www.harmj0y.net
Open in
urlscan Pro
104.145.225.3
Public Scan
URL:
http://www.harmj0y.net/blog/redteaming/domain-trusts-why-you-should-care/
Submission: On November 04 via manual from US
Submission: On November 04 via manual from US
Summary
This website contacted 13 IPs
in 3 countries
across 10 domains to perform 70 HTTP transactions.
The main IP is 104.145.225.3, located in
Piscataway, United States and
belongs to AS-DIGITALFYRE - DigitalFyre Internet Solutions, LLC., US.
The main domain is www.harmj0y.net.
This is the only time www.harmj0y.net was scanned on urlscan.io!
This is the only time www.harmj0y.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 31 | 104.145.225.3 104.145.225.3 | 64245 (AS-DIGITA...) (AS-DIGITALFYRE - DigitalFyre Internet Solutions) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:824::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 6 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 1 | 192.0.77.32 192.0.77.32 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 2 | 192.0.76.3 192.0.76.3 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:815::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 7 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 2 | 192.30.253.119 192.30.253.119 | 36459 (GITHUB) (GITHUB - GitHub) | |
| 15 | 2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665 | 15133 (EDGECAST) (EDGECAST - MCI Communications Services) | |
| 1 2 | 104.244.42.8 104.244.42.8 | 13414 (TWITTER) (TWITTER - Twitter Inc.) | |
| 1 | 185.199.108.154 185.199.108.154 | 54113 (FASTLY) (FASTLY - Fastly) | |
| 1 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC - Automattic) | |
| 70 | 13 |
31
104.145.225.3
(Piscataway, United States)
ASN64245 (AS-DIGITALFYRE - DigitalFyre Internet Solutions, LLC., US)
PTR: pandora.digitaldatacenter.net
ASN64245 (AS-DIGITALFYRE - DigitalFyre Internet Solutions, LLC., US)
PTR: pandora.digitaldatacenter.net
| www.harmj0y.net |
1
2a00:1450:4001:824::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
6
2a04:fa87:fffe::c000:4902
(Ireland)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
| 1.gravatar.com | |
| 0.gravatar.com | |
| secure.gravatar.com |
1
192.0.77.32
(San Francisco, United States)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com
| s0.wp.com |
2
192.0.76.3
(San Francisco, United States)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
| stats.wp.com | |
| pixel.wp.com |
3
2a00:1450:4001:815::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
7
2606:2800:234:59:254c:406:2366:268c
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| platform.twitter.com |
2
192.30.253.119
(United States)
ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-119-iad.github.com
ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-119-iad.github.com
| gist.github.com |
15
2606:2800:134:fa2:1627:1fe:edb:1665
(United States)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
| cdn.syndication.twimg.com | |
| abs.twimg.com | |
| pbs.twimg.com | |
| ton.twimg.com |
1
192.0.77.48
(San Francisco, United States)
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: s.w.org
| s.w.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 31 |
harmj0y.net
www.harmj0y.net |
707 KB |
| 15 |
twimg.com
cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com ton.twimg.com |
200 KB |
| 9 |
twitter.com
1 redirects
platform.twitter.com syndication.twitter.com |
109 KB |
| 6 |
gravatar.com
1.gravatar.com 0.gravatar.com secure.gravatar.com |
18 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
28 KB |
| 3 |
wp.com
s0.wp.com stats.wp.com pixel.wp.com |
7 KB |
| 2 |
github.com
1 redirects
gist.github.com |
5 KB |
| 1 |
w.org
s.w.org |
568 B |
| 1 |
githubassets.com
github.githubassets.com |
5 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
1 KB |
| 70 | 10 |
| Domain | Requested by | |
|---|---|---|
| 31 | www.harmj0y.net |
www.harmj0y.net
|
| 10 | pbs.twimg.com |
www.harmj0y.net
|
| 7 | platform.twitter.com |
www.harmj0y.net
platform.twitter.com |
| 3 | fonts.gstatic.com |
www.harmj0y.net
|
| 3 | secure.gravatar.com |
www.harmj0y.net
|
| 2 | ton.twimg.com |
platform.twitter.com
|
| 2 | abs.twimg.com |
www.harmj0y.net
platform.twitter.com |
| 2 | syndication.twitter.com |
1 redirects
www.harmj0y.net
|
| 2 | gist.github.com |
1 redirects
www.harmj0y.net
|
| 2 | 1.gravatar.com |
www.harmj0y.net
|
| 1 | s.w.org |
www.harmj0y.net
|
| 1 | github.githubassets.com |
www.harmj0y.net
|
| 1 | cdn.syndication.twimg.com |
platform.twitter.com
|
| 1 | pixel.wp.com |
www.harmj0y.net
|
| 1 | stats.wp.com |
www.harmj0y.net
|
| 1 | s0.wp.com |
www.harmj0y.net
|
| 1 | 0.gravatar.com |
www.harmj0y.net
|
| 1 | fonts.googleapis.com |
www.harmj0y.net
|
| 70 | 18 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.wp.com Go Daddy Secure Certificate Authority - G2 |
2018-04-10 - 2020-05-11 |
2 years | crt.sh |
| *.gravatar.com COMODO RSA Domain Validation Secure Server CA |
2018-09-06 - 2020-09-05 |
2 years | crt.sh |
| *.github.com DigiCert SHA2 High Assurance Server CA |
2019-07-08 - 2020-07-16 |
a year | crt.sh |
| *.twimg.com DigiCert SHA2 High Assurance Server CA |
2018-11-19 - 2019-11-27 |
a year | crt.sh |
| syndication.twitter.com DigiCert SHA2 High Assurance Server CA |
2019-04-09 - 2020-04-01 |
a year | crt.sh |
| *.githubassets.com DigiCert SHA2 High Assurance Server CA |
2018-10-29 - 2020-11-02 |
2 years | crt.sh |
| *.w.org Go Daddy Secure Certificate Authority - G2 |
2016-11-29 - 2019-12-29 |
3 years | crt.sh |
This page contains 4 frames:
Primary Page:
http://www.harmj0y.net/blog/redteaming/domain-trusts-why-you-should-care/
Frame ID: E1D479CB873ED86E533D05052ADC7160
Requests: 54 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html?origin=http%3A%2F%2Fwww.harmj0y.net
Frame ID: 3FEFD36A0B74D7FE03924DB67FC6832D
Requests: 1 HTTP requests in this frame
Frame:
https://abs.twimg.com/emoji/v2/72x72/1f447.png
Frame ID: 4C08DC11F970469D7772563B0D6E51F4
Requests: 19 HTTP requests in this frame
Frame:
https://platform.twitter.com/jot.html
Frame ID: A46AF5EF6B6201599126B114C24B8ACD
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- html /<link[^>]+s\d+\.wp\.com/i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- html /<link[^>]+s\d+\.wp\.com/i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- html /<link[^>]+s\d+\.wp\.com/i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
LiteSpeed
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^LiteSpeed$/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Twitter
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/platform\.twitter\.com\/widgets\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
29 Outgoing links
These are links going to different origins than the main page.
URL: https://twitter.com/harmj0y
Title: twitter
Title: twitter
Search URL Search Domain Scan URL
URL: https://github.com/harmj0y
Title: github
Title: github
Search URL Search Domain Scan URL
URL: https://bloodhoundgang.herokuapp.com/
Title: slack
Title: slack
Search URL Search Domain Scan URL
URL: https://specterops.io/
Search URL Search Domain Scan URL
URL: https://bluescreenofjeff.com/
Title: bluescreenofjeff.com
Title: bluescreenofjeff.com
Search URL Search Domain Scan URL
URL: https://enigma0x3.net/
Title: enigma0x3.net
Title: enigma0x3.net
Search URL Search Domain Scan URL
URL: http://www.invoke-ir.com/
Title: invoke-ir.com
Title: invoke-ir.com
Search URL Search Domain Scan URL
URL: https://wald0.com/
Title: wald0.com
Title: wald0.com
Search URL Search Domain Scan URL
URL: http://www.irongeek.com/i.php?page=videos/derbycon4/t105-abusing-active-directory-in-post-exploitation-carlos-perez
Title: Carlos Perez’s talk at Derbycon ’14
Title: Carlos Perez’s talk at Derbycon ’14
Search URL Search Domain Scan URL
URL: https://github.com/Veil-Framework/PowerTools/tree/master/PowerView
Title: PowerView
Title: PowerView
Search URL Search Domain Scan URL
URL: http://blog.cobaltstrike.com/2012/12/05/offense-in-depth/
Title: offensive-in-depth
Title: offensive-in-depth
Search URL Search Domain Scan URL
URL: http://www.slideshare.net/harmj0y/derbycon-passing-the-torch
Title: Passing the Torch: Old School Redteaming, New School Tactics?
Title: Passing the Torch: Old School Redteaming, New School Tactics?
Search URL Search Domain Scan URL
URL: https://gist.github.com/HarmJ0y/17da95932073e0c30928/raw/bb22c01e903a7c956c69344edbabf2f84c2b7ce9/trusts.csv
Title: view raw
Title: view raw
Search URL Search Domain Scan URL
URL: https://gist.github.com/HarmJ0y/17da95932073e0c30928#file-trusts-csv
Title: trusts.csv
Title: trusts.csv
Search URL Search Domain Scan URL
URL: https://github.com/
Title: GitHub
Title: GitHub
Search URL Search Domain Scan URL
URL: https://twitter.com/sixdub
Title: @sixdub
Title: @sixdub
Search URL Search Domain Scan URL
URL: https://github.com/sixdub/DomainTrustExplorer
Title: DomainTrustExplorer
Title: DomainTrustExplorer
Search URL Search Domain Scan URL
URL: http://sixdub.net/2014/10/nodal-analysis-of-domain-trusts-maximizing-the-win/
Title: Nodal Analysis of Domain Trusts – Maximizing the Win!
Title: Nodal Analysis of Domain Trusts – Maximizing the Win!
Search URL Search Domain Scan URL
URL: http://www.yworks.com/en/products/yfiles/yed/
Title: in yED
Title: in yED
Search URL Search Domain Scan URL
URL: http://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.trusttype(v=vs.110).aspx
Title: are crosslinks
Title: are crosslinks
Search URL Search Domain Scan URL
URL: http://technet.microsoft.com/en-us/library/cc756898(WS.10).aspx
Title: enterprise admin account
Title: enterprise admin account
Search URL Search Domain Scan URL
URL: https://clymb3r.wordpress.com/2013/11/17/injecting-logon-credentials-with-powershell/
Title: PowerSploit
Title: PowerSploit
Search URL Search Domain Scan URL
URL: https://github.com/mattifestation/PowerSploit/blob/master/Exfiltration/Invoke-NinjaCopy.ps1
Title: PowerSploit’s Invoke-NinjaCopy
Title: PowerSploit’s Invoke-NinjaCopy
Search URL Search Domain Scan URL
URL: http://blog.cobaltstrike.com/2014/05/14/meterpreter-kiwi-extension-golden-ticket-howto/
Title: golden ticket
Title: golden ticket
Search URL Search Domain Scan URL
URL: https://github.com/mattifestation/PowerSploit/blob/master/Exfiltration/Invoke-Mimikatz.ps1
Title: PowerSploit’s Invoke-Mimikatz
Title: PowerSploit’s Invoke-Mimikatz
Search URL Search Domain Scan URL
URL: http://blog.cobaltstrike.com/2014/10/30/give-me-any-zero-day-and-i-will-rule-the-world/
Title: didn’t use a single exploit
Title: didn’t use a single exploit
Search URL Search Domain Scan URL
URL: https://cyberoperations.wordpress.com/2015/03/07/security-news-0x83/
Title: Security News #0x83 | CyberOperations
Title: Security News #0x83 | CyberOperations
Search URL Search Domain Scan URL
URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed
Title: Learn how your comment data is processed
Search URL Search Domain Scan URL
URL: https://www.competethemes.com/cele/
Title: Cele Theme
Title: Cele Theme
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- https://gist.github.com/17da95932073e0c30928.json?callback=jQuery11240267005807306121_1572889777518&_=1572889777519 HTTP 302
- https://gist.github.com/HarmJ0y/17da95932073e0c30928.json?_=1572889777519&callback=jQuery11240267005807306121_1572889777518
- https://syndication.twitter.com/i/jot HTTP 302
- https://platform.twitter.com/jot.html
70 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
www.harmj0y.net/blog/redteaming/domain-trusts-why-you-should-care/ |
87 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crayon.min.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/min/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
classic.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/themes/classic/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
monaco.css
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/ |
529 B 679 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.min.css
www.harmj0y.net/blog/wp-includes/css/dist/block-library/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
font-awesome.min.css
www.harmj0y.net/blog/wp-content/themes/cele/assets/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.harmj0y.net/blog/wp-content/themes/cele/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
default.min.css
www.harmj0y.net/blog/wp-content/plugins/tablepress/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jetpack.css
www.harmj0y.net/blog/wp-content/plugins/jetpack/css/ |
70 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.harmj0y.net/blog/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
www.harmj0y.net/blog/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
crayon.min.js
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/js/min/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
specterops.png
www.harmj0y.net/blog/wp-content/uploads/2017/07/ |
69 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trustexporer_graphml_dump-1024x156.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
73 KB 70 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
yed_node_config-1024x420.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
78 KB 72 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
yed_edge_config-1024x419.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
78 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sample_trusts.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
13 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trust_breakout-1024x411.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
69 KB 67 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
subsidiary_trusts.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trustexplorer_path-1024x238.png
www.harmj0y.net/blog/wp-content/uploads/2014/12/ |
133 KB 125 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
www.harmj0y.net/blog/wp-includes/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
1.gravatar.com/avatar/ |
1021 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3eda6fcd3204ef285fa52176c28c4d3e
0.gravatar.com/avatar/ |
1021 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a874809641a854ae50e959b608dadefc
1.gravatar.com/avatar/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
devicepx-jetpack.js
s0.wp.com/wp-content/js/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gprofiles.js
secure.gravatar.com/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wpgroho.js
www.harmj0y.net/blog/wp-content/plugins/jetpack/modules/ |
1 KB 949 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
production.min.js
www.harmj0y.net/blog/wp-content/themes/cele/js/build/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
comment-reply.min.js
www.harmj0y.net/blog/wp-includes/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
twitter-timeline.min.js
www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/ |
331 B 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
www.harmj0y.net/blog/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gist.min.js
www.harmj0y.net/blog/wp-content/plugins/jetpack/_inc/build/shortcodes/js/ |
442 B 771 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
form.js
www.harmj0y.net/blog/wp-content/plugins/akismet/_inc/ |
700 B 771 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-201945.js
stats.wp.com/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
buttons.png
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/css/images/toolbar/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
www.harmj0y.net/blog/wp-content/themes/cele/assets/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
monaco-webfont.woff
www.harmj0y.net/blog/wp-content/plugins/crayon-syntax-highlighter/fonts/monaco/ |
21 KB 21 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
hovercard.min.css
secure.gravatar.com/dist/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
services.min.css
secure.gravatar.com/dist/css/ |
3 KB 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
17da95932073e0c30928.json
gist.github.com/HarmJ0y/ Redirect Chain
|
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widget_iframe.2d991e3dfc9abb2549972ce8b64c5d85.html
platform.twitter.com/widgets/ Frame 3FEF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
g.gif
pixel.wp.com/ |
50 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
moment~timeline~tweet.f41b02dcb58512d8e9f6d4178eb28452.js
platform.twitter.com/js/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timeline.0a7b4db67eacd23e35c5ce02e6ea3470.js
platform.twitter.com/js/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
profile
cdn.syndication.twimg.com/timeline/ |
38 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syndication
syndication.twitter.com/i/jot/ |
43 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1f447.png
abs.twimg.com/emoji/v2/72x72/ Frame 4C08 |
467 B 670 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Vz8ZAq3r
pbs.twimg.com/card_img/1189543871757377537/ Frame 4C08 |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AhXX8oEf
pbs.twimg.com/card_img/1188141775199842304/ Frame 4C08 |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timeline.a4ac5782325ad1b5e51c8b06daf47853.light.ltr.css
platform.twitter.com/css/ Frame 4C08 |
52 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
timeline.a4ac5782325ad1b5e51c8b06daf47853.light.ltr.css
platform.twitter.com/css/ |
52 KB 52 KB |
Image
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1f447.png
abs.twimg.com/emoji/v2/72x72/ Frame 4C08 |
467 B 532 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oq0KZS7N_normal.jpg
pbs.twimg.com/profile_images/996342484404985856/ Frame 4C08 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dG9Y4RhK_normal.jpg
pbs.twimg.com/profile_images/883033419827032065/ Frame 4C08 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PuqwM2Ln_normal.jpg
pbs.twimg.com/profile_images/840223774423187456/ Frame 4C08 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Csp2-ofI_normal.jpg
pbs.twimg.com/profile_images/827908828574470144/ Frame 4C08 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
33KXTXFs_normal.jpg
pbs.twimg.com/profile_images/1189278749856059392/ Frame 4C08 |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
EHjpsv_WoAAYDZ6
pbs.twimg.com/media/ Frame 4C08 |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 4C08 |
44 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ |
44 KB 44 KB |
Image
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4C08 |
512 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4C08 |
825 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4C08 |
739 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4C08 |
572 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 4C08 |
644 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Vz8ZAq3r
pbs.twimg.com/card_img/1189543871757377537/ Frame 4C08 |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AhXX8oEf
pbs.twimg.com/card_img/1188141775199842304/ Frame 4C08 |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gist-embed-123720f37c57ce9a8f29de081c38ed61.css
github.githubassets.com/assets/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2764.svg
s.w.org/images/core/emoji/11.2.0/svg/ |
368 B 568 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jot.html
platform.twitter.com/ Frame A46A Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
63 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| _wpemojiSettings undefined| $ function| jQuery object| CrayonSyntaxSettings object| CrayonSyntaxStrings function| jQueryCrayon object| CrayonUtil object| jqueryPopup function| popupWindow function| popdownWindow object| CrayonSyntax object| wpcom_img_zoomer object| detectZoom function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz object| WPGroHo object| ct_cele_objectL10n object| addComment object| __twttrll object| twttr object| __twttr object| wp object| _stq string| currentURL string| currentDir object| GET string| hash number| uniq string| new_css object| jQuery11240267005807306121 function| st_go function| linktracker_init object| wpcom object| twemoji object| ak_js object| commentForm undefined| replyRowContainer undefined| children0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff,nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0.gravatar.com
1.gravatar.com
abs.twimg.com
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
gist.github.com
github.githubassets.com
pbs.twimg.com
pixel.wp.com
platform.twitter.com
s.w.org
s0.wp.com
secure.gravatar.com
stats.wp.com
syndication.twitter.com
ton.twimg.com
www.harmj0y.net
104.145.225.3
104.244.42.8
185.199.108.154
192.0.76.3
192.0.77.32
192.0.77.48
192.30.253.119
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:815::2003
2a00:1450:4001:824::200a
2a04:fa87:fffe::c000:4902
01e43870a4218fe731a3516dd76725698c3aadfb285465086849c6b52ef71719
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
1559aa8c42629bff9ebfb2d5c4083b9bde3b8d9d6a95c05ffe1e64832ee0dda6
174de82d4093c663f085c9b3fd303c90431670538245c9c8d1d7c2947a21abd7
193fbb968733b8a7049da19274546e6b80b76e9a8f1b837fee9a5fdeb8f97c7b
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2192a8a11b3b0968c13f8933c5fdb91355f5584681429d76567cdbd4eda32fed
291b553dee180f838e513bf2580c9af27f8312320581e3c91029a7c4d5eb2fbc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31cb76c05cbf5d71466f93078e8ba0f6e39cd92d0acc86d385b8cf2899963695
37a3bd7bc7328f0ead2c0f6f635dddf60615e676e6b4ddf964144012e529de45
3d0c5826279971852705472c76a62b0f1b166fb6495921c42e890d07bbae046a
3e3e6358df951436d7c4e597f61f7bb0dcbfa9b99385c14a7016bd5475cd7d07
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
42044d2f67a563820783809582b367cf2195586acffb544fbc01d9c58787d435
44a2bf681f7bc4a15e5881959e21718c04532eacb5f012d0d70284bb4f7d4d0f
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
47ec7a38cec39f5149eddbcb37386cdc2b75d801d46fee7e53edb5a6284b1543
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
525d0c63376a81b2e0e6414f51f3d9911f339545bc2288d2f0b5a1afe0a0b3cc
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6279717c85ec0510b97c6b9e4a8426c011a458e73f2f4e355c8ff1e75736873e
630d0a3cc8f4c4aa7bf49b40ae6f59f3a137707e0d7bba46ba44e2e5f2c53aab
643d4c503349a545d85578f353e05fd7bc2bd7576f3f22089e73cfb666131094
6e2061db4fd58afb4dd366ae2988505313a289c803e1ea3c72fe8599efa40aa1
703b134857241eccea000989b0435dde381988f53d40119744bff8d1cf828a63
760bc4d420605c167dd90147b0e0d82b4e761a18bc35be7aeffaa4192b371635
7862c51c8ff9cee16f0cd466f1f1568b29a203e792f7f2f557b1c9a0092c52cb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
7c46604c0440be3fd2d6a5e217846cde699e81422afd52625b633bc28cfe3446
7faf3e61494372b2d2c8e929e286f100306c7464521ad0c129741ac8e27d0017
8b33eebc11529672afc8f1ac6d5d4ef24bed8dfec1505a2510c805e0dd21565f
99a50b833fec96a9f274d707bb567cd242ec35db35d6bc26ac391c0619304b2e
9c2e1d2864f53c224d6542bed9a1ab1de620dae21a2146eb4ff982dd8fcd4567
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
9e7e71334eddfdc7344ba4ac18721dc98012faa2093f17c4142d0f150717654b
a35aae89abeaad7bc82884a8f7a81050a75fb88512989bbe7bbb0413b08ddae6
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a8b16530224ab6db50c2ab417f171752a84d8f1fb5e241057ab94c4c4f4bd0c3
a8cfafcd5e63088eedf5a8e2ee90f7d6330fc072f63a4b515270e7fa377321b6
a9609578d22eb71f002d3f184a6841bb5a4bfe964e4e2e1c51733ea53b7c5812
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b42989a0f2a1fb6d69e72c4f548ef2e73c4d3089d53649f5ed75e45c7b91cffb
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c1cfa5c2bce904bfc524754a954d2e062c703777ab704134dc5f619dca1e40af
c53261c30acc3dbfd08bbe8baa920cc595fed119faec575a66cd100d85efa0a9
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
cff92a7eb12d555a40c2c94c90f8b23009c1a7298e15b47d6f7ae6b744fdac15
d592fa9c8989da648bc537f44ba55b7e60b6eb88557eaef9c2ddcb4eea74a906
dce60247f8fe8382f96de643513d7d0e06af9178c362779050f9e0af90644c2e
dec22d665719520caba542fe8f59e42c4fb088143ff0e2d255374723ec2605a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d961493e244e06bf91a9857442891e2e2ad8d49cf8e0a7781c53f0707443d7
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ea602e3d9e87bcd7e368fdb7931ee6e21bf15d167c977f8922e095a7b4d8b462
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f452b1e5c1cae40dc81a9da7605dd6b98d0a06253d9b363e11c99ec4081ace4c
f5b5ac5fdb8870504505be0a9522061f905e5c1b25a927f877303785129cb3f9