posts.specterops.io
Open in
urlscan Pro
52.5.181.79
Public Scan
Submitted URL: https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83
Effective URL: https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83?gi=4465d2a1d599
Submission Tags: falconsandbox
Submission: On February 23 via api from US — Scanned from DE
Effective URL: https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83?gi=4465d2a1d599
Submission Tags: falconsandbox
Submission: On February 23 via api from US — Scanned from DE
Summary
This website contacted 7 IPs
in 2 countries
across 5 domains to perform 115 HTTP transactions.
The main IP is 52.5.181.79, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is posts.specterops.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 5th 2022. Valid for: a year.
This is the only time posts.specterops.io was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 5th 2022. Valid for: a year.
This is the only time posts.specterops.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 12 | 52.5.181.79 52.5.181.79 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 23 | 2606:4700:7::... 2606:4700:7::a29f:9804 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 73 | 2606:4700:7::... 2606:4700:7::a29f:9904 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 143.204.215.75 143.204.215.75 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2600:9000:205... 2600:9000:2057:8000:19:9934:6a80:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 | 2600:9000:214... 2600:9000:214f:1400:11:f728:3040:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 115 | 7 |
12
52.5.181.79
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-79.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-79.compute-1.amazonaws.com
| posts.specterops.io |
23
2606:4700:7::a29f:9804
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| medium.com | |
| glyph.medium.com | |
| miro.medium.com | |
| cdn-client.medium.com |
73
2606:4700:7::a29f:9904
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| miro.medium.com | |
| cdn-client.medium.com |
3
2a00:1450:4001:809::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
143.204.215.75
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-75.fra53.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-75.fra53.r.cloudfront.net
| cdn.branch.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 96 |
medium.com
1 redirects
medium.com — Cisco Umbrella Rank: 8719 glyph.medium.com — Cisco Umbrella Rank: 18230 miro.medium.com — Cisco Umbrella Rank: 11300 cdn-client.medium.com — Cisco Umbrella Rank: 19185 |
1 MB |
| 12 |
specterops.io
1 redirects
posts.specterops.io |
58 KB |
| 5 |
branch.io
cdn.branch.io — Cisco Umbrella Rank: 899 api2.branch.io — Cisco Umbrella Rank: 590 |
26 KB |
| 3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31 |
20 KB |
| 1 |
app.link
app.link — Cisco Umbrella Rank: 1592 |
563 B |
| 115 | 5 |
| Domain | Requested by | |
|---|---|---|
| 47 | cdn-client.medium.com |
posts.specterops.io
cdn-client.medium.com |
| 38 | miro.medium.com |
posts.specterops.io
cdn-client.medium.com |
| 12 | posts.specterops.io |
1 redirects
cdn-client.medium.com
|
| 10 | glyph.medium.com |
posts.specterops.io
glyph.medium.com |
| 4 | api2.branch.io |
cdn-client.medium.com
|
| 3 | www.google-analytics.com |
posts.specterops.io
cdn-client.medium.com |
| 1 | app.link |
cdn.branch.io
|
| 1 | cdn.branch.io |
posts.specterops.io
|
| 1 | medium.com | 1 redirects |
| 115 | 9 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| posts.specterops.io Sectigo RSA Domain Validation Secure Server CA |
2022-01-05 - 2023-01-05 |
a year | crt.sh |
| medium.com Cloudflare Inc ECC CA-3 |
2021-12-28 - 2022-03-28 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
| *.branch.io DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-27 - 2022-11-27 |
a year | crt.sh |
| appipv4.link Amazon |
2021-06-24 - 2022-07-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83?gi=4465d2a1d599
Frame ID: 590617E1F4AB534F4E167A431E033493
Requests: 115 HTTP requests in this frame
Screenshot
Page Title
Methodology for Static Reverse Engineering of Windows Kernel Drivers | by Matt Hand | Posts By SpecterOps Team MembersPage URL History Show full URLs
-
https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2e...
HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fmethodolog... HTTP 302
https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2e... Page URL
Detected technologies
Medium
(Blogs)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- medium\.com
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
67 Outgoing links
These are links going to different origins than the main page.
URL: https://medium.com/?source=post_page-----3115b2efed83-----------------------------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?operation=login&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&source=post_page-----3115b2efed83---------------------nav_reg--------------
Title: Sign in
Title: Sign in
Search URL Search Domain Scan URL
URL: https://rsci.app.link/?%24canonical_url=https%3A%2F%2Fmedium.com%2Fp%2F3115b2efed83&%7Efeature=LoOpenInAppButton&%7Echannel=ShowPostUnderCollection&%7Estage=mobileNavBar&source=post_page-----3115b2efed83-----------------------------------
Title: Open in app
Title: Open in app
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&source=post_page-----3115b2efed83---------------------nav_reg--------------
Title: Get started
Title: Get started
Search URL Search Domain Scan URL
URL: https://www.specterops.io/?source=post_page-----3115b2efed83-----------------------------------
Title: specterops.io
Title: specterops.io
Search URL Search Domain Scan URL
URL: https://policy.medium.com/medium-rules-30e5502c4eb4?source=responses-----3115b2efed83-----------------------------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&source=responses-----3115b2efed83---------------------respond_sidebar--------------
Title: What are your thoughts?
Title: What are your thoughts?
Search URL Search Domain Scan URL
URL: https://medium.com/@matterpreter?source=post_page-----3115b2efed83-----------------------------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F43fe4a5cc44%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&user=Matt+Hand&userId=43fe4a5cc44&source=post_page-43fe4a5cc44----3115b2efed83---------------------follow_byline--------------
Title: Follow
Title: Follow
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fusers%2F43fe4a5cc44%2Flazily-enable-writer-subscription&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&user=Matt+Hand&userId=43fe4a5cc44&source=post_page-----3115b2efed83---------------------subscribe_user--------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&source=post_actions_header--------------------------bookmark_preview--------------
Search URL Search Domain Scan URL
URL: https://twitter.com/TheWack0lian/status/779397840762245124
Title: CAPCOM.sys arbitrary function execution
Title: CAPCOM.sys arbitrary function execution
Search URL Search Domain Scan URL
URL: https://www.thezdi.com/blog/2019/12/16/local-privilege-escalation-in-win32ksys-through-indexed-color-palettes
Title: Win32k.sys local privilege escalation
Title: Win32k.sys local privilege escalation
Search URL Search Domain Scan URL
URL: https://www.risksense.com/wp-content/uploads/2018/05/EternalBlue_RiskSense-Exploit-Analysis-and-Port-to-Microsoft-Windows-10_v1_2.pdf
Title: EternalBlue pool corruption
Title: EternalBlue pool corruption
Search URL Search Domain Scan URL
URL: https://github.com/matterpreter/OffensiveCSharp/tree/master/DriverQuery
Title: DriverQuery
Title: DriverQuery
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/defining-i-o-control-codes
Title: visual diagram
Title: visual diagram
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/specifying-device-types
Title: many device types defined
Title: many device types defined
Search URL Search Domain Scan URL
URL: https://www.osronline.com/article.cfm%5earticle=229.htm
Title: online decoder
Title: online decoder
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/-ioctldecode
Title: !ioctldecode
Title: !ioctldecode
Search URL Search Domain Scan URL
URL: https://github.com/NationalSecurityAgency/ghidra/issues/184
Title: doesn’t include
Title: doesn’t include
Search URL Search Domain Scan URL
URL: https://github.com/NationalSecurityAgency/ghidra/blob/49c2010b63b56c8f20845f3970fedd95d003b1e9/Ghidra/Framework/SoftwareModeling/src/main/java/ghidra/program/database/DataTypeArchiveDB.java#L49
Title: once did
Title: once did
Search URL Search Domain Scan URL
URL: https://twitter.com/0x6d696368
Title: 0x6d696368
Title: 0x6d696368
Search URL Search Domain Scan URL
URL: https://github.com/0x6d696368/ghidra-data/tree/master/typeinfo
Title: GitHub project
Title: GitHub project
Search URL Search Domain Scan URL
URL: https://github.com/0x6d696368/ghidra-data/blob/master/typeinfo/ntddk_64.gdt
Title: ntddk_64.gdt
Title: ntddk_64.gdt
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nc-wdm-driver_initialize
Title: a pointer to a driver object
Title: a pointer to a driver object
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/irp-major-function-codes
Title: IRP major function codes
Title: IRP major function codes
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ns-wdm-_irp
Title: gives us a hint
Title: gives us a hint
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/nf-wdm-obregistercallbacks
Title: process object handler callbacks
Title: process object handler callbacks
Search URL Search Domain Scan URL
URL: http://www.jackson-t.ca/synaptics-cxutilsvc-lpe.html
Title: this is one of my favorites
Title: this is one of my favorites
Search URL Search Domain Scan URL
URL: https://twitter.com/aionescu/status/947260644528553984
Title: actually seeing
Title: actually seeing
Search URL Search Domain Scan URL
URL: https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/using-buffered-i-o
Title: METHOD_BUFFERED
Title: METHOD_BUFFERED
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fspecter-ops-posts%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&collection=Posts+By+SpecterOps+Team+Members&collectionId=f05f8696e3cc&source=post_sidebar--------------------------follow_sidebar--------------
Title: Follow
Title: Follow
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fspecter-ops-posts%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&user=Matt+Hand&userId=43fe4a5cc44&source=post_sidebar-----3115b2efed83---------------------clap_sidebar--------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&source=post_sidebar-----3115b2efed83---------------------bookmark_sidebar--------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fvote%2Fspecter-ops-posts%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&user=Matt+Hand&userId=43fe4a5cc44&source=post_actions_footer-----3115b2efed83---------------------clap_footer--------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fbookmark%2Fp%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&source=post_actions_footer--------------------------bookmark_footer--------------
Search URL Search Domain Scan URL
URL: https://medium.com/@matterpreter?source=follow_footer-----3115b2efed83-----------------------------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fuser%2F43fe4a5cc44%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&user=Matt+Hand&userId=43fe4a5cc44&source=follow_footer-43fe4a5cc44----3115b2efed83---------------------follow_footer--------------
Title: Follow
Title: Follow
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=%2F_%2Fapi%2Fusers%2F43fe4a5cc44%2Flazily-enable-writer-subscription&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&user=Matt+Hand&userId=43fe4a5cc44&source=follow_footer-----3115b2efed83---------------------subscribe_user--------------
Search URL Search Domain Scan URL
URL: https://medium.com/m/signin?actionUrl=https%3A%2F%2Fmedium.com%2F_%2Fsubscribe%2Fcollection%2Fspecter-ops-posts%2F3115b2efed83&operation=register&redirect=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83&collection=Posts+By+SpecterOps+Team+Members&collectionId=f05f8696e3cc&source=follow_footer-----3115b2efed83---------------------follow_footer--------------
Title: Follow
Title: Follow
Search URL Search Domain Scan URL
URL: https://medium.com/emagiz/why-stream-processing-is-a-component-of-true-value-3237706fa1ba?source=post_internal_links---------0-------------------------------
Title: Why stream processing is a component of true value
Title: Why stream processing is a component of true value
Search URL Search Domain Scan URL
URL: https://emagiz-integrationplatform.medium.com/?source=post_internal_links---------0-------------------------------
Title: eMagiz
Title: eMagiz
Search URL Search Domain Scan URL
URL: https://medium.com/emagiz?source=post_internal_links---------0-------------------------------
Title: eMagiz
Title: eMagiz
Search URL Search Domain Scan URL
URL: https://medium.com/kartbites/process-level-monitoring-and-alerting-in-prometheus-915ed7508058?source=post_internal_links---------1-------------------------------
Title: Process level monitoring and alerting in Prometheus
Title: Process level monitoring and alerting in Prometheus
Search URL Search Domain Scan URL
URL: https://souvikhaldar.medium.com/?source=post_internal_links---------1-------------------------------
Title: Souvik Haldar
Title: Souvik Haldar
Search URL Search Domain Scan URL
URL: https://medium.com/kartbites?source=post_internal_links---------1-------------------------------
Title: Kartbites
Title: Kartbites
Search URL Search Domain Scan URL
URL: https://medium.com/@baweaver/lets-read-eloquent-ruby-ch-2-6e17a84bd8c2?source=post_internal_links---------2-------------------------------
Title: Let’s Read! — Eloquent Ruby (Ch 2)
Title: Let’s Read! — Eloquent Ruby (Ch 2)
Search URL Search Domain Scan URL
URL: https://medium.com/@baweaver?source=post_internal_links---------2-------------------------------
Title: Brandon Weaver
Title: Brandon Weaver
Search URL Search Domain Scan URL
URL: https://rizwan2000rm.medium.com/welcome-to-my-blog-scitech-3010f8d930b0?source=post_internal_links---------3-------------------------------
Title: Welcome to my blog, SciTech.
Title: Welcome to my blog, SciTech.
Search URL Search Domain Scan URL
URL: https://rizwan2000rm.medium.com/?source=post_internal_links---------3-------------------------------
Title: Rizwan Memon
Title: Rizwan Memon
Search URL Search Domain Scan URL
URL: https://medium.com/@kafichito1977/how-to-hack-keno-slot-machines-with-phone-372ec5cac3c1?source=post_internal_links---------4-------------------------------
Title: How To Hack Keno Slot Machines With Phone
Title: How To Hack Keno Slot Machines With Phone
Search URL Search Domain Scan URL
URL: https://medium.com/@kafichito1977?source=post_internal_links---------4-------------------------------
Title: howtopromo
Title: howtopromo
Search URL Search Domain Scan URL
URL: https://sudhindramagadi.medium.com/kafka-apis-support-by-other-vendors-7a29a56e4448?source=post_internal_links---------5-------------------------------
Title: Kafka APIs support by other vendors
Title: Kafka APIs support by other vendors
Search URL Search Domain Scan URL
URL: https://sudhindramagadi.medium.com/?source=post_internal_links---------5-------------------------------
Title: Sudhindra Magadi
Title: Sudhindra Magadi
Search URL Search Domain Scan URL
URL: https://medium.com/@applelele/why-did-i-decide-to-study-software-engineering-937c96e4a0a1?source=post_internal_links---------6-------------------------------
Title: Why did I decide to study Software Engineering?
Title: Why did I decide to study Software Engineering?
Search URL Search Domain Scan URL
URL: https://medium.com/@applelele?source=post_internal_links---------6-------------------------------
Title: Yukiko Ikeda
Title: Yukiko Ikeda
Search URL Search Domain Scan URL
URL: https://joshua-davidson.medium.com/polymorphism-in-ruby-a9de151ae161?source=post_internal_links---------7-------------------------------
Title: Polymorphism (in Ruby)
Title: Polymorphism (in Ruby)
Search URL Search Domain Scan URL
URL: https://joshua-davidson.medium.com/?source=post_internal_links---------7-------------------------------
Title: Joshua Davidson
Title: Joshua Davidson
Search URL Search Domain Scan URL
URL: https://medium.com/about?autoplay=1&source=post_page-----3115b2efed83-----------------------------------
Title: Learn more.
Title: Learn more.
Search URL Search Domain Scan URL
URL: https://medium.com/topics?source=post_page-----3115b2efed83-----------------------------------
Title: Make Medium yours.
Title: Make Medium yours.
Search URL Search Domain Scan URL
URL: https://medium.com/creator-tools?source=post_page-----3115b2efed83-----------------------------------
Title: Write a story on Medium.
Title: Write a story on Medium.
Search URL Search Domain Scan URL
URL: https://medium.com/new-story?source=post_page-----3115b2efed83-----------------------------------
Title: Write
Title: Write
Search URL Search Domain Scan URL
URL: https://help.medium.com/hc/en-us?source=post_page-----3115b2efed83-----------------------------------
Title: Help
Title: Help
Search URL Search Domain Scan URL
URL: https://policy.medium.com/medium-terms-of-service-9db0094a1e0f?source=post_page-----3115b2efed83-----------------------------------
Title: Legal
Title: Legal
Search URL Search Domain Scan URL
URL: https://itunes.apple.com/app/medium-everyones-stories/id828256236?pt=698524&mt=8&ct=post_page&source=post_page-----3115b2efed83-----------------------------------
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=com.medium.reader&source=post_page-----3115b2efed83-----------------------------------
Search URL Search Domain Scan URL
URL: https://policy.medium.com/medium-privacy-policy-f03bf92035c9
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83
HTTP 307
https://medium.com/m/global-identity?redirectUrl=https%3A%2F%2Fposts.specterops.io%2Fmethodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83 HTTP 302
https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83?gi=4465d2a1d599 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
115 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83
posts.specterops.io/ Redirect Chain
|
257 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
unbound.css
glyph.medium.com/css/ |
12 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1*aa0HsXZL43r95TuTJlJNPw.png
miro.medium.com/max/304/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sohne-400-normal.woff
glyph.medium.com/font/b492c44/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2*HFgLEKa86-RKIOoc4CfbOA.png
miro.medium.com/fit/c/96/96/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0*AUN67IbYVZqTm-X5.png
miro.medium.com/max/60/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1*remMMEUfYGMvCJwo_j0udg.png
miro.medium.com/max/60/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1*wnC7v7ZCVU8lKEecuCwgpg.png
miro.medium.com/max/60/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1*xw9u4-aDUx3o8XBXRUp7dg.png
miro.medium.com/max/60/ |
952 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*AdlGzWRB_dQzWdT7sRTfXQ.png
miro.medium.com/max/60/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*JjxL5kHOAbAboLqO1aGgOg.png
miro.medium.com/max/54/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*A26fgJ-9oSj1zRCajbYcMQ.png
miro.medium.com/max/60/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*1Z3JWujJmzU0lJPu0bOVhg.png
miro.medium.com/max/60/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*3s4lrxMYZbboLPdBGqjubA.png
miro.medium.com/max/60/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*E26X8AJVQwJKSV1cWH9VUQ.png
miro.medium.com/max/60/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*iiicqHVFxA4WAgT-uQK2Wg.png
miro.medium.com/max/60/ |
615 B 1022 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*y3dyjK5F839ZnF5kijhGzQ.png
miro.medium.com/max/60/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*Cw12_w1oYBMWOIfeFaMdRA.png
miro.medium.com/max/54/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*2gS-06MMhAjp3nAg01BDOA.png
miro.medium.com/max/60/ |
403 B 810 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*2BoWRJgXs25WObQ9gMQ0Qg.png
miro.medium.com/max/60/ |
524 B 931 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*uRjnXRiTyFCdqtqeJ5Y8og.png
miro.medium.com/max/60/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*m-d2h0R-Z_v-fU77x4GbFw.png
miro.medium.com/max/60/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*hQ4pZHfVD74c7wGiqvHi3Q.png
miro.medium.com/max/60/ |
425 B 832 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*IK9LCdZRRuUUjtF3kdgF9g.png
miro.medium.com/max/60/ |
600 B 1007 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*hIBVOwcvpn9wxJmRKUg2LQ.png
miro.medium.com/max/60/ |
410 B 816 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*slkdg29gpqmx-2aVGxVgLw.png
miro.medium.com/max/60/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*S_GpQGyUobNhDZwYKEA93A.png
miro.medium.com/max/60/ |
267 B 674 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*_cnXSZKmWR3mGTjO_0zieA.png
miro.medium.com/max/60/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
2*HFgLEKa86-RKIOoc4CfbOA.png
miro.medium.com/fit/c/160/160/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/160/160/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
2*HFgLEKa86-RKIOoc4CfbOA.png
miro.medium.com/fit/c/80/80/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*D-FDlfkqivRBQZoESrwtqw.png
miro.medium.com/fit/c/80/80/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
0*JxGUolDnw8eZmB7Z.png
miro.medium.com/max/60/ |
919 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
0*YXWiVLC0JVtNDETQ.png
miro.medium.com/max/60/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*hn4v1tCaJy7cWMyb0bpNpQ.png
miro.medium.com/max/60/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
0*lPBYP1da-YPtoz51
miro.medium.com/max/60/ |
1005 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
0*jWSLHZxBYII7slE4.jpeg
miro.medium.com/max/60/ |
966 B 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sohne-500-normal.woff
glyph.medium.com/font/df9ba7f/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
18 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
24 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
charter-400-normal.woff
glyph.medium.com/font/be78681/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
15 KB 16 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
charter-700-italic.woff
glyph.medium.com/font/77a0c0c/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
16 KB 17 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
16 KB 17 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
15 KB 16 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
charter-400-normal.woff
glyph.medium.com/font/be78681/3k-4f_4h-52_54-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/ |
31 KB 31 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
manifest.859978ae.js
cdn-client.medium.com/lite/static/js/ |
19 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13730.c507718c.js
cdn-client.medium.com/lite/static/js/ |
714 KB 219 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.f487caf9.js
cdn-client.medium.com/lite/static/js/ |
800 KB 194 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
45573.4354ed57.chunk.js
cdn-client.medium.com/lite/static/js/ |
62 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
instrumentation.4fd6ad3a.chunk.js
cdn-client.medium.com/lite/static/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
reporting.950d4050.chunk.js
cdn-client.medium.com/lite/static/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1752.a348f767.chunk.js
cdn-client.medium.com/lite/static/js/ |
23 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
7794.9590314e.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
48996.0c1a6c43.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
75221.81c0ae68.chunk.js
cdn-client.medium.com/lite/static/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
33928.8ae59af2.chunk.js
cdn-client.medium.com/lite/static/js/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
47464.d71003d1.chunk.js
cdn-client.medium.com/lite/static/js/ |
54 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
95472.20329d15.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
40043.994e879b.chunk.js
cdn-client.medium.com/lite/static/js/ |
90 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
27497.109a4f26.chunk.js
cdn-client.medium.com/lite/static/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
46929.e058aba2.chunk.js
cdn-client.medium.com/lite/static/js/ |
59 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
97332.f6bdcfe7.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
46836.89ad2df0.chunk.js
cdn-client.medium.com/lite/static/js/ |
31 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
7321.5802990d.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
70449.7324b5e0.chunk.js
cdn-client.medium.com/lite/static/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
88246.a4eb47a9.chunk.js
cdn-client.medium.com/lite/static/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
15248.a435ee12.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
28491.30f554c4.chunk.js
cdn-client.medium.com/lite/static/js/ |
39 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
10887.8c699586.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
21205.3b8682cc.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
37346.c744a48a.chunk.js
cdn-client.medium.com/lite/static/js/ |
24 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
24883.521f79ea.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
66451.4286c8a9.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
91743.6d65042d.chunk.js
cdn-client.medium.com/lite/static/js/ |
165 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
96277.a0e68f58.chunk.js
cdn-client.medium.com/lite/static/js/ |
40 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
50082.3bb93a5f.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
76705.4adc19b5.chunk.js
cdn-client.medium.com/lite/static/js/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
14603.9da6d15d.chunk.js
cdn-client.medium.com/lite/static/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
4261.761f57f2.chunk.js
cdn-client.medium.com/lite/static/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
5892.1bd40c03.chunk.js
cdn-client.medium.com/lite/static/js/ |
113 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
98453.4185c7d5.chunk.js
cdn-client.medium.com/lite/static/js/ |
49 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
50020.e2a89974.chunk.js
cdn-client.medium.com/lite/static/js/ |
46 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
39483.2d01cc2f.chunk.js
cdn-client.medium.com/lite/static/js/ |
61 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Post.1a092fe3.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
84792.d3cd03bb.chunk.js
cdn-client.medium.com/lite/static/js/ |
92 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
17084.0ad6f84c.chunk.js
cdn-client.medium.com/lite/static/js/ |
68 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
28537.be5ec2c0.chunk.js
cdn-client.medium.com/lite/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
62034.52303e5f.chunk.js
cdn-client.medium.com/lite/static/js/ |
26 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
38106.9530ec84.chunk.js
cdn-client.medium.com/lite/static/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
67700.ee94b28f.chunk.js
cdn-client.medium.com/lite/static/js/ |
62 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ThreadedResponsesSidebar.0a4a59aa.chunk.js
cdn-client.medium.com/lite/static/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
0*AUN67IbYVZqTm-X5.png
miro.medium.com/max/700/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
posts.specterops.io/_/ |
143 B 524 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
posts.specterops.io/_/ |
838 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
posts.specterops.io/_/ |
33 B 440 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
posts.specterops.io/_/ |
268 B 676 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
posts.specterops.io/_/ |
96 B 501 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
responses.editor.142e6649.chunk.js
cdn-client.medium.com/lite/static/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
graphql
posts.specterops.io/_/ |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
posts.specterops.io/_/clientele/reports/performance/ |
0 0 |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
posts.specterops.io/_/clientele/reports/performance/ |
0 0 |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
posts.specterops.io/_/clientele/reports/performance/ |
0 0 |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
branch-latest.min.js
cdn.branch.io/ |
79 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
0*AUN67IbYVZqTm-X5.png
miro.medium.com/max/700/ |
66 KB 66 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*Crl55Tm6yDNMoucPo1tvDg.png
miro.medium.com/max/135/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1*W_RAPQ62h0em559zluJLdQ.png
miro.medium.com/max/135/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sohne-400-italic.woff
glyph.medium.com/font/3887986/0-3j_4g_53_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/ |
19 KB 20 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_r
app.link/ |
91 B 563 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
open
api2.branch.io/v1/ |
316 B 630 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
profile
api2.branch.io/v1/ |
183 B 568 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pageview
api2.branch.io/v1/ |
28 B 388 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
pageview
api2.branch.io/v1/ |
28 B 388 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
batch
posts.specterops.io/_/ |
17 B 259 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| webpackChunklite function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_RUM object| process function| main object| __APOLLO_CLIENT__ function| _resizeIframe string| GoogleAnalyticsObject function| ga object| branch object| google_tag_data object| gaplugins object| gaGlobal object| gaData13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .medium.com/ | Name: vary Value: enable_medium_app_lo |
|
| .medium.com/ | Name: uid Value: lo_89c37c5e860e |
|
| .medium.com/ | Name: sid Value: 1%3AcJJ9jzFSVU178krY3nfLhadu2eL6FhU8SDNLRgpwnvzNn2pqlMbHPXO6EdC9P4MB |
|
| .medium.com/ | Name: __cfruid Value: 2ce0b98210fa5829b6853fa671a48fc9a40eaa8f-1645617597 |
|
| posts.specterops.io/ | Name: uid Value: lo_89c37c5e860e |
|
| posts.specterops.io/ | Name: sid Value: 1:C2oF+r1oGGD6XDP1kAo+Tlqz9PTOXL/nTQAdQVEmPH3074o/l0B+66IZmEEr8DUm |
|
| posts.specterops.io/ | Name: vary Value: enable_medium_app |
|
| posts.specterops.io/ | Name: _dd_s Value: rum=0&expire=1645618499318 |
|
| .specterops.io/ | Name: _ga Value: GA1.2.1912081560.1645617602 |
|
| .specterops.io/ | Name: _gid Value: GA1.2.1911633284.1645617602 |
|
| .specterops.io/ | Name: _gat Value: 1 |
|
| .specterops.io/ | Name: _gat_tracker0 Value: 1 |
|
| .app.link/ | Name: _s Value: sJDrOcbBHVyvhi29i2rPfp4WE5XNGmo%2B7LJXYK1WbLETSlhMtuHftYCbvai%2BUpCD |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | frame-ancestors 'self' https://medium.com |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
glyph.medium.com
medium.com
miro.medium.com
posts.specterops.io
www.google-analytics.com
143.204.215.75
2600:9000:2057:8000:19:9934:6a80:93a1
2600:9000:214f:1400:11:f728:3040:93a1
2606:4700:7::a29f:9804
2606:4700:7::a29f:9904
2a00:1450:4001:809::200e
52.5.181.79
018b5b257410f8d487cbce3c542d9063154574d83aa25bbef18844c901f18ff1
0791e414e986ffa3f6e135050df4933777c28ca6756119550d97a4aaa7d704af
09bec034955887ad90a938372a861283d2d145e92c28f2de3cd2799284152471
0a68bdc22aa6d2deedff5c4999e3618222cf20b0902530b7f924b9e2a4300e40
13fb572d9a934cccd76326d445b51861bcd675c4e06a199775ba1c2639cd9ff6
149e94404b0e86f4cbc2d7b2477449154e79db509d3028eb42ee02708182b563
20d1f56ba11ce04885ba77d1cec9d314748d73ce7de160765fe166b469b457b3
24c021e242080a6719147ac0b1348ac032d7b29f22fef35d44c610086ad06eb3
24f7e0e59372f1a17ff33fbdb7d878c8b9b76f4774e010d2dd2804a27ae64b30
257ccb1a2521df03e564c9c0f126c34b0e7c289090bbc84b55f6ae0e61b91392
2e499fbf59e858017a4248742c3424bc4651708c4033b0862a79b51b2a88ce14
2f15554a0139715f3c8db82a10aa47bbb71e40799928ad3845efeeddf9d37083
357d813877619ec6286141e695e5a647f4efd2fd72123c791d2e47d75f487a1d
36fdcdaa562cc2348745eaf48791cb54c9ee180eed45141d65e705fb56a2fdf5
386ff0e96e4564b30a3ba03e97878f71c9deccf8829ccfe73f80657a951aa572
3931b21f7555294211914aa674b509cc250b9a53c6695a56429387b59255b7e8
3b1c3db72fa6da00fe30f190a2b8ac5bb0bc1f8a1aa12b79d64a35c678b62b51
3d1920dedabd48fcb16c1ad0c1352a745b45a07f5efbbaab45bfe371589f8496
3d474a8a84592a2d701b5277b3a7df4c6bd910aa3739c5b32937d1a1346ea884
3d4997e3de54c0bc7f4b845fb053c714d48c52eed08a18f7555b2abc003e1990
4090cc19d5b36f8cc13478b84dad76a6d33ec15efce235cec76778e136e3d4f9
4168fe3724a8e4f8cac9c79ccf6c38d4e7304779f9c45251e7b8719ccac365a4
45027d3a33df916cdae6db8afc1e45ae166026e2ded58aef4d6cab23b11a3596
45ef9275c0a65840fd5193bccaf0ebb52108318b7f10fd38f44351d8efa2ef26
46c9f6855c2d21beccec423baaafaf376661312bbe7444825f6364b9ce459efc
47669c62447fb422cbd28e606f4015620df645dda26ce5f8189ee9dbcb23c1d5
4ab8d9caf917b6bec7ca41468d969db0b255f257732475aa890772a079d13239
4fe9ef0ee727afa5d449bcd76ebe42bdcb04b448a1c6d2d7dccfb6c08efbfb61
512b5d561c13a1b30861ed5829c82402b73db8dfbf34befaff397c2e98953040
59de2592681f5dd9e867385b256bbf3adffa6899a1bd91451d0d25917376fdaf
5b10ecc2ef727c59b4874c1ddc876a0f15ad98018264c21e4a948c446da8947b
5bc958db4ff48478c511759657bcf6b3956c36ce138f3a2d99d9b1730f02645f
5e15c5b1d86aba8b1217ae1fc038b857b6f427e873e69c536372f5e09577e6b4
616f3f316e3a2138ee7bbd4585cbee73d4165e163f55170074bfe3db74f50738
63d5ed100877af14015bbc208de37446811ce956e66d257c0c4af9f125cc23a6
650023eeeb84a95eabf337fdd5491023a315c1487adf8ed1d398dcacace69f12
65f0c65b5db3aa0568c7986479a4a3e909a05a84fb34ced48d70a2d628dd1444
672d075c985fcc753cea9065c6520aeb4d061b51c40a63c1e77354e8975fa47a
68078ec955d9fe1ecbba1656e1f4469e2585307cfc1b5b993df6e56e5de3d359
69319d5c3b310ed9728384564a7377c655254ee2bf8d7b0d8f446a9516cba2f9
6b3dd41522bb086c85f01424492e7d11c0319c80cc6283c7c45876ab1d624b91
6d6aa890b525425b22ec4ad56f272d3e4480f6be9c26a2f9f2ac325ed9099c7f
6e9a4246015ad572163a9eae7ddec430a20000cf580b47f21164f8c92fdc1ff0
72d811ea39f645d321d911989fac34c52f0f694797b10edc0733d83c42f7b77f
7953e2439a00dcd439eb61e65959dc6131239ab1ea81e854a2268316f0ee786d
79b9a0c05422e7a46ecf4950f322cebea48092cda2d6db9769114e8dbd6a17ae
7e29b93ecff53bb5f32f1cc61885c10185740edbc3bb16d87c08048d2af7b397
7f14214332f60b0f9f112dcd6a531a01a6043eae086690f468f1bf7967bca32c
7fc6e1bc50d5155a76a21b2e663e427634a2483e02f53de5b9b9f083438c5731
88a9759304d72c443340f743e7ea08c1965a8c3987a38c5243ad04545e674f8a
8a16399be3dd5a77dab492b09571656ea17bcab138b1422484312c761aecbf2d
8a9783669bd80b6f8257a3cbc57b59d61ef424f1b95cabef9b15f4ad0f6a7df9
8bbed4cdcb40b08a4791cf16f8738547b87e1488a6a6002cf16049b81678e6d5
8cf724aa8e1275c52479a57bb65d042eea0484ac82a7355ca0f06ef55e3de13c
8e4056816307ccf2cf812b96511d9181c77cf30478b9b183210048e6a9d54116
8fc69ae7fe159390316f74529abefacebc2b59f3648c3af2d6c432a3b78b07c6
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
93528e2b92a5a434ac2e269c76c6d072db3395b7e573a399c2026a6a6dab0c6e
961f2b3e92eba06b032c090511ab8fb8b65ff7f0b471c7bd22817061288f8368
9687282b3d31e4ddea869882cbe5217343cfece8a83e38aaf07652c82766dfa3
971c28b0d1f472873001dc7dc6a2cccb67ae422fd00cd6a12e753fbc1ff1e2ea
9790eec43905d6a645d41949887aa4d48fc32862b5739da194744e59d9843ce6
98727c089d2e24cb009cc4092221e17553101321174b8d7aaa876f41d734d222
9be04c105a719ee8857b9d66d60ea8332af465cdc75de4e14a1e28e0b2bf167c
9f2c1f3ed67f960d3ba0f120c688de9a9ac07db0a32ef8ad2eec65e703fe62f3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a059f7b5e5a86f97689f2f559fd701fe2d534e93bc0f1324933e28df091e1aaa
a0e73b69ba783f796b06a0da951e11c8a80395c5a225510f555a6e3763a51cdd
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3231d9c5077d6423b7ab05c50dbb1c953d5213c24ac287793b8217985743321
a70293b8f4742f6004f43881f4574e7c76f5186fccf0550efbb6ff2cc9c87c4f
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
abf7a5fdcf22bc470bd64c5cd0fba7695d8a97eac41c0d22e87e555c60536738
acebdf620c7ce3e1d09fc38c4a050da2e12491902f39ba3095961573941ae612
acfbbf8277040cf7a8aa0c120014dd848a324ba0c83c75376eb84aa2ebe757c8
ad8df3c3e61bfdf418237afe31c673cc230351d6252cf41f5392feb75fcd6c47
ae6394942d1cb24bfc33ef79109b1bd5f85638ce8764fc7b82df1ec1c5288a17
aeee8a82407af2e01e0f979ad893275a17496bd5c0e851545279272249e0cfb8
af706004c32c20570022c8a43ec04a25ab999dc72f7ff0ebd0a215ec5e4c29fc
b0f424bafe993b016ea96973894f95dfc4290608478a2d7d3fdd080d9b0a60d1
b12b2891723fb4289faf59bf7502bdcdfdc4f301c653128c7b4a1139271704c1
b2af52275cff999accae67ef261b3b49fadce77f9a5a3a10f4ac908d903dbdc9
b5291965181d7397c413c049ef055d2146a4bf693a989ded2b4a917341cab83b
b8affbc2a870d600ee7781415bdbd6a243fefe66a09bda17ead53f4f76473e6b
b9b342854878e881ee595685861b7aa2fecdf3510dc785e0638960e3c348b372
bc001c0ba3d95353f2c8d38764e28c442347c6dadddea149097ce0b7699f2f94
bf86f819dceffa8fdd6a65c6f1f8e431b575e264338d3edc040952db9cf20485
c240b8953137ef3ee026ef63e7dc816b6ecd546714ae3775bd22976f0d4da435
c4129775d82fe3b5cf3b4e3099b48eeb0ee716e19fe9f8c11436e465c50e3fa2
c4ce1a0eb9bac0aa8342c79eb85406443b8eb32db4c4532ec5cfc107f5226b3c
c93f24bc243c24279c6d6a6964d0aec12df58deb17e57fb84585305eb847d304
cfd0103a950c1b88b0f652f5dfba108b91378526e1637694356d6c761924115d
d089106e64ace7242b7aa6333cd807487c685785ac6f2c0184531dfa931c3fc2
d167bc56af6bc1231a953916dec835db5b2629ff06ef22f5ab25d048c71cc2d4
d27edaf567774c2c1b95103ed961bb62ec52376000eb5d82b95b8f7802826f1c
d68b753a11d9f06ed882392b75f256775ddbf6b4ab75e84a4ce560fb961c4884
dc15cb4d7b4d282233c525c6329cbbe303f6b369665824acfa9b2a1701009369
ddac8b642d7667b3fb9605ac5b043dcf21976aed041ad4d6221f0a0cc10a4376
de0e646d56babcf5004d2a9e8b0134d72056a222a8ce987c456a6b456988db50
df55e1647aaa31dc1a9879bb336faa6f878d2af6aec095a3b0dff0bdd909218f
e802d70642825aaf1ced7d5f0dabef00ccf135c78ddd0043aba5a0422868b6b2
ec7121b47a89c0f8c46fc497009d41ebd3f25601b5485753d11bc366050a8e0e
ef51bb71e5dece4317a836c372a2e0c196b4e8d4467efee685bc72382e1783c9
f0fda207d4b443ee2be6b65b8a07f19cd03908bda69223aff53d97b47fd2e4c8
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f660dcf5009462eebbe3e19971d60fca80544e3b91b6243d63353f477596a953
f87f4aa27a7bdb10c9bed3cbb2b14bcbb4afd2d34836e4c145f6dd42ae53271f
fa7a60838c0105f4125e6ca7cd863c0a075a129e4588d633b4f78231cef56f78
fdc0ca242605af1a6a53569f8eeddd4c87be033a824f23169b4116df7fc1167e