ginistudio.com
Open in
urlscan Pro
107.180.3.29
Malicious Activity!
Public Scan
Submission: On February 26 via automatic, source openphish
Summary
This is the only time ginistudio.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NAB Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 107.180.3.29 107.180.3.29 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 | 104.108.53.63 104.108.53.63 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 2 | 52.17.182.129 52.17.182.129 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 172.82.228.16 172.82.228.16 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
21 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-3-29.ip.secureserver.net
ginistudio.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-53-63.deploy.static.akamaitechnologies.com
www.nab.com.au |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
nab.demdex.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net
metrics.nab.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
ginistudio.com
ginistudio.com |
150 KB |
3 |
nab.com.au
1 redirects
www.nab.com.au metrics.nab.com.au |
43 KB |
2 |
demdex.net
1 redirects
nab.demdex.net |
3 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
18 | ginistudio.com |
ginistudio.com
|
2 | metrics.nab.com.au |
1 redirects
ginistudio.com
|
2 | nab.demdex.net |
1 redirects
ginistudio.com
|
1 | www.nab.com.au |
ginistudio.com
|
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.nab.com.au Entrust Certification Authority - L1M |
2018-09-02 - 2020-01-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://ginistudio.com/nab/nextpage.html
Frame ID: CDD277D4F3F1ED56A85BC1F151082BAD
Requests: 21 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- http://nab.demdex.net/event?d_nsid=0&d_ld=_ts%3D1551184196537&c_pageName=nab%3Aib-platform%3Aregister%3Aidentify&c_channel=nab%3Aib-platform&c_server=ginistudio.com&c_campaign=Typed%2FBookmarked&c_events=event1&c_prop1=D%3Dv1&c_eVar1=nab&c_prop2=D%3Dch&c_eVar2=D%3Dch&c_prop3=D%3Dv3&c_eVar3=nab%3Aib-platform%3Aregister&c_prop5=D%3Dv5&c_eVar5=1&c_prop9=D%3DpageName&c_eVar9=D%3DpageName&c_prop11=D%3Dg&c_eVar11=D%3Dg&c_prop13=D%3Dv13&c_eVar13=New&c_prop30=D%3Dv30&c_eVar30=nab%3Aib-platform%3Aregister%3Aidentify&c_prop31=D%3D%22Typed%2FBookmarked%3A%22%2BpageName&c_eVar31=Typed%2FBookmarked&c_eVar32=Typed%2FBookmarked&c_eVar33=Typed%2FBookmarked&c_eVar34=n%2Fa&c_eVar35=n%2Fa&c_eVar36=Typed%2FBookmarked&c_eVar37=Typed%2FBookmarked&c_eVar38=n%2Fa&c_prop72=VisitorAPI%20Present&c_eVar73=Tuesday%7C11%3A29%20PM&c_eVar74=D%3Dt&c_prop75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&c_eVar75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&c_eVar77=http%3A%2F%2Fginistudio.com%2Fnab%2Fnextpage.html&c_hier1=D%3DpageName%2B%22%3Aindex%22&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_nab_0_1551184196537 HTTP 302
- http://nab.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1551184196537&c_pageName=nab%3Aib-platform%3Aregister%3Aidentify&c_channel=nab%3Aib-platform&c_server=ginistudio.com&c_campaign=Typed%2FBookmarked&c_events=event1&c_prop1=D%3Dv1&c_eVar1=nab&c_prop2=D%3Dch&c_eVar2=D%3Dch&c_prop3=D%3Dv3&c_eVar3=nab%3Aib-platform%3Aregister&c_prop5=D%3Dv5&c_eVar5=1&c_prop9=D%3DpageName&c_eVar9=D%3DpageName&c_prop11=D%3Dg&c_eVar11=D%3Dg&c_prop13=D%3Dv13&c_eVar13=New&c_prop30=D%3Dv30&c_eVar30=nab%3Aib-platform%3Aregister%3Aidentify&c_prop31=D%3D%22Typed%2FBookmarked%3A%22%2BpageName&c_eVar31=Typed%2FBookmarked&c_eVar32=Typed%2FBookmarked&c_eVar33=Typed%2FBookmarked&c_eVar34=n%2Fa&c_eVar35=n%2Fa&c_eVar36=Typed%2FBookmarked&c_eVar37=Typed%2FBookmarked&c_eVar38=n%2Fa&c_prop72=VisitorAPI%20Present&c_eVar73=Tuesday%7C11%3A29%20PM&c_eVar74=D%3Dt&c_prop75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&c_eVar75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&c_eVar77=http%3A%2F%2Fginistudio.com%2Fnab%2Fnextpage.html&c_hier1=D%3DpageName%2B%22%3Aindex%22&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_nab_0_1551184196537
- http://metrics.nab.com.au/b/ss/nab-prd/1/H.27.5/s87700268869377?AQB=1&ndh=1&t=26%2F1%2F2019%2012%3A29%3A56%202%200&fid=4DA2EE6EE928D6AD-218EC21376661E89&ce=UTF-8&ns=nab&cdp=3&pageName=nab%3Aib-platform%3Aregister%3Aidentify&g=http%3A%2F%2Fginistudio.com%2Fnab%2Fnextpage.html&cc=AUD&ch=nab%3Aib-platform&server=ginistudio.com&v0=Typed%2FBookmarked&events=event1&c1=D%3Dv1&v1=nab&c2=D%3Dch&v2=D%3Dch&c3=D%3Dv3&v3=nab%3Aib-platform%3Aregister&c5=D%3Dv5&v5=1&c9=D%3DpageName&v9=D%3DpageName&c11=D%3Dg&v11=D%3Dg&c13=D%3Dv13&v13=New&c30=D%3Dv30&v30=nab%3Aib-platform%3Aregister%3Aidentify&c31=D%3D%22Typed%2FBookmarked%3A%22%2BpageName&v31=Typed%2FBookmarked&v32=Typed%2FBookmarked&v33=Typed%2FBookmarked&v34=n%2Fa&v35=n%2Fa&v36=Typed%2FBookmarked&v37=Typed%2FBookmarked&v38=n%2Fa&c72=VisitorAPI%20Present&v73=Tuesday%7C11%3A29%20PM&v74=D%3Dt&c75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&v75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&v77=http%3A%2F%2Fginistudio.com%2Fnab%2Fnextpage.html&h1=D%3DpageName%2B%22%3Aindex%22&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- http://metrics.nab.com.au/b/ss/nab-prd/1/H.27.5/s87700268869377?AQB=1&pccr=true&vidn=2E3A98A2053108F8-6000012A2001F61A&&ndh=1&t=26%2F1%2F2019%2012%3A29%3A56%202%200&fid=4DA2EE6EE928D6AD-218EC21376661E89&ce=UTF-8&ns=nab&cdp=3&pageName=nab%3Aib-platform%3Aregister%3Aidentify&g=http%3A%2F%2Fginistudio.com%2Fnab%2Fnextpage.html&cc=AUD&ch=nab%3Aib-platform&server=ginistudio.com&v0=Typed%2FBookmarked&events=event1&c1=D%3Dv1&v1=nab&c2=D%3Dch&v2=D%3Dch&c3=D%3Dv3&v3=nab%3Aib-platform%3Aregister&c5=D%3Dv5&v5=1&c9=D%3DpageName&v9=D%3DpageName&c11=D%3Dg&v11=D%3Dg&c13=D%3Dv13&v13=New&c30=D%3Dv30&v30=nab%3Aib-platform%3Aregister%3Aidentify&c31=D%3D%22Typed%2FBookmarked%3A%22%2BpageName&v31=Typed%2FBookmarked&v32=Typed%2FBookmarked&v33=Typed%2FBookmarked&v34=n%2Fa&v35=n%2Fa&v36=Typed%2FBookmarked&v37=Typed%2FBookmarked&v38=n%2Fa&c72=VisitorAPI%20Present&v73=Tuesday%7C11%3A29%20PM&v74=D%3Dt&c75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&v75=2.9%20-%20Legacy%20scode%20with%20Visitor%20Id%20-%20MAY%202016&v77=http%3A%2F%2Fginistudio.com%2Fnab%2Fnextpage.html&h1=D%3DpageName%2B%22%3Aindex%22&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
nextpage.html
ginistudio.com/nab/ |
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
ginistudio.com/nab/nextpage_files/ |
397 B 626 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.js.download
ginistudio.com/nab/nextpage_files/ |
103 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate-1.2.1.js.download
ginistudio.com/nab/nextpage_files/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
encoder.js.download
ginistudio.com/nab/nextpage_files/ |
487 B 645 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
general.js.download
ginistudio.com/nab/nextpage_files/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popup_window.js.download
ginistudio.com/nab/nextpage_files/ |
803 B 815 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ib-reg.css
ginistudio.com/nab/nextpage_files/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sms-authorisation.css
ginistudio.com/nab/nextpage_files/ |
2 KB 872 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
registrationTimeout.js.download
ginistudio.com/nab/nextpage_files/ |
214 B 501 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ib_nab_logo_strapline.png
ginistudio.com/nab/nextpage_files/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ib_header_label.gif
ginistudio.com/nab/nextpage_files/ |
472 B 740 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab-defence-header.png
ginistudio.com/nab/nextpage_files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id.gif
ginistudio.com/nab/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab-defence-logo.png
ginistudio.com/nab/nextpage_files/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s_code.js.download
ginistudio.com/nab/nextpage_files/ |
110 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab_bg.gif
ginistudio.com/nab/images/style/ |
344 B 344 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ib_masthead.png
ginistudio.com/nab/images/ |
343 B 343 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code.js
www.nab.com.au/includes/nab/resources/omniture/ |
110 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
firstevent
nab.demdex.net/ Redirect Chain
|
396 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s87700268869377
metrics.nab.com.au/b/ss/nab-prd/1/H.27.5/ Redirect Chain
|
43 B 715 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NAB Bank (Banking)126 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| nc_var1 function| $ function| jQuery function| encode function| encodeOnFormSubmit function| onKDHandler function| initKey function| init function| disstatus function| getCookieVal function| getCookie function| createCookie boolean| canClose function| logout function| sendMenuRequest function| submitMenu function| exitToErrorPage function| stripCharsInBag function| trimLeft function| trimCharacters function| validateNumber function| validateWord function| validateAlphaNumeric function| convertToDate function| formatAmount function| validatePassword function| validateMaxLengthPassword function| validateNum function| validateAlphaNum function| validateDate function| isDateValid function| validateDecimal function| validateZero function| isNonZeroInteger function| validateTele function| validateBSB function| reformatDate function| isEmpty function| isDigit function| containsValue function| asynchGet function| asynchGetDataProcess function| check function| IsNumeric function| navigateTo function| onLoadAlert function| browserWidth function| browserHeight function| setIBWindowCoordCookie function| getIBWindowCoordCookie function| restrictCurrencyInput function| restrictDigitInput function| imgError function| test function| limitLength function| removeSpaces function| removeLeadingTrailingSpaces function| sortBy function| showAlertPopup undefined| NS4 undefined| IE4 undefined| ver4 undefined| IE5 boolean| isMac function| helpwin function| abswin function| logoff function| logoffIB string| SST_MYBUDGET_URL function| logoffFMT function| logoffAndGoToNationalLocation function| goToNationalLocation function| goToNationalContact function| goToSecurity function| applyTxAccount function| applyHyioAccount function| applyHomeLoan function| logoffOpenWindow function| openWindow function| openPopUpWindow function| registrationTimeout function| doCancel function| closeWindow string| s_codeVer function| Visitor object| visitor string| s_account object| s function| s_doPlugins function| syncSsc function| SscCookieHandler function| syncAnalyticsVisitorCookie object| _scDilObj object| aDil string| s_code string| s_objectID function| s_gi function| s_giqf object| s_c_il number| s_c_in string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft function| DIL function| AppMeasurement_Module_DIL number| s_giq object| pathArray string| j string| k number| d object| eo number| y object| s_i_1_nab function| demdexRequestCallback_nab_0_1551184196537 function| getMessagesText function| showMessagePopup function| setFocusOnFirstErrorFieldOnLoad string| messageString14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ginistudio.com/ | Name: aam_uuid Value: 66683565383667739702907082763773828352 |
|
ginistudio.com/ | Name: sync_s_vi Value: sync |
|
.ginistudio.com/ | Name: s_kywd Value: %5B%5B%27n%2Fa%27%2C%271551184196532%27%5D%5D |
|
.ginistudio.com/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
.ginistudio.com/ | Name: s_atx Value: %5B%5B%27Typed%2FBookmarked%27%2C%271551184196531%27%5D%5D |
|
.ginistudio.com/ | Name: dl Value: 1 |
|
.ginistudio.com/ | Name: s_invisit Value: true |
|
.ginistudio.com/ | Name: s_cid Value: %5B%5B%27Typed%2FBookmarked%27%2C%271551184196531%27%5D%5D |
|
.ginistudio.com/ | Name: s_vnum Value: 1551398400530%26vn%3D1 |
|
.ginistudio.com/ | Name: s_nr Value: 1551184196532-New |
|
.ginistudio.com/ | Name: s_cm Value: Typed%2FBookmarkedundefinedTyped%2FBookmarkedTyped%2FBookmarked |
|
.ginistudio.com/ | Name: gpv_pN Value: nab%3Aib-platform%3Aregister%3Aidentify |
|
.ginistudio.com/ | Name: s_fid Value: 4DA2EE6EE928D6AD-218EC21376661E89 |
|
.ginistudio.com/ | Name: s_cc Value: true |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ginistudio.com
metrics.nab.com.au
nab.demdex.net
www.nab.com.au
104.108.53.63
107.180.3.29
172.82.228.16
52.17.182.129
051a7fd37fa8cb81ee9b64fbf39a4d692926d2bbfb5d2ce4f724c15ef2354e8d
1db819dcbb72ac4e9529d8df198045b2447e28fccc8c52e9d299e2cb2485bd2c
1fe89651b630000defa2daf33a05b5171bd6b187b2aa95d7fefe7b4e72cb5b05
26447f2d6b363bd04b35860e577dfd9c8c6a3911cccb7d2602f9039480044e5e
3693a8a88dacab7bcbedb29d865a38b9457ffa13baad22420a8ecaf586bb7459
393efbbcaeba143a7c591b57b272294605f36f9fc8eb8776fc082d27c13953b2
3d44c3005bb726e9e638ca1b376c67da2a97e7b7f46f994a2d3b52be3cf0f1b1
4155f2e16a46137291790b18c5fc2251732894a8a8ba09e127b4bd549986b623
429ef8409a3d26b37e6c62c0ee4b742be73843419114bae158be7fb6f67ae1a0
6a255e33d0a2bddf2e6cb22ba3ff2572ce49b3aed73902534fa106655f24d221
6f809282dc927fc4a07bdefa19d725de8d36ec724ef1f12fa534972f7549c2ff
8b6035de50f2f04534e220672d16b80a9a1f2fbb4cee2fcc9a093fda1fcf4cb9
9518398e7b5a4e8021ac45f72808ce8b9d426935a100bfaae78dc32b2a9426cc
96f650e5ba1480455ba02b0d7610f46bee29dcd970aaf5e547564c2e7d7472d8
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a50ddd7300d6197297a99ed54b5058ed2a59a86c237a3be1433adcf8ed2784c2
b82c70819a0d9ca38f0dc1f16fd81b1d00ad2c28456be7529dfb3091e6b1492b
c8b5c36b604b175f0c6be6b98f40c5b82c05b0a76aadd383a61b0f4fe0b3d264
e6ec31ae6f6274cf42f06683d35a8af480b33e44116fa004a3b2b80bd7ee4242
e7e89d554cd43135d70eb31904349a1069b8719d174dceb5ec4857b3fd996a69