGITALFYRE - DigitalFyre Internet Solutions) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2600:9000:20e... 2600:9000:20eb:a200:1d:3c83:f349:8ae1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 7 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 1 | 192.0.77.32 192.0.77.32 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 2 | 192.0.76.3 192.0.76.3 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:81a::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 6 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 2 | 192.30.253.119 192.30.253.119 | 36459 (GITHUB) (GITHUB - GitHub) | |
| 11 | 2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 2 | 104.244.42.136 104.244.42.136 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
| 1 | 185.199.109.154 185.199.109.154 | 54113 (FASTLY) (FASTLY - Fastly) | |
| 1 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 88 | 14 |
51
104.145.225.3
(Piscataway, United States)
ASN64245 (AS-DIGITALFYRE - DigitalFyre Internet Solutions, LLC., US)
PTR: pandora.digitaldatacenter.net
ASN64245 (AS-DIGITALFYRE - DigitalFyre Internet Solutions, LLC., US)
PTR: pandora.digitaldatacenter.net
| www.harmj0y.net |
1
2a00:1450:4001:806::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
1
2600:9000:20eb:a200:1d:3c83:f349:8ae1
(United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
| media.tenor.com |
7
2a04:fa87:fffe::c000:4902
(Ireland)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
| 0.gravatar.com | |
| 1.gravatar.com | |
| secure.gravatar.com |
1
192.0.77.32
(San Francisco, United States)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
| s0.wp.com |
2
192.0.76.3
(San Francisco, United States)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
| stats.wp.com | |
| pixel.wp.com |
3
2a00:1450:4001:81a::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
6
2606:2800:234:59:254c:406:2366:268c
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| platform.twitter.com |
2
192.30.253.119
(United States)
ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-119-iad.github.com
ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-119-iad.github.com
| gist.github.com |
11
2606:2800:134:fa2:1627:1fe:edb:1665
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| cdn.syndication.twimg.com | |
| abs.twimg.com | |
| pbs.twimg.com |
1
192.0.77.48
(San Francisco, United States)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
| s.w.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 51 |
harmj0y.net
www.harmj0y.net |
7 MB |
| 11 |
twimg.com
cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com |
129 KB |
| 8 |
twitter.com
platform.twitter.com syndication.twitter.com |
109 KB |
| 7 |
gravatar.com
0.gravatar.com 1.gravatar.com secure.gravatar.com |
19 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
28 KB |
| 3 |
wp.com
s0.wp.com stats.wp.com pixel.wp.com |
7 KB |
| 2 |
github.com
1 redirects
gist.github.com |
6 KB |
| 1 |
w.org
s.w.org |
567 B |
| 1 |
githubassets.com
github.githubassets.com |
5 KB |
| 1 |
tenor.com
media.tenor.com |
23 MB |
| 1 |
googleapis.com
fonts.googleapis.com |
1 KB |
| 88 | 11 |
| Domain | Requested by | |
|---|---|---|
| 51 | www.harmj0y.net |
www.harmj0y.net
|
| 9 | pbs.twimg.com |
www.harmj0y.net
|
| 6 | platform.twitter.com |
www.harmj0y.net
platform.twitter.com |
| 3 | fonts.gstatic.com |
www.harmj0y.net
|
| 3 | secure.gravatar.com |
www.harmj0y.net
|
| 2 | syndication.twitter.com |
www.harmj0y.net
|
| 2 | gist.github.com |
1 redirects
www.harmj0y.net
|
| 2 | 1.gravatar.com |
www.harmj0y.net
|
| 2 | 0.gravatar.com |
www.harmj0y.net
|
| 1 | s.w.org |
www.harmj0y.net
|
| 1 | github.githubassets.com |
www.harmj0y.net
|
| 1 | abs.twimg.com |
www.harmj0y.net
|
| 1 | cdn.syndication.twimg.com |
platform.twitter.com
|
| 1 | pixel.wp.com |
www.harmj0y.net
|
| 1 | stats.wp.com |
www.harmj0y.net
|
| 1 | s0.wp.com |
www.harmj0y.net
|
| 1 | media.tenor.com |
www.harmj0y.net
|
| 1 | fonts.googleapis.com |
www.harmj0y.net
|
| 88 | 18 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.tenor.com GTS CA 1O1 |
2019-01-30 - 2020-01-29 |
a year | crt.sh |
| *.wp.com Go Daddy Secure Certificate Authority - G2 |
2018-04-10 - 2020-05-11 |
2 years | crt.sh |
| *.gravatar.com COMODO RSA Domain Validation Secure Server CA |
2018-09-06 - 2020-09-05 |
2 years | crt.sh |
| *.github.com DigiCert SHA2 High Assurance Server CA |
2019-07-08 - 2020-07-16 |
a year | crt.sh |
| *.twimg.com DigiCert SHA2 High Assurance Server CA |
2018-11-19 - 2019-11-27 |
a year | crt.sh |
| syndication.twitter.com DigiCert SHA2 High Assurance Server CA |
2019-04-09 - 2020-04-01 |
a year | crt.sh |
| *.githubassets.com DigiCert SHA2 High Assurance Server CA |
2018-10-29 - 2020-11-02 |
2 years | crt.sh |
| *.w.org Go Daddy Secure Certificate Authority - G2 |
2016-11-29 - 2019-12-29 |
3 years | crt.sh |
This page contains 3 frames:
Primary Page:
http://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/
Frame ID: 9DBDFF975B029A5B28330AEF9E40F8B7
Requests: 76 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=http%3A%2F%2Fwww.harmj0y.net
Frame ID: 5744AE2BBE210F5A13386C3572C09C78
Requests: 1 HTTP requests in this frame
Frame:
http://abs.twimg.com/emoji/v2/72x72/1f95d.png
Frame ID: 4AEEC6E2754BA0AFE0599F143533EE23
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- html /<link[^>]+s\d+\.wp\.com/i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- html /<link[^>]+s\d+\.wp\.com/i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- html /<link[^>]+s\d+\.wp\.com/i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
LiteSpeed
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^LiteSpeed$/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Twitter
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
79 Outgoing links
These are links going to different origins than the main page.
URL: https://twitter.com/harmj0y
Title: twitter
Title: twitter
Search URL Search Domain Scan URL
URL: https://github.com/harmj0y
Title: github
Title: github
Search URL Search Domain Scan URL
URL: https://bloodhoundgang.herokuapp.com/
Title: slack
Title: slack
Search URL Search Domain Scan URL
URL: https://specterops.io/
Search URL Search Domain Scan URL
URL: https://bluescreenofjeff.com/
Title: bluescreenofjeff.com
Title: bluescreenofjeff.com
Search URL Search Domain Scan URL
URL: https://enigma0x3.net/
Title: enigma0x3.net
Title: enigma0x3.net
Search URL Search Domain Scan URL
URL: http://www.invoke-ir.com/
Title: invoke-ir.com
Title: invoke-ir.com
Search URL Search Domain Scan URL
URL: https://wald0.com/
Title: wald0.com
Title: wald0.com
Search URL Search Domain Scan URL
URL: https://youtu.be/6T-Qt4ZlFB0?t=23
Title: been a while
Title: been a while
Search URL Search Domain Scan URL
URL: https://xkcd.com/541/
Title: ;)
Title: ;)
Search URL Search Domain Scan URL
URL: https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1
Title: PowerView
Title: PowerView
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc759554(v=ws.10).aspx
Title: domain trust
Title: domain trust
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc780957(v=ws.10).aspx
Title: security principal
Title: security principal
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc770299.aspx
Title: a lot of information
Title: a lot of information
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc731335.aspx
Title: domain trusts
Title: domain trusts
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc755321(v=ws.10).aspx
Title: Security Considerations for Trusts
Title: Security Considerations for Trusts
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc757352(v=ws.10).aspx
Title: Most organizations that have more than one domain have a legitimate need for users to access shared resources located in a different domain
Title: Most organizations that have more than one domain have a legitimate need for users to access shared resources located in a different domain
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc759073(v=ws.10).aspx#w2k3tr_logic_what_ovkc
Title: Domain forests
Title: Domain forests
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc755700(v=ws.10).aspx
Title: have trusts
Title: have trusts
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc773178(v=ws.10).aspx
Title: how domain and forest trusts work
Title: how domain and forest trusts work
Search URL Search Domain Scan URL
URL: https://twitter.com/pyrotek3
Title: Sean Metcalf
Title: Sean Metcalf
Search URL Search Domain Scan URL
URL: https://adsecurity.org/?p=1588
Title: It’s All About Trust
Title: It’s All About Trust
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc773178(v=ws.10).aspx
Title: External trusts provide access to resources in a domain outside of the forest that is not already joined by a forest trust.
Title: External trusts provide access to resources in a domain outside of the forest that is not already joined by a forest trust.
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc757352(v=ws.10).aspx
Title: preserve two-way transitivity
Title: preserve two-way transitivity
Search URL Search Domain Scan URL
URL: https://tools.ietf.org/html/rfc4120
Title: RFC4120-compliant
Title: RFC4120-compliant
Search URL Search Domain Scan URL
URL: https://twitter.com/_wald0
Title: @wald0
Title: @wald0
Search URL Search Domain Scan URL
URL: https://twitter.com/cptjesus
Title: @cptjesus
Title: @cptjesus
Search URL Search Domain Scan URL
URL: https://www.slideshare.net/AndyRobbins3/here-be-dragons-the-unexplored-land-of-active-directory-acls/11
Title: spoke about at Derbycon this year
Title: spoke about at Derbycon this year
Search URL Search Domain Scan URL
URL: https://twitter.com/gentilkiwi
Title: Benjamin Delpy
Title: Benjamin Delpy
Search URL Search Domain Scan URL
URL: https://github.com/BloodHoundAD/BloodHound/
Title: BloodHound
Title: BloodHound
Search URL Search Domain Scan URL
URL: https://github.com/HarmJ0y/TrustVisualizer
Title: TrustVisualizer
Title: TrustVisualizer
Search URL Search Domain Scan URL
URL: https://twitter.com/sixdub
Title: @sixdub‘s
Title: @sixdub‘s
Search URL Search Domain Scan URL
URL: https://github.com/sixdub/DomainTrustExplorer
Title: DomainTrustExplorer
Title: DomainTrustExplorer
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain.getcurrentdomain(v=vs.110).aspx
Title: GetCurrentDomain()
Title: GetCurrentDomain()
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain(v=vs.110).aspx
Title: System.DirectoryServices.ActiveDirectory.Domain
Title: System.DirectoryServices.ActiveDirectory.Domain
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.domain.getalltrustrelationships(v=vs.110).aspx
Title: GetAllTrustRelationships()
Title: GetAllTrustRelationships()
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.forest(v=vs.110).aspx
Title: [System.DirectoryServices.ActiveDirectory.Forest]
Title: [System.DirectoryServices.ActiveDirectory.Forest]
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.forest.getalltrustrelationships(v=vs.110).aspx
Title: GetAllTrustRelationships()
Title: GetAllTrustRelationships()
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/ms675976(v=vs.85).aspx
Title: DsEnumerateDomainTrusts()
Title: DsEnumerateDomainTrusts()
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/ms676059(v=vs.85).aspx
Title: DS_DOMAIN_TRUSTS
Title: DS_DOMAIN_TRUSTS
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/ms722477(v=vs.85).aspx
Title: documented here
Title: documented here
Search URL Search Domain Scan URL
URL: https://github.com/BloodHoundAD/SharpHound/blob/b2f98dc9e5675b5687964a7eaeeb3573fe6b676a/Sharphound2/Enumeration/DomainTrustEnumeration.cs#L140-L143
Title: method that BloodHound uses
Title: method that BloodHound uses
Search URL Search Domain Scan URL
URL: https://github.com/BloodHoundAD/BloodHound/blob/master/Ingestors/SharpHound.ps1
Title: SharpHound.ps1
Title: SharpHound.ps1
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/ms683977(v=vs.85).aspx
Title: trustedDomain
Title: trustedDomain
Search URL Search Domain Scan URL
URL: http://www.joeware.net/freetools/tools/adfind/
Title: Joeware’s Adfind
Title: Joeware’s Adfind
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc223771.aspx
Title: TrustType
Title: TrustType
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc223779.aspx
Title: TrustAttributes
Title: TrustAttributes
Search URL Search Domain Scan URL
URL: https://imav8n.wordpress.com/2008/07/30/trust-attribute-cross_organization-and-selective-auth/
Title: to this post
Title: to this post
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc755321(v=ws.10).aspx#w2k3tr_trust_security_zyzk
Title: this MSDN doc
Title: this MSDN doc
Search URL Search Domain Scan URL
URL: http://krbdev.mit.edu/rt/Ticket/Display.html?id=5477
Title: some documentation
Title: some documentation
Search URL Search Domain Scan URL
URL: https://retep998.github.io/doc/winapi/ntsecapi/constant.TRUST_ATTRIBUTE_TRUST_USES_AES_KEYS.html
Title: find online
Title: find online
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc233949.aspx
Title: [MS-KILE] 3.3.5.7.5
Title: [MS-KILE] 3.3.5.7.5
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc237940.aspx
Title: [MS-PAC] 4.1.2.2
Title: [MS-PAC] 4.1.2.2
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc728188(v=ws.10).aspx
Title: global catalog is a partial copy of all objects
Title: global catalog is a partial copy of all objects
Search URL Search Domain Scan URL
URL: https://specterops.io/assets/resources/an_ace_up_the_sleeve.pdf
Title: An ACE Up The Sleeve
Title: An ACE Up The Sleeve
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/ms677270(v=vs.85).aspx
Title: linked attributes
Title: linked attributes
Search URL Search Domain Scan URL
URL: https://gist.github.com/HarmJ0y/e8f025ab1f04218ee44542f77c8e9842/raw/197473f0b37d6877f38ad76a744f2539163dfaa5/gc_foreign_local_groups.ps1
Title: view raw
Title: view raw
Search URL Search Domain Scan URL
URL: https://gist.github.com/HarmJ0y/e8f025ab1f04218ee44542f77c8e9842#file-gc_foreign_local_groups-ps1
Title: gc_foreign_local_groups.ps1
Title: gc_foreign_local_groups.ps1
Search URL Search Domain Scan URL
URL: https://github.com/
Title: GitHub
Title: GitHub
Search URL Search Domain Scan URL
URL: https://github.com/gentilkiwi/mimikatz
Title: Mimikatz
Title: Mimikatz
Search URL Search Domain Scan URL
URL: https://twitter.com/gentilkiwi/status/615289503029305345
Title: tweet from Benjamin Delpy
Title: tweet from Benjamin Delpy
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc755979(v=ws.10).aspx
Title: the forest is the security boundary for Active Directory
Title: the forest is the security boundary for Active Directory
Search URL Search Domain Scan URL
URL: http://windowsitpro.com/windows-server/exploiting-sidhistory-ad-attribute
Title: has been known since (at least) 2005
Title: has been known since (at least) 2005
Search URL Search Domain Scan URL
URL: https://technet.microsoft.com/en-us/library/cc974408(v=ws.10).aspx
Title: if the SID or the SID history matches, access to the resource is granted or denied, according to the access specified in the ACL.
Title: if the SID or the SID history matches, access to the resource is granted or denied, according to the access specified in the ACL.
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc237948.aspx
Title: KERB_VALIDATION_INFO
Title: KERB_VALIDATION_INFO
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc237947.aspx
Title: is defined here
Title: is defined here
Search URL Search Domain Scan URL
URL: https://cloudblogs.microsoft.com/microsoftsecure/2015/02/11/krbtgt-account-password-reset-scripts-now-available-for-customers/
Title: Microsoft released scripts
Title: Microsoft released scripts
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc223791.aspx
Title: 6.1.6.9.6.1 of the Active Directory Technical Specification
Title: 6.1.6.9.6.1 of the Active Directory Technical Specification
Search URL Search Domain Scan URL
URL: https://adsecurity.org/?p=1929
Title: million
Title: million
Search URL Search Domain Scan URL
URL: https://files.sans.org/summit/hackfest2014/PDFs/Kicking%20the%20Guard%20Dog%20of%20Hades%20-%20Attacking%20Microsoft%20Kerberos%20%20-%20Tim%20Medin(1).pdf
Title: Tim Medin in 2014
Title: Tim Medin in 2014
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.identitymodel.tokens.kerberosrequestorsecuritytoken(v=vs.110).aspx
Title: System.IdentityModel.Tokens.KerberosRequestorSecurityToken
Title: System.IdentityModel.Tokens.KerberosRequestorSecurityToken
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.identitymodel.tokens.kerberosrequestorsecuritytoken.getrequest(v=vs.110).aspx
Title: .GetRequest()
Title: .GetRequest()
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/system.identitymodel.tokens.kerberosrequestorsecuritytoken.serviceprincipalname(v=vs.110).aspx
Title: KerberosRequestorSecurityToken.ServicePrincipalName
Title: KerberosRequestorSecurityToken.ServicePrincipalName
Search URL Search Domain Scan URL
URL: https://msdn.microsoft.com/en-us/library/cc237917.aspx
Title: Privilege Attribute Certificate Data Structure
Title: Privilege Attribute Certificate Data Structure
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/securing-privileged-access-reference-material#ESAE_BM
Title: Enhanced Security Administrative Environment
Title: Enhanced Security Administrative Environment
Search URL Search Domain Scan URL
URL: https://twitter.com/harmj0y/
Title: @harmj0y
Title: @harmj0y
Search URL Search Domain Scan URL
URL: https://medium.com/@harmj0y/a-guide-to-attacking-domain-trusts-ef5f8992bb9d
Title: Medium
Title: Medium
Search URL Search Domain Scan URL
URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed
Title: Learn how your comment data is processed
Search URL Search Domain Scan URL
URL: https://www.competethemes.com/cele/
Title: Cele Theme
Title: Cele Theme
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 65- https://gist.github.com/e8f025ab1f04218ee44542f77c8e9842.json?callback=jQuery112406295669774941794_1572273903069&_=1572273903070 HTTP 302
- https://gist.github.com/HarmJ0y/e8f025ab1f04218ee44542f77c8e9842.json?_=1572273903070&callback=jQuery112406295669774941794_1572273903069
88 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/ |
143 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crayon.min.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/min/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
www.harmj0y.net/blog/wp-includes/css/dist/block-library/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
www.harmj0y.net/blog/wp-content/themes/cele/assets/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.harmj0y.net/blog/wp-content/themes/cele/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default.min.css
www.harmj0y.net/blog/wp-content/plugins/tablepress/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jetpack.css
www.harmj0y.net/blog/wp-content/plugins/jetpack/css/ |
70 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.harmj0y.net/blog/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
www.harmj0y.net/blog/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crayon.min.js
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/js/min/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
specterops.png
www.harmj0y.net/blog/wp-content/uploads/2017/07/ |
69 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
kerberos_key_diagram_updated-1024x662.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
281 KB 277 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trust_meme.jpg
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
43 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trust_direction_one_way-1024x465.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
159 KB 154 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sample_trust_architecture.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
www.harmj0y.net/blog/wp-includes/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
net_from_sub-1024x216.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
114 KB 113 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_forest_trust-1024x308.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
106 KB 105 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_domain_trust_api-1024x965.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
416 KB 412 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_nltest-1024x137.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
102 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_dsquery-1024x576.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
300 KB 298 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_get_domain_trust_ldap-1024x583.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
230 KB 228 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_get_computer_across_trust-1024x530.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
320 KB 319 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
klist_inter_realm_tgts-1024x631.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
378 KB 377 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_trust_global_catalog-1024x713.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
308 KB 305 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trust_visualizer-1024x169.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
122 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bloodhound_trust_graph.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
64 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
foreign_security_principal.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
86 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dev_universal_group-1024x267.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
125 KB 124 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dev_foreign_group_member-1024x635.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
330 KB 328 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
localgroup_foreign_memberships-1024x467.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
308 KB 307 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
delpy_trust_tweet2-988x1024.png
www.harmj0y.net/blog/wp-content/uploads/2015/06/ |
533 KB 528 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tenor.gif
media.tenor.com/images/fc63d5c22822973d74335e16a5401fd0/ |
23 MB 23 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_trust_from_external2-1024x715.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
281 KB 278 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_trust_from_external_gc-1024x720.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
312 KB 309 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
domain_trust_refferal_error-1024x196.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
168 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
external_sub_cross_membership-1024x693.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
374 KB 371 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sub_foreign_user-1024x269.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
129 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dev_foreign_group_member2-1024x452.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
210 KB 209 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
testlab_foreign_group_member-1024x403.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
199 KB 198 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
contoso_foreign_member-1024x456.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
262 KB 260 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
external_dcsync_trust-1024x573.png
www.harmj0y.net/blog/wp-content/uploads/2017/10/ |
161 KB 143 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keep_calm.png
www.harmj0y.net/blog/wp-content/uploads/2015/09/ |
39 KB 37 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
delpy_dcsync2-1024x787.png
www.harmj0y.net/blog/wp-content/uploads/2015/09/ |
429 KB 425 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3a78e336c8955f53f4733d0a7bc08377
0.gravatar.com/avatar/ |
1021 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f35e23f9a2e722d2bc51143b06096896
0.gravatar.com/avatar/ |
1021 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a874809641a854ae50e959b608dadefc
1.gravatar.com/avatar/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
df4df2ddaa45bf5814f63add3acc1ab4
1.gravatar.com/avatar/ |
1021 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
devicepx-jetpack.js
s0.wp.com/wp-content/js/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gprofiles.js
secure.gravatar.com/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wpgroho.js
www.harmj0y.net/blog/wp-content/plugins/jetpack/modules/ |
1 KB 949 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
production.min.js
www.harmj0y.net/blog/wp-content/themes/cele/js/build/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
comment-reply.min.js
www.harmj0y.net/blog/wp-includes/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
twitter-timeline.min.js
www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/ |
331 B 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
www.harmj0y.net/blog/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gist.min.js
www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/shortcodes/js/ |
442 B 771 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
form.js
www.harmj0y.net/blog/wp-content/plugins/akismet/_inc/ |
700 B 771 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-201944.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
www.harmj0y.net/blog/wp-content/themes/cele/assets/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hovercard.min.css
secure.gravatar.com/dist/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
services.min.css
secure.gravatar.com/dist/css/ |
3 KB 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
e8f025ab1f04218ee44542f77c8e9842.json
gist.github.com/HarmJ0y/ Redirect Chain
|
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame 5744 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
g.gif
pixel.wp.com/ |
50 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
moment~timeline~tweet.f41b02dcb58512d8e9f6d4178eb28452.js
platform.twitter.com/js/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timeline.0a7b4db67eacd23e35c5ce02e6ea3470.js
platform.twitter.com/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
profile
cdn.syndication.twimg.com/timeline/ |
36 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syndication
syndication.twitter.com/i/jot/ |
43 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1f95d.png
abs.twimg.com/emoji/v2/72x72/ Frame 4AEE |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timeline.a4ac5782325ad1b5e51c8b06daf47853.light.ltr.css
platform.twitter.com/css/ Frame 4AEE |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timeline.a4ac5782325ad1b5e51c8b06daf47853.light.ltr.css
platform.twitter.com/css/ |
52 KB 52 KB |
Image
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Csp2-ofI_normal.jpg
pbs.twimg.com/profile_images/827908828574470144/ Frame 4AEE |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JC3sQice_normal.png
pbs.twimg.com/profile_images/1135008633203257344/ Frame 4AEE |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3NILFaXQ_normal.png
pbs.twimg.com/profile_images/1140290718482817025/ Frame 4AEE |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
U0BW_g60_normal.jpg
pbs.twimg.com/profile_images/1138851005574078465/ Frame 4AEE |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EHjpsv_WoAAYDZ6
pbs.twimg.com/media/ Frame 4AEE |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EHhht3bXYAEiuJH
pbs.twimg.com/media/ Frame 4AEE |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EHhht3UWsAArIK0
pbs.twimg.com/media/ Frame 4AEE |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Dl2bEadW0AY6CN6
pbs.twimg.com/media/ Frame 4AEE |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Dl2bsXHW4AAZNTZ
pbs.twimg.com/media/ Frame 4AEE |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4AEE |
512 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4AEE |
825 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4AEE |
739 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4AEE |
572 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4AEE |
644 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4AEE |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gist-embed-123720f37c57ce9a8f29de081c38ed61.css
github.githubassets.com/assets/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2764.svg
s.w.org/images/core/emoji/11.2.0/svg/ |
368 B 567 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jot
syndication.twitter.com/i/ |
43 B 124 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery object| CrayonSyntaxSettings object| CrayonSyntaxStrings function| jQueryCrayon object| CrayonUtil object| jqueryPopup function| popupWindow function| popdownWindow object| CrayonSyntax object| wpcom_img_zoomer object| detectZoom function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz object| WPGroHo object| ct_cele_objectL10n object| addComment object| __twttrll object| twttr object| __twttr object| wp object| _stq string| currentURL string| currentDir object| GET string| hash number| uniq string| new_css object| jQuery112406295669774941794 function| st_go function| linktracker_init object| wpcom object| twemoji object| ak_js object| commentForm undefined| replyRowContainer undefined| children0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff,nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.gravatar.com
1.gravatar.com
abs.twimg.com
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
gist.github.com
github.githubassets.com
media.tenor.com
pbs.twimg.com
pixel.wp.com
platform.twitter.com
s.w.org
s0.wp.com
secure.gravatar.com
stats.wp.com
syndication.twitter.com
www.harmj0y.net
104.145.225.3
104.244.42.136
185.199.109.154
192.0.76.3
192.0.77.32
192.0.77.48
192.30.253.119
2600:9000:20eb:a200:1d:3c83:f349:8ae1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::200a
2a00:1450:4001:81a::2003
2a04:fa87:fffe::c000:4902
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
05494aa08a145523a590fbcc3b9460a2794b6bdfdb9c97a368e7504de89b5d17
07cb11b1c05df57e69c0a115bb2fa3141423e8e62443a7ecb6ed74ffa0fa4a9d
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0ba09a4b8adee46fd38d7499dcbe8a802cf51f1cb46506e6c8fcab2314b00e00
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
189e55c1add03e0ba928289e4ff9c4d82faf0bb1cdb7190ca1adcaaad14bf498
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
291b553dee180f838e513bf2580c9af27f8312320581e3c91029a7c4d5eb2fbc
29f094b0dfc04614f73ad9a5d38cb633c008a29a173216757952b6d644223af3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d4f8e502585d9c8c5707d5e1fda9bc759790c02444809243bbf71f8944509d7
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
35c3663c2ab72cdb53c1efa1e12e1a28985bad360340e75f9aceaa2efd420459
37a3bd7bc7328f0ead2c0f6f635dddf60615e676e6b4ddf964144012e529de45
38ac85ed26d241632e416fe8a7462f479c7c3e8bfdf184ddb2025fc6835f5f46
38c474f626ebfc14d9d53399847aa6927bcd4735617ee4a50e3190844595ab6b
3c34faf7017b54394f271462d87503e744dbe5f647c54404ab1709e7aa96e439
406da1f05a7ddd6b9a0cce5fbdb844f0639a871911ecbd8c7d50bb3500b0ece3
418c36b011b3664093c568ddd021a866af4459bfa187a3681a121d53e4f3ff49
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
42044d2f67a563820783809582b367cf2195586acffb544fbc01d9c58787d435
44a2bf681f7bc4a15e5881959e21718c04532eacb5f012d0d70284bb4f7d4d0f
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b180f9e47c9deec13d930a3a40951303e8c386ab7a12399cf305936a09293e8
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5133072c2170af686654d9d2b6de9f3fc9c503f5ecf8851a5b8a12747df63420
525d0c63376a81b2e0e6414f51f3d9911f339545bc2288d2f0b5a1afe0a0b3cc
52b06b5517f53f51c99bcbfe57bf571065cdebd93cd2ed086c724e4c5ce417f9
5b7d8241b4e405e7376d303f5240e365a8df09d9000e6380168c887dcf8309f7
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60c09372ff6bee7b503d879b159fd87bde504ca130f8f4264552f180b45cc11e
61e7da8c292b9285fb3153543999f5b3414f699ab146d9beeb552b82dc0a10ee
6551fee3ce012103c5bee37e5413967da3a0741ad122334fca0f1e48a7a02406
69b636cc44a8b1118cde61cbce6e87a2d983a5458eee35eea2f74caf1abdb449
6c62a6b9076a7e4622e5949c7d7dc2d9c748be3834db091da97f5fd25e3cb026
6f8ef06943cf5dd8575921aeb92f40f5d85d878168af860fa2f5c7e7b20c2455
703b134857241eccea000989b0435dde381988f53d40119744bff8d1cf828a63
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
76ca790147cbe2a6d2b43f66792e3f2fb703483c801188487f9eb24fb201421f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a71c4d43ef3a2d69129f3f547d99dbd452385ed87694d4c56c02e40530dc6a3
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
7c46604c0440be3fd2d6a5e217846cde699e81422afd52625b633bc28cfe3446
9211e9e8ab395bfde52e0563b6c881265bffdd0943be0ac33fd9c1e7c4c982b5
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
9d43d1a4b44a072383cc6bdae7a509ff59c5ac2eee945ec613c1d7b51a61d98b
a3682116949eaf58768a5fa7dec32d2de2006fa40977d13254425d02d4d5e228
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a8b16530224ab6db50c2ab417f171752a84d8f1fb5e241057ab94c4c4f4bd0c3
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae60e48e6d432c72e26b75641643ccc1209a4e6f70912e571cd1faf1f93f4d12
b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb
b62339a0ee7a1faa36cb652ab052f8e29387095cd79432bad4816b958446637e
b62d972247ec1c86c18528916fc7a3d60f9eeeddd784d8ec22de94f1f57264d2
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
be0a38b9f809a3e9769fbbf2f9d94c0ed47697417f20d92c65a5ac1eeaab6094
bebbe24c97a486d8ca02b32cebcdf718368b4ad24a089dd25e35f430e8bd95e3
c1541bfecb20ae3bc2c247cd5cc99b9b2f4608dfdd70b0dd73ec6b1eaafaf654
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
c53261c30acc3dbfd08bbe8baa920cc595fed119faec575a66cd100d85efa0a9
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c81b9bd9f4f1a64e1d70d5bfb1933d6e1fb00c1b99fb7733288a142b9cccf499
c924d5b06fa2c316ad286310fc72f182a06a83c2b10580be2d6c714cf132003d
ce005fdcd480a558093cf0fe816cf7d47767b7ca9a5dce474c955a2ea87b133f
cfec4df971d30f4394f2460934f0de8e9631c8b2104dcc6b21e89ee724ba25ee
cff92a7eb12d555a40c2c94c90f8b23009c1a7298e15b47d6f7ae6b744fdac15
d2d9d4b185acb1a2f1d25a6a6ce7603de725a6066d6da0f077c79e1932d26efa
dce60247f8fe8382f96de643513d7d0e06af9178c362779050f9e0af90644c2e
dec22d665719520caba542fe8f59e42c4fb088143ff0e2d255374723ec2605a7
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ea28b2245b1d1ccf8f479d9d8c014186e4d88d8a09b995dabfddfafbf5f74015
edcd77b0c0011f485addbda8ad19ab36e53c878dfe46c324b0a8bd8d9a1bfafa
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f02539fe091ffd4fa3d7ee966a342964cba26a6dbfddb6ab2ff18849e98052d8
f0b5ae8251fc6e1e756f867ed5e51418f1a8565d7e530292c62f10c239873e5f
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f452b1e5c1cae40dc81a9da7605dd6b98d0a06253d9b363e11c99ec4081ace4c
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9
fe5d8137b73bc8066d3ab6193b65455f5ea17a035f22b1eab3e36c5d2c34e478