timurengin.com
Open in
urlscan Pro
162.159.153.4
Public Scan
Effective URL: https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Submission: On June 10 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 15th 2024. Valid for: a year.
This is the only time timurengin.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 26 | 162.159.153.4 162.159.153.4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 38 | 2606:4700:7::... 2606:4700:7::a29f:9804 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:5049 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
12 | 162.159.152.4 162.159.152.4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.185.68 142.250.185.68 | 15169 (GOOGLE) (GOOGLE) | |
1 | 108.138.26.113 108.138.26.113 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:244... 2600:9000:2449:3800:19:9934:6a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:249... 2600:9000:2491:c600:11:f728:3040:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
85 | 11 |
ASN13335 (CLOUDFLARENET, US)
timurengin.com | |
miro.medium.com | |
cdn-client.medium.com |
ASN13335 (CLOUDFLARENET, US)
medium.com | |
glyph.medium.com | |
miro.medium.com | |
cdn-client.medium.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-113.fra56.r.cloudfront.net
cdn.branch.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
58 |
medium.com
1 redirects
medium.com — Cisco Umbrella Rank: 12402 glyph.medium.com — Cisco Umbrella Rank: 23863 miro.medium.com — Cisco Umbrella Rank: 18176 cdn-client.medium.com — Cisco Umbrella Rank: 25861 |
1 MB |
18 |
timurengin.com
1 redirects
timurengin.com |
46 KB |
4 |
branch.io
cdn.branch.io — Cisco Umbrella Rank: 1111 api2.branch.io — Cisco Umbrella Rank: 1281 |
25 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 5 |
1014 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2406 |
253 B |
1 |
app.link
app.link — Cisco Umbrella Rank: 2509 |
634 B |
1 |
gstatic.com
www.gstatic.com |
205 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78 |
93 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009 |
7 KB |
85 | 9 |
Domain | Requested by | |
---|---|---|
38 | cdn-client.medium.com |
timurengin.com
cdn-client.medium.com |
18 | timurengin.com |
1 redirects
cdn-client.medium.com
|
13 | glyph.medium.com |
glyph.medium.com
|
6 | miro.medium.com |
timurengin.com
|
3 | api2.branch.io |
cdn-client.medium.com
|
2 | www.google.com |
cdn-client.medium.com
www.gstatic.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | app.link |
cdn.branch.io
|
1 | www.gstatic.com |
www.google.com
|
1 | cdn.branch.io |
timurengin.com
|
1 | www.googletagmanager.com |
cdn-client.medium.com
|
1 | static.cloudflareinsights.com |
timurengin.com
|
1 | medium.com | 1 redirects |
85 | 13 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
timurengin.com Cloudflare Inc ECC CA-3 |
2024-02-15 - 2024-12-31 |
a year | crt.sh |
medium.com Cloudflare Inc ECC CA-3 |
2024-02-16 - 2024-12-31 |
a year | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-05-08 - 2024-08-06 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
*.google.com WR2 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
*.branch.io Amazon RSA 2048 M01 |
2023-09-11 - 2024-10-09 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
appipv4.link Amazon RSA 2048 M03 |
2024-03-25 - 2025-04-22 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0
Frame ID: 42C4A5BFF366537F77BCB6AFEFBE5F33
Requests: 84 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Le-uGgpAAAAAPprRaokM8AKthQ9KNGdoxaGUvVp&co=aHR0cHM6Ly90aW11cmVuZ2luLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=b2aw4fxbvs0u
Frame ID: FE73FFA0C6515059D0B99034C992A343
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
The anatomy of a DCSync attack and how to protect against it | by Timur Engin | MediumPage URL History Show full URLs
-
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Ftimurengin.com%2Fthe-anatomy-o... HTTP 307
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi... Page URL
Detected technologies
Medium (Blogs) ExpandDetected patterns
- medium\.com
Cloudflare Browser Insights (Analytics) Expand
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
84 Outgoing links
These are links going to different origins than the main page.
Title: Open in app
Search URL Search Domain Scan URL
Title: Sign up
Search URL Search Domain Scan URL
Title: Sign in
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Write
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Follow
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Listen
Search URL Search Domain Scan URL
Title: Mehmetcan TOPAL
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: 1
Search URL Search Domain Scan URL
Title: 2
Search URL Search Domain Scan URL
Title: 3
Search URL Search Domain Scan URL
Title: 4
Search URL Search Domain Scan URL
Title: Entra Connect
Search URL Search Domain Scan URL
Title: Event ID 4662 An operation was performed on an object
Search URL Search Domain Scan URL
Title: Event ID 4670 Permissions on an object were changed
Search URL Search Domain Scan URL
Title: Volodymyr Hryshchenko
Search URL Search Domain Scan URL
Title: Unsplash
Search URL Search Domain Scan URL
Title: Sign up for free
Search URL Search Domain Scan URL
Title: Try for 5 $/month
Search URL Search Domain Scan URL
Title: Active Directory
Search URL Search Domain Scan URL
Title: Cybersecurity
Search URL Search Domain Scan URL
Title: Mitre Attack
Search URL Search Domain Scan URL
Title: Dcsync
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Follow
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: How to setup an AD lab in AzureTL;DR IaC & explanation of how to setup an AD lab in Azure with 2 DCs & 1 domain workstation.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Detecting Kerberoasting using GetUserSPNs.pyIn Active Directory, Service Principal Names (SPNs) are used to identify services and applications. These SPNs are registered to user or…
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Tech & Tools16 stories·245 saves
Search URL Search Domain Scan URL
Title: Medium's Huge List of Publications Accepting Submissions312 stories·2865 saves
Search URL Search Domain Scan URL
Title: Staff Picks656 stories·1031 saves
Search URL Search Domain Scan URL
Title: Natural Language Processing1498 stories·1020 saves
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: NTLMv1 = Domain CompromiseIn this blog we see multiple scenarios where NTLMv1 is leveraged to compromise a domain through the bypass of SMB and LDAP signing
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Posts By SpecterOps Team Members
Search URL Search Domain Scan URL
Title: Part 14: Sub-OperationsWhen the Operation is Not Enough
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Active Directory Detection & Monitoring Lab Project Using SplunkSIEM
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blocking Malicious IP using Wazuh + Teler + AbuseIPDB—
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 1
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: See more recommendations
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: Text to speech
Search URL Search Domain Scan URL
Title: Teams
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
HTTP 307
https://medium.com/m/global-identity-2?redirectUrl=https%3A%2F%2Ftimurengin.com%2Fthe-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316 HTTP 307
https://timurengin.com/the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316?gi=96e08a2768d0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
85 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
the-anatomy-of-a-dcsync-attack-and-how-to-protect-against-it-bf86bf9fb316
timurengin.com/ Redirect Chain
|
148 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unbound.css
glyph.medium.com/css/ |
19 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*oG_8tPjXBUvJhTzt
miro.medium.com/v2/resize:fit:720/format:webp/ |
11 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
manifest.2e9508c2.js
cdn-client.medium.com/lite/static/js/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2640.3217006c.js
cdn-client.medium.com/lite/static/js/ |
652 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.c185212f.js
cdn-client.medium.com/lite/static/js/ |
776 KB 185 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instrumentation.4ddbf12e.chunk.js
cdn-client.medium.com/lite/static/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reporting.2021fe63.chunk.js
cdn-client.medium.com/lite/static/js/ |
1 KB 942 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4398.db4d4378.chunk.js
cdn-client.medium.com/lite/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7883.0e445e04.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9281.e9be8bce.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7111.b294e9da.chunk.js
cdn-client.medium.com/lite/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6481.362dec70.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8695.6f58679b.chunk.js
cdn-client.medium.com/lite/static/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8978.4b110123.chunk.js
cdn-client.medium.com/lite/static/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3418.eb013b5a.chunk.js
cdn-client.medium.com/lite/static/js/ |
33 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3894.e3d01e2c.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5514.32e692f6.chunk.js
cdn-client.medium.com/lite/static/js/ |
41 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5203.e7f058c5.chunk.js
cdn-client.medium.com/lite/static/js/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7098.93054372.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8051.0a9d3f4b.chunk.js
cdn-client.medium.com/lite/static/js/ |
19 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8558.abbaadfd.chunk.js
cdn-client.medium.com/lite/static/js/ |
75 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1711.7605eb3e.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8597.762eae49.chunk.js
cdn-client.medium.com/lite/static/js/ |
34 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9174.b1b0f607.chunk.js
cdn-client.medium.com/lite/static/js/ |
106 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8883.2f95bbf4.chunk.js
cdn-client.medium.com/lite/static/js/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
705.e5898c57.chunk.js
cdn-client.medium.com/lite/static/js/ |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2911.e467316c.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8580.feeb2549.chunk.js
cdn-client.medium.com/lite/static/js/ |
20 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6046.f9be485b.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
500.d5389c14.chunk.js
cdn-client.medium.com/lite/static/js/ |
46 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9408.22b56993.chunk.js
cdn-client.medium.com/lite/static/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6605.84e81b15.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6637.661bd7cf.chunk.js
cdn-client.medium.com/lite/static/js/ |
36 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7421.3f94f5ea.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
51.d8fb2684.chunk.js
cdn-client.medium.com/lite/static/js/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2133.c8ba56b1.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PostPage.MainContent.36cfba62.chunk.js
cdn-client.medium.com/lite/static/js/ |
149 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-400-normal.woff
glyph.medium.com/font/8e059b2/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
12 KB 12 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
12 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-700-italic.woff
glyph.medium.com/font/7f2eb60/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
13 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-code-pro-400-normal.woff
glyph.medium.com/font/3bd49b7/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
7 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-700-normal.woff
glyph.medium.com/font/b156742/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
12 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
18 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
source-serif-pro-400-italic.woff
glyph.medium.com/font/76c214a/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
55 KB 55 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1*dmbNkD5D-u45r44go_cf0g.png
miro.medium.com/v2/resize:fill:64:64/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1*4lEtCEg7aYYa63hFmPy06A.png
miro.medium.com/v2/resize:fill:88:88/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0*_wCRVD0IPAbpJPEt
miro.medium.com/v2/resize:fit:640/format:webp/ |
21 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
timurengin.com/_/clientele/reports/performance/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2230.c546f16c.chunk.js
cdn-client.medium.com/lite/static/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
timurengin.com/_/clientele/reports/performance/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GiveTipButton.7844a2d2.chunk.js
cdn-client.medium.com/lite/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gt-super-400-normal.woff
glyph.medium.com/font/4a44748/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
13 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
266 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
enterprise.js
www.google.com/recaptcha/ |
2 KB 1014 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branch-latest.min.js
cdn.branch.io/ |
75 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5c50caa54067fd622d2f0fac18392213bf92f6e2fae89b691e62bceb40885e74
miro.medium.com/v2/da:true/resize:fit:0/ |
300 KB 300 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
129 B 497 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
80 B 476 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
791 B 774 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
33 B 433 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
24 KB 6 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
27 B 400 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
79 B 472 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
79 B 472 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
96 B 512 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ |
515 KB 205 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_r
app.link/ |
91 B 634 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 253 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8097.afb6fd3b.chunk.js
cdn-client.medium.com/lite/static/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
81 B 475 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/enterprise/ Frame FE73 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
open
api2.branch.io/v1/ |
316 B 710 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
timurengin.com/_/clientele/reports/performance/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
timurengin.com/cdn-cgi/ |
0 140 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-700-normal.woff
glyph.medium.com/font/cf896f3/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
28 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sohne-400-normal.woff
glyph.medium.com/font/b492c44/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
28 KB 28 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
graphql
timurengin.com/_/ |
3 KB 869 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1*m-R_BkNf1Qjr1YbyOIJY2w.png
miro.medium.com/v2/ |
737 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pageview
api2.branch.io/v1/ |
28 B 351 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
pageview
api2.branch.io/v1/ |
28 B 351 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
batch
timurengin.com/_/ |
17 B 277 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| DD_RUM function| main object| __APOLLO_CLIENT__ function| gtag object| dataLayer object| branch object| __cfBeacon object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data object| gaGlobal object| recaptcha object| closure_lm_71385110 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.timurengin.com/ | Name: _cfuvid Value: bk.HiNpT90BfZqukRsBKK_8Rlat1lrdhPLHymrLGMkA-1718029046155-0.0.1.1-604800000 |
|
.medium.com/ | Name: uid Value: lo_33638b82b289 |
|
.medium.com/ | Name: sid Value: 1:ZUNegeBTE4E0gmbhaRyMjPYRx1AF1XGzJb3O/VH3kSz5Es8Tw3huIGLylu91oqlm |
|
timurengin.com/ | Name: uid Value: lo_33638b82b289 |
|
timurengin.com/ | Name: sid Value: 1:eEfNQHBsFnj/i8k1QrgSh+aQ2pQnAb+2t/pjeSWQDuP/DMHBGCTVkxtDb5ZLMnh0 |
|
.medium.com/ | Name: _cfuvid Value: WSBQ3L9XNgrUm2mYNpp2oNECFbhsoYqoH2baHOFNkHQ-1718029047115-0.0.1.1-604800000 |
|
timurengin.com/ | Name: _dd_s Value: rum=0&expire=1718029947658 |
|
.timurengin.com/ | Name: _ga_7JY7T788PK Value: GS1.1.1718029047.1.0.1718029047.0.0.0 |
|
.timurengin.com/ | Name: _ga Value: GA1.1.908741202.1718029048 |
|
.app.link/ | Name: _s Value: 0Rrvc1SjP0BYngw4b8%2BaddZZTd0hAEZhxmPSrNEUpn2fizzvZn90NmqKIxbufTnq |
138 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://medium.com |
Strict-Transport-Security | max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
medium.com
miro.medium.com
region1.google-analytics.com
static.cloudflareinsights.com
timurengin.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.138.26.113
142.250.185.68
162.159.152.4
162.159.153.4
2001:4860:4802:34::36
2600:9000:2449:3800:19:9934:6a80:93a1
2600:9000:2491:c600:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700::6810:5049
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2003
0c4e595378a4c2585a1eb91b7f65ed0526940ed8fd37a31810cd1e2eb2920b12
1158d4879a0a44516c6f0dbc2e271a303cf63debb43a68479886a61de7d3b820
164d22a531e5889fd654ddd1b5014e47c3c277d9baae8e299387597418722cec
17274971fa3ac182df06276ac2ef7c98add2b2f17e9247145763334b4f5468cb
17d13e1fdcda3e5fb3144c21c24bf60c7cfa4f8ff63d1358cfbab24a80f1a5b1
1b8f3243d0e03a16231ab0e8e7a461f509d8e7aefa07d713b33ab346f562abd8
1bd54632c13105eaefede7c6fe85aa1443d0aa552835c76f075fd1c586386092
1ca820b9aa7681184130d09157ea679d1d31390bee2af294c088f6dcaa24923b
22c615bd22b74f1ea5bc75e4f06ca7f877e3d76f15b98beb36af76909b7e25d7
25b283a69fdffec5aed19ca2a40b67f490744d4e28d1b41b14f78c7c3ca85304
28c43acf2ee08d93154adc062d0b124da42a3345d6c43abef7a830708b956433
2ed75f86c5ce7754fc0e87b124e5ad23af369acc5132f5228a2ebfaf03ebcbfe
30e09bc5a33e0f75283654c0716fe81ed66bca9292541f967d5218666921bdfc
3e114382d20a02d0ca050b5fb41beeeb8d1c63762fa2f2e2b75557a48117d365
40c05a07ac09c244b63a1755d524e094c32a18072335fb6cfc7f13da9cfe3eb9
45dbf060ec052a3b0ca5ae7211eaa27c950db65b019aa456e1e686a85f8a327e
465956de98b5f8e9b1f7590603b1a6f03613a4b15be546cc9280437611508dd2
4676e26ad5d634cbdd30255199fed758b31a73b63996fb2d8033b53c453fb90e
4fbf3a093ebd491bb3b6bf61f26ab7d136b4e839fbbeeb7034621b65d2ffacc8
50bf967f6a2d4f6ea005179a472f8d278e24cc8e5b6cc70f974bb193f845d0a3
52d25ab4a53674b721be8fa2983c6b0f2b6821618f6d4fbc3472fec02b5e67d0
52f61b7962bf20d6eb800d6dba3db091cf4826b23be35a07bd527de416bd3b0a
56b45de7fbfcd80d76825dbe2c35a2e568ca9b73199fb4612bcadd0868e0742e
5e45ce783ff6f2159c09545f4a3a53cfd8aa6588e53ab2e3dc894b69048128e3
65709458fda67251b1ecd9b72e14237457475b2f8b3cd657088f37f97e3af4cd
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
67c2e60e6e47776cd0394b8dca668b89acaadee5198bbf9172a61ecc33dec97a
6c257f945b1944daaac2482525763db5e4a9de6dc850e0f9913284a9e37f4143
706e568e0c4a22004a1c177674ae9489b5a3ca9f5a97e4addb3c626c03016548
78661d3e6871b6e5c37f3113d811cb3dfc69546449e3b2c28095b6e7f28d9a7d
78e9cb4bc089bc3fe60f24ca2fcea18c1ed003e3ca64606fb05ec98524e92cf0
806ff1a7e5be16f7da7ea06a745c2b53ebd0f945c019b410095598af64271035
80706484b7c5fe5170639c001287c543d5958134c6b2d9a1d8d9c95c980771d6
846d9880201fbdb7c3a05705949a7817edb7e43177bb2d72948adce60f2f35fd
85c397548051115f9d45e0af73b16c05265733112a8bb7df70a83b6f6cce1dd3
8b4cddc0926fc6a7e8d6fbcf7ce70687152f5497122c32a3b9f068d72b5cb847
8e91d860b59a30eeac69682f675aa8affd64a2fb72029e67b073532d454800dd
907039974c2c52cf9a6776353bdfa72bb1aac218544fb7cad78ecb6e9d2cc4e8
9493d9db3fd1444e38237f37c4eee6fbb3e5fee3bd64bab9b906c122e2f92f33
95ed1e8f9aada71291f34d91e064bace9edcd5541d123bb9639c18248bcaa2ca
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
9b6ec2433e800b5079324fadee6b72a820c384a0d20d4c4a41d59c7866719a02
9ed76cfe62861007eee5b0ef44f3bd185ce3b60f0b9ead0b91ab62af01e9efa4
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a89ed575a512e0f253065de58203e51e59122ad5305205544db73ce4ca638190
aa2dcb49178e613d7c504bf451d47354109e9dbd3cf5ad3c9e87896005398878
ab4e6c77ee5e6178222bb7deefc0c6d5b0e2b3ab2df5d8623da00840809e639d
b0bb60d88b2542c309808da080e6c3bfe7c4c3ff03e679ab29a4394c00a11c4f
b0e3470c4da29d659d1cdde3643aaa2bb2e5b465e8e6c625720e34fbc828217f
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b25181b62cc6c5c33512c81ad3f5332c198493c995ee3d8d65b5e5c97a167144
ba0fe3ba943eaa74f75c754a98818a6fe066839aa02a1d6f2b654b1d6d8a778b
c458a3e54a0769df1bab5ff6f1a2ff3b7c0f02babab54d795cbfdcbce1b3c01e
cdcc2fc364294f2d085517c4a3cbc74ba496b2755f6a971813a6d9faf052d776
cf9e6a6362e194c2e0d66aec3b1e207810fcd0eb794937c01e215478b29bc182
d0217bbce271902205b24557e2422d222f76a999060452a305afaa27744d3f28
d51bea7f29bd4033e201414dd2a08ed0d49a6203605f541c84d4e9523418c225
d5d7947aa3e6131478a97f06e72913cb7b9e19161e03502ad1de3eb67f447213
d6c90ff7bddb2b437a4130fbfaad1dd6fdc87a532ed4a97b5a4484c659e632ee
d8b0c77bc8adc6ebb1f46dedad1c61a63393a2b9786f70b48a806c9117808f60
d8c436394846ea20127a8db032f848015d4d239789429b7e0202609089b5525a
dc5cb8bee960b5d5fd591fde3730e4d20198f53a4883b19f1a36d072b7f4e0a0
de9f3e3dfa1587611468ec13c87fba041457108251a2f28b2d3f5594145f2ec7
e2be45fe7a399b7cd926a3daf4d472a60b61eefe3e9c19a68cd0acc2e4b3d991
e30251f4e625a346addb5cd29524310cad04a944b047d53d00e0bd15f0dcca25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0a6555c5764060c13426e730dcbba0ccdc8c6d90a0227a19f939f02251f8f
e9e088eadd15935ca8532cde71ebc86d8a2517dccdde13d51b0b6cf7d364ce96
f04eebb17f99d43de75394a48bbe764a9202ba64812a5fb995d4c9337873e62b
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f3e771d1c92d58d80f69fc1439c6075be64fa3fa8e29c4034d4f322e03bb85f0
f6adb47c34f420ef114d5ecdb9b7daab2948c5e9c6d7e3441fee907e5a8fef3f
f8e53bf25943edec0a2663f840a87906e1fe6ca9146657ff7f7aab7221c6a5bc
f8fccd0d8983514e24e869acd27da546ce68678d8391a8b7cad56730f61fbd52
f90d19259478cca4381bea7e760845de9bcf2155ee96cd8b06049add894022d3
f946277d2c1f664978f48b1f986d8461d287f382afe7f086f3c8809506754426
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d