support.bigleaf.net
Open in
urlscan Pro
104.16.51.111
Public Scan
Effective URL: https://support.bigleaf.net/hc/en-us/signin?return_to=https%3A%2F%2Fsupport.bigleaf.net%2Fhc%2Fen-us%2Frequests%2F170698
Submission Tags: phishing
Submission: On August 31 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 17th 2022. Valid for: 3 months.
This is the only time support.bigleaf.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 9 | 104.16.51.111 104.16.51.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 104.18.72.113 104.18.72.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.18.70.113 104.18.70.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:4700:303... 2606:4700:3032::ac43:a9f7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:1734 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2606:4700:303... 2606:4700:3034::ac43:9689 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
32 | 9 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 1970 p27.zdassets.com — Cisco Umbrella Rank: 38468 theme.zdassets.com — Cisco Umbrella Rank: 9789 |
412 KB |
9 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 897 kit.fontawesome.com — Cisco Umbrella Rank: 1585 ka-f.fontawesome.com — Cisco Umbrella Rank: 3205 |
422 KB |
8 |
bigleaf.net
2 redirects
support.bigleaf.net |
30 KB |
4 |
gstatic.com
fonts.gstatic.com |
65 KB |
1 |
zendesk.com
1 redirects
bigleaf.zendesk.com |
787 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 212 |
28 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
683 B |
32 | 7 |
Domain | Requested by | |
---|---|---|
8 | support.bigleaf.net |
2 redirects
static.zdassets.com
support.bigleaf.net |
6 | static.zdassets.com |
support.bigleaf.net
static.zdassets.com |
5 | ka-f.fontawesome.com |
kit.fontawesome.com
support.bigleaf.net |
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | theme.zdassets.com |
support.bigleaf.net
p27.zdassets.com |
3 | use.fontawesome.com |
support.bigleaf.net
use.fontawesome.com |
2 | p27.zdassets.com |
support.bigleaf.net
|
1 | bigleaf.zendesk.com | 1 redirects |
1 | cdnjs.cloudflare.com |
support.bigleaf.net
|
1 | kit.fontawesome.com |
support.bigleaf.net
|
1 | fonts.googleapis.com |
support.bigleaf.net
|
32 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bigleaf.net |
status.bigleaf.net |
app-retail.bigleaf.net |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.youtube.com |
www.zendesk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
support.bigleaf.net R3 |
2022-07-17 - 2022-10-15 |
3 months | crt.sh |
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2022-06-08 - 2022-12-15 |
6 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-01 - 2023-01-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-08 - 2022-10-31 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://support.bigleaf.net/hc/en-us/signin?return_to=https%3A%2F%2Fsupport.bigleaf.net%2Fhc%2Fen-us%2Frequests%2F170698
Frame ID: E3571409632ACBB02F8DF6F0A0A094CA
Requests: 29 HTTP requests in this frame
Frame:
https://support.bigleaf.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1661961600
Frame ID: 1676AAF24BC63B2280A92FB695151AF3
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Bigleaf NetworksPage URL History Show full URLs
-
https://support.bigleaf.net/hc/requests/170698
HTTP 301
https://support.bigleaf.net/hc/en-us/requests/170698 HTTP 302
https://support.bigleaf.net/hc/en-us/signin?return_to=https%3A%2F%2Fsupport.bigleaf.net%2Fhc%2Fen-us%2Fr... Page URL
Detected technologies
Zendesk (CMS) ExpandDetected patterns
React (JavaScript Frameworks) Expand
Detected patterns
- react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: contact us
Search URL Search Domain Scan URL
Title: status page
Search URL Search Domain Scan URL
Title: web dashboard
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Powered by Zendesk
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://support.bigleaf.net/hc/requests/170698
HTTP 301
https://support.bigleaf.net/hc/en-us/requests/170698 HTTP 302
https://support.bigleaf.net/hc/en-us/signin?return_to=https%3A%2F%2Fsupport.bigleaf.net%2Fhc%2Fen-us%2Frequests%2F170698 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://bigleaf.zendesk.com/auth/v2/host.js HTTP 302
- https://static.zdassets.com/auth/ac311c57e26ca310eef1d22b37d37bf4e2c69437/v2/host.js
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signin
support.bigleaf.net/hc/en-us/ Redirect Chain
|
19 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-f9a3b11a020466c0505307b99d4b35f9.css
static.zdassets.com/hc/assets/ |
47 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
p27.zdassets.com/hc/theming_assets/700647/167877/ |
98 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 683 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v6.0.0/css/ |
87 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bfc862380e.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ae9edc6dbfaa6b163ca558032c9fb4a9c06fd4c8.png
theme.zdassets.com/theme_assets/700647/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us.2c0754d7bce875734fcf.js
static.zdassets.com/hc/assets/ |
200 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
host.js
static.zdassets.com/auth/ac311c57e26ca310eef1d22b37d37bf4e2c69437/v2/ Redirect Chain
|
27 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hc_enduser-c09900091db30d29799bc9680600d4fa.js
static.zdassets.com/hc/assets/ |
548 KB 174 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
p27.zdassets.com/hc/theming_assets/700647/167877/ |
16 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
639f7ccc9a6ba7c586b028bd2b669cd30529e961.png
theme.zdassets.com/theme_assets/700647/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ |
31 KB 16 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCs16Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ |
31 KB 16 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ |
31 KB 16 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
use.fontawesome.com/releases/v6.0.0/webfonts/ |
102 KB 103 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aX8.ttf
fonts.gstatic.com/s/montserrat/v25/ |
31 KB 17 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
use.fontawesome.com/releases/v6.0.0/webfonts/ |
124 KB 125 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ec5e447aca67aad1e96deae608624a1c686770ae.jpg
theme.zdassets.com/theme_assets/700647/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-56493a1793e64505e8e4058de58a1cef.js
static.zdassets.com/hc/assets/ |
135 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Notifications-c3ead3acc6739af34739b80cf1366af1.js
static.zdassets.com/hc/assets/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recent_activities
support.bigleaf.net/hc/api/internal/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
activity
support.bigleaf.net/hc/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
support.bigleaf.net/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 1676 |
37 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pica.js
support.bigleaf.net/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1676 |
19 KB 7 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7437b25c6a499baa
support.bigleaf.net/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1676 |
2 B 532 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| FontAwesomeKitConfig function| $ function| jQuery object| I18N object| HelpCenter object| webpackChunkhelp_center object| regeneratorRuntime object| I18n4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.support.bigleaf.net/ | Name: __cfruid Value: 851554ef20f098f2c4ee72940781b49458c05d3f-1661969150 |
|
support.bigleaf.net/ | Name: _help_center_session Value: bE83SW5CVjJDbGlmVUJIOFU5MGE0cHJ2MjdEaE5WbjAvUUpHZW1UNXk5MzI5Wk5UamJQV3d1c2VFdnNxZDJqajZYSWZYK1JMVEh6c01pK0VmN0VRc2huem0reGZ6WXY3Uk1iTHl6TjJ0WjZSTDB5eTdPZjdSU3hyeGE1V3BMQ0QtLUNEaCtBS0Q2bXdFVndENUtRTEo3SFE9PQ%3D%3D--bec10c9e98aeba55143e1e4eaf644959ae5c1d57 |
|
.bigleaf.zendesk.com/ | Name: __cfruid Value: bfa5029ee732ec2e95c5ec55ef188ce817e79ba4-1661969151 |
|
.support.bigleaf.net/ | Name: __cf_bm Value: IzD4f9lrg3hLV8dTmNlbRCnEqo9Gxz3_fibzWq0yzFk-1661969152-0-AYwXgZadn5PS9Fl2r48AcqF6PGW+XLweqrPIYBJmJdG6y9DOWP/IiW7Q5SeIPGQa7Hg5jFpPZ8zRWxr/y/dl81bUqQWI0dcBRxPvs4NWRMDjub2/wxB+iVOGNXFj6hehnA== |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=259200; |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bigleaf.zendesk.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
p27.zdassets.com
static.zdassets.com
support.bigleaf.net
theme.zdassets.com
use.fontawesome.com
104.16.51.111
104.18.70.113
104.18.72.113
2606:4700:3032::ac43:a9f7
2606:4700:3034::ac43:9689
2606:4700::6811:190e
2606:4700::6812:1734
2a00:1450:4001:800::200a
2a00:1450:4001:812::2003
0169e4dcdc172069ab64d72f8eb7a3ea2b9289efb71a8ba814ac4e2248963f0b
01b393ad306fad9b3f8d852d871152f1fc12fbe0bf83827cfb289bc8905bf565
028a56aa50a10a76910d166f48d717134dcca912a5dbe07fd84d78b353182337
10b2577e947231349936311271e966ceb6d2977117054ffe864c586dd7421531
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
23c60c2c0ce2bd22574a0ed8a55ea0dd098b79274eb1f32447e9d27ae87a1e87
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5
46a7be70025ccbe492986449e34cad65ed68478ca78362d508282fe385926ea3
5165dc3bb6e9898bb10dc47ef817eb9d202c8a334220fe1966504ebd74b34c4b
5825d8f62501820c9252005ae0d3a6bfbd66d3e58d925b39a628528c40b7e52d
5932f8dcdaae0f6353352d2e56e0cab043a8c8a0987ccaf1c79f3985eb798639
5ec1f1b316931bbffaa1b8dcfcd76933823f0d5073cf40481ac65f0d17980ab6
630289b7c03bdb6e89d7361bd639497353f88d29f28327f0dc8ad668eb3c3304
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7d6b3acac84ed57a0c82d2a51fc92a787bd9ae1cf49fef6dda4488ee74e1aef1
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
84e7276821ad5ad6b54116b03e7cf404b517a1c801c7387eefbd64f579dfffa0
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
9fa1597aa0194965786ee8e939948e6ee56faea3ce4703a675bead13ab4f032b
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
bedb5c0eb2e55675ecd496c04f7780adeeadc2a0fef36c335a84724f29812628
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c87466d52dda3d886eb821017ea9c21a4c0755171eab27b7579d05ab4d6c8e85
c8861d4f88efa374f573575cb6063bf54ee05e7d65d83eb8668c531687d06c85
cb7c49ab264df288e272de8eada58f92d157590b44fa5d3a296803c2c72ec78e
cf532f1cbffbdf21bfe4924dcc6c902b64c39842ce5eb2fe896ea1651d168edd
dd8fe7a3baed62f6d49922f5e9d2687f3cab90c9abf7ecd90fca3306ed3fc733
df4da54449c5be63f55b45b3e9d64f9a859f29476f1dc0f1c5286f96a44c9a49
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e