manuelamarodaluz.com Open in urlscan Pro
35.176.190.57  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request confirmyouridentity.php Show response manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/	12 KB 12 KB	67ms 42ms	Document text/html	35.176.190.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Server 35.176.190.57 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-190-57.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash 17a7a064d63e4014a2115d51fcab9ce66542249ff91eb263f899130c5d285243 Request headers Host manuelamarodaluz.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 10 Mar 2020 08:03:22 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	index.css manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/	11 KB 11 KB	38ms 22ms	Stylesheet text/css	35.176.190.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Server 35.176.190.57 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-190-57.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash 728072e34298a7162a370b1edb3666d90dc8cbf1e8240887601e258d44936915 Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 10 Mar 2020 08:03:22 GMT Last-Modified Sun, 22 Aug 2010 10:52:00 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10986
GET H/1.1	200 OK	validator.js Show response manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/	24 KB 24 KB	44ms 23ms	Script application/javascript	35.176.190.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/validator.js Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Server 35.176.190.57 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-176-190-57.eu-west-2.compute.amazonaws.com Software Apache / Resource Hash 0ffcf7bce06c3750f68c5580c4f4210648124ba7077774375b28ed2b638c49c6 Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Tue, 10 Mar 2020 08:03:22 GMT Last-Modified Sun, 22 Aug 2010 10:52:00 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 24726
GET H/1.1	200 OK	ChaseNew.gif chaseonline.chase.com/images//	742 B 2 KB	691ms 113ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images//ChaseNew.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash d82b8b41b5b6bcd2069fd19593e54bae7af16be3458f9765ffc30aee5b5a187f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Mon, 28 Mar 2005 18:52:40 GMT Age 10631 ETag "0cfa50c733c51:0" WAMI 331 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 05:06:10 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 742 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	logoff.gif chaseonline.chase.com/images/	1 KB 2 KB	691ms 114ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images/logoff.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 5a943b9b605a7465fa37d9d7b5efdc23700e4f123c1ebe8a47b6fc51558ac36c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Mon, 14 Feb 2005 19:43:12 GMT Age 5544 ETag "08d76acd12c51:0" WAMI 332 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 06:30:57 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 1473 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	arrow_outlined-short.gif chaseonline.chase.com/images/	152 B 1009 B	717ms 139ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images/arrow_outlined-short.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash e4570441947025dce5344485547e6a292588beb69c42d10c6f803ee26636c36a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Fri, 08 Jun 2012 18:35:26 GMT Age 0 ETag "0ebaa78a545cd1:0" WAMI 332 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 08:03:22 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 152 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	headerback.gif chaseonline.chase.com/Themes/default/images/	323 B 1 KB	726ms 111ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/Themes/default/images/headerback.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 119c8f4ce00a48b0578d58487cbfd7bf1a2ead81cdaf193624b44f0202ef2b38 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Thu, 12 Jan 2017 23:38:01 GMT Age 8223 ETag "805276e92c6dd21:0" WAMI 332 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 05:46:18 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 323 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	headertext.gif chaseonline.chase.com/Themes/default-col/images/	580 B 1 KB	728ms 112ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/Themes/default-col/images/headertext.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 2a91c7f2487148a2094b0defe62f23cd40df2c0c4724e042718a7a09fdef48e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Mon, 27 Feb 2017 22:28:43 GMT Age 8206 ETag "805f1ada4891d21:0" WAMI 350 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 05:46:36 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 580 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	curvebg_lightblue_left.gif chaseonline.chase.com/images/	120 B 979 B	732ms 114ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images/curvebg_lightblue_left.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 23b649a121ddde9af4a3125e826c81d408c1acca29fa71b1dc635478594211e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Fri, 08 Jun 2012 18:35:26 GMT Age 132 ETag "0ebaa78a545cd1:0" WAMI 350 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 08:01:10 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 120 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	curvebg_lightblue_right.gif chaseonline.chase.com/images/	121 B 981 B	597ms 114ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images/curvebg_lightblue_right.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 90e5f0ec8b2cce2a462b3f5125cf6551e7fa8c0e072baba95841959d3f260d43 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Fri, 08 Jun 2012 18:35:26 GMT Age 1137 ETag "0ebaa78a545cd1:0" WAMI 334 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 07:44:25 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 121 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	dash.gif chaseonline.chase.com/images/	43 B 901 B	598ms 111ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images/dash.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 5000e29ab6bdc274ccf4c92f81f59e088f01a71e9ae46c89715de8043b79bdd0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Mon, 14 Feb 2005 19:43:12 GMT Age 5513 ETag "08d76acd12c51:0" WAMI 333 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Date Tue, 10 Mar 2020 06:31:28 GMT Connection Keep-Alive Accept-Ranges bytes Content-Length 43 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	button_bg.gif chaseonline.chase.com/images/	155 B 900 B	617ms 135ms	Image image/gif	159.53.116.30 AS-7743
General Check archive.org Show headers Download Go to Show image Full URL https://chaseonline.chase.com/images/button_bg.gif Requested by Host: manuelamarodaluz.com URL: http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/confirmyouridentity.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.53.116.30 , United States, ASN7743 (AS-7743, US), Reverse DNS Software / Resource Hash 269f156b56a6de7f0b598a674b80fc39315e37fc5fc6f33075bb72f222aad6e0 Request headers Referer http://manuelamarodaluz.com/chasee/securechase/securechase/chaseonline.chase.com/Logon.aspx/index.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Tue, 10 Mar 2020 08:03:22 GMT Last-Modified Mon, 14 Feb 2005 19:43:12 GMT Age 0 ETag "08d76acd12c51:0" WAMI 350 Content-Type image/gif Access-Control-Allow-Origin https://m.chase.com Cache-Control max-age=14400 Connection Keep-Alive Accept-Ranges bytes Content-Length 155

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Validator function| set_addnl_vfunction function| sfm_enable_show_msgs_together function| clear_all_validations function| form_submit_handler function| add_validation function| handle_item_on_killfocus function| validator_enable_OPED function| sfm_ErrorDisplayHandler function| edh_clear_msgs function| edh_FinalShowMsg function| edh_EnableOnPageDisplay function| edh_ShowMsg function| AlertMsgDisplayer function| alert_clearmsg function| alert_showmsg function| sfm_show_error_msg function| DivMsgDisplayer function| div_clearmsg function| element_div_name function| div_showmsg function| show_div_msg function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmail function| TestComparison function| TestSelMin function| TestSelMax function| IsCheckSelected function| TestDontSelectChk function| TestShouldSelectChk function| TestRequiredInput function| TestFileExtension function| TestMaxLen function| TestMinLen function| TestInputType function| TestEmail function| TestLessThan function| TestGreaterThan function| TestRegExp function| TestDontSelect function| TestSelectOneRadio function| TestSelectRadio function| validateInput function| VWZ_IsListItemSelected function| VWZ_IsChecked object| emailpassValidator

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chaseonline.chase.com
manuelamarodaluz.com
159.53.116.30
35.176.190.57
0ffcf7bce06c3750f68c5580c4f4210648124ba7077774375b28ed2b638c49c6
119c8f4ce00a48b0578d58487cbfd7bf1a2ead81cdaf193624b44f0202ef2b38
17a7a064d63e4014a2115d51fcab9ce66542249ff91eb263f899130c5d285243
23b649a121ddde9af4a3125e826c81d408c1acca29fa71b1dc635478594211e2
269f156b56a6de7f0b598a674b80fc39315e37fc5fc6f33075bb72f222aad6e0
2a91c7f2487148a2094b0defe62f23cd40df2c0c4724e042718a7a09fdef48e0
5000e29ab6bdc274ccf4c92f81f59e088f01a71e9ae46c89715de8043b79bdd0
5a943b9b605a7465fa37d9d7b5efdc23700e4f123c1ebe8a47b6fc51558ac36c
728072e34298a7162a370b1edb3666d90dc8cbf1e8240887601e258d44936915
90e5f0ec8b2cce2a462b3f5125cf6551e7fa8c0e072baba95841959d3f260d43
d82b8b41b5b6bcd2069fd19593e54bae7af16be3458f9765ffc30aee5b5a187f
e4570441947025dce5344485547e6a292588beb69c42d10c6f803ee26636c36a