helensteam.com
Open in
urlscan Pro
172.67.207.15
Public Scan
Effective URL: https://helensteam.com/
Submission: On August 23 via automatic, source certstream-suspicious — Scanned from CA
Summary
TLS certificate: Issued by WE1 on July 24th 2024. Valid for: 3 months.
This is the only time helensteam.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.137.13 172.67.137.13 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
16 | 172.67.207.15 172.67.207.15 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:81d::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80c::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 13.35.93.83 13.35.93.83 | 16509 (AMAZON-02) (AMAZON-02) | |
21 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-83.jfk50.r.cloudfront.net
ddfcdn.realtor.ca |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
helensteam.com
helensteam.com |
838 KB |
3 |
realtor.ca
ddfcdn.realtor.ca — Cisco Umbrella Rank: 763170 |
35 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 |
|
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
103 KB |
1 |
helensteam.ca
1 redirects
www.helensteam.ca |
598 B |
21 | 5 |
Domain | Requested by | |
---|---|---|
16 | helensteam.com |
helensteam.com
|
3 | ddfcdn.realtor.ca | |
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
helensteam.com
|
1 | www.helensteam.ca | 1 redirects |
21 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.youtube.com |
www.instagram.com |
www.facebook.com |
www.tiktok.com |
maps.google.com |
search.google.com |
www.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
helensteam.com WE1 |
2024-07-24 - 2024-10-22 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
cdn.realtor.ca Amazon RSA 2048 M03 |
2023-10-12 - 2024-11-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://helensteam.com/
Frame ID: 5ECC8DC088771F185B7F27869369073A
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Helen's Team | Waterloo Region's Best Realtors - KW Real Estate AgentsPage URL History Show full URLs
-
https://www.helensteam.ca/
HTTP 301
https://helensteam.com/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
65 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: <img width="97" height="68" decoding="async" src="https://helensteam.com/wp-content/uploads/2020/08/youtube-icon.png" alt="YouTube Logo" /> Virtual Open House Tours
Search URL Search Domain Scan URL
Title: HELEN'S TEAM | Helen Fidler
Search URL Search Domain Scan URL
Title: review us on
Search URL Search Domain Scan URL
Title: Darlene Boehm
Search URL Search Domain Scan URL
Title: Lisa K (Lisa KL)
Search URL Search Domain Scan URL
Title: destiny egerdeen
Search URL Search Domain Scan URL
Title: mark lawson
Search URL Search Domain Scan URL
Title: Megan Flynn
Search URL Search Domain Scan URL
Title: James Dolmage
Search URL Search Domain Scan URL
Title: Peter Renco
Search URL Search Domain Scan URL
Title: GeeGee
Search URL Search Domain Scan URL
Title: Pete O'Donnell
Search URL Search Domain Scan URL
Title: Heidi Wade
Search URL Search Domain Scan URL
Title: James Huctwith
Search URL Search Domain Scan URL
Title: Sarah Taylor
Search URL Search Domain Scan URL
Title: Alphina Somalee Villanueva
Search URL Search Domain Scan URL
Title: Heidar Saleh
Search URL Search Domain Scan URL
Title: Deker Brasseur
Search URL Search Domain Scan URL
Title: A J
Search URL Search Domain Scan URL
Title: Lia Bartley
Search URL Search Domain Scan URL
Title: Phuong Nguyen Anh
Search URL Search Domain Scan URL
Title: Tina Barnes
Search URL Search Domain Scan URL
Title: Thanh Trung Nguyen
Search URL Search Domain Scan URL
Title: Steve Norton
Search URL Search Domain Scan URL
Title: Thomas Zobiak
Search URL Search Domain Scan URL
Title: Tony Chow
Search URL Search Domain Scan URL
Title: Abe Bay
Search URL Search Domain Scan URL
Title: Jay Harrison
Search URL Search Domain Scan URL
Title: Heather Isenegger
Search URL Search Domain Scan URL
Title: Mac Donlad
Search URL Search Domain Scan URL
Title: Scott Bautista
Search URL Search Domain Scan URL
Title: Katie Kish
Search URL Search Domain Scan URL
Title: maryyeh Ch
Search URL Search Domain Scan URL
Title: Danica Isailovic
Search URL Search Domain Scan URL
Title: Marty Vanbekkum
Search URL Search Domain Scan URL
Title: Hannah Pahuta
Search URL Search Domain Scan URL
Title: D D
Search URL Search Domain Scan URL
Title: Helen Montagnese
Search URL Search Domain Scan URL
Title: Heather Heartfield
Search URL Search Domain Scan URL
Title: Bonnie Campbell
Search URL Search Domain Scan URL
Title: nick king
Search URL Search Domain Scan URL
Title: Becky Ayre
Search URL Search Domain Scan URL
Title: Rachel Maloney
Search URL Search Domain Scan URL
Title: Andrew Kristensen
Search URL Search Domain Scan URL
Title: Caitlin Melanson
Search URL Search Domain Scan URL
Title: Marg Lemoine
Search URL Search Domain Scan URL
Title: Alanna Trubic
Search URL Search Domain Scan URL
Title: Mahsa Karam
Search URL Search Domain Scan URL
Title: My Nguyen
Search URL Search Domain Scan URL
Title: Leanne McLaughlin
Search URL Search Domain Scan URL
Title: Scolo F
Search URL Search Domain Scan URL
Title: Chris McClellan
Search URL Search Domain Scan URL
Title: Maya Grubisic
Search URL Search Domain Scan URL
Title: Sidharth Somanathan
Search URL Search Domain Scan URL
Title: Rosemary Anderson
Search URL Search Domain Scan URL
Title: Nasim Paryab
Search URL Search Domain Scan URL
Title: Neil V
Search URL Search Domain Scan URL
Title: Gabi Soares
Search URL Search Domain Scan URL
Title: Michala Jansa
Search URL Search Domain Scan URL
Title: Chuck Erion
Search URL Search Domain Scan URL
Title: Bronwyn Addico
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.helensteam.ca/
HTTP 301
https://helensteam.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
helensteam.com/ Redirect Chain
|
269 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d68109214c80f9cc1e058cd3a053f026.css
helensteam.com/wp-content/litespeed/css/ |
570 KB 84 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
helensteam.com/wp-content/themes/x-child/ |
13 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
helensteam.com/wp-includes/js/jquery/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
guest.png
helensteam.com/wp-content/plugins/widget-google-reviews/assets/img/ |
593 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
308 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
comment-reply.min.js
helensteam.com/wp-includes/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
common.js
helensteam.com/wp-content/plugins/realtypress-premium/public/templates/default/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
84fc511399cd7229ec2e1de186d6e027.js
helensteam.com/wp-content/litespeed/js/ |
302 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
167 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
163 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
167 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
171 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
163 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
165 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
175 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
165 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
171 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
175 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
171 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
169 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
132 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sidekix-media-_AK42TQRyCw-unsplash-1-1920.jpg.webp
helensteam.com/wp-content/uploads/2022/02/ |
200 KB 200 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
helensteam.com/wp-content/plugins/cornerstone/assets/fonts/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
helensteam.com/wp-content/plugins/cornerstone/assets/fonts/ |
138 KB 138 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-regular-400.woff2
helensteam.com/wp-content/plugins/cornerstone/assets/fonts/ |
170 KB 170 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
admin-ajax.php
helensteam.com/wp-admin/ |
455 B 977 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
helens-team-logo-301x180.png
helensteam.com/wp-content/uploads/2019/07/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
youtube-icon.png
helensteam.com/wp-content/uploads/2020/08/ |
537 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
40598700_1.jpg
ddfcdn.realtor.ca/listings/TS638528638883930000/reb16/medres/0/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
40579932_1.jpg
ddfcdn.realtor.ca/listings/TS638500290607030000/reb16/medres/2/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
40578900_1.jpg
ddfcdn.realtor.ca/listings/TS638498367453900000/reb16/medres/0/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cropped-favicon-32x32.png
helensteam.com/wp-content/uploads/2019/08/ |
283 B 780 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| jQuery function| LazyLoad object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| addComment function| load_jrange function| load_math_captcha function| refresh_math_captcha function| update_query_string_parameter function| google_autocomplete object| WPacTime function| rplg_badge_init function| rplg_load_imgs function| rplg_next_reviews function| rplg_leave_review_window function| _rplg_lang function| _rplg_popup function| _rplg_timeago function| _rplg_init_blazy function| _rplg_read_more function| _rplg_get_parent function| _grw_init_slider function| grw_init string| ajaxurl object| csJsData object| tco object| xJsData function| updateProgressBar function| initialize_map function| adjust_map function| rps_result_filter_form_search function| Blazy function| xToggleIntegrityCheck function| xToggleGetState function| xToggleGetStateFromNode function| xToggleUpdate function| xToggleDelete function| xToggleTempUnlock function| xToggleTempRelock function| xToggleSetLocking object| csGlobal object| rplg_blazy object| gaGlobal3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.helensteam.com/ | Name: _ga_QCK8MBN7TT Value: GS1.1.1724408762.1.0.1724408762.0.0.0 |
|
.helensteam.com/ | Name: _ga Value: GA1.1.1617395893.1724408763 |
|
helensteam.com/ | Name: math-captcha Value: c738a01bb0dff3a58cbae95731e0d1e1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ddfcdn.realtor.ca
helensteam.com
www.google-analytics.com
www.googletagmanager.com
www.helensteam.ca
13.35.93.83
172.67.137.13
172.67.207.15
2607:f8b0:4006:80c::200e
2607:f8b0:4006:81d::2008
03fdba476bf32618c3a56462d7b8ace915deeb85a16bdc5f84a8abf97dc27ae8
06e18d57b01ff51c6c3306bddee1faade6a1300523b6defdcaea2637b8706979
16fb396daced7899eed5ae5e3c124e075e18cfc09cb8f7bc73d45586514087e5
20a8d810969b3975e2eb2f759c3f2e0282447988249d2624a5041a92d1b08f73
22b069f047fe1013d9714f6f975ce068d4dd542ce7767c84aa615cfff2e54d2d
2f7cbbb448310c9ef76d6c33659f8f0783d5a5bba362d429dc0b5f7ae1fcbaf5
47b6ebaa242b4d7b86e49db3d81f0cffdb06122978dc7dddedf5e9119d4b1389
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
54d845fd183ebb3b027aa5ba6ae0dcdeff8a95267a2f1311c8488d1a0fc2bca3
59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0
5c073808863744828ea34b928d13b3dbd03de80e4f29dc8bd78157992ebed689
5f927a38310518e3c3bb3e15dcd593c246e4691bd8a34fe2a95add9b9a6b80d8
66237841de1f2611a0dd89e65e264748d10e1dbca61f7ca76be3609cc089a99e
670f6700b25ee91874d1acf7bc23a53f17d35da443aeb338bce7496caceed9f3
707edf9c4e7f30388c823c591ec38ec39be05901b7ad56d4386a71cb9a8faaa9
750cc9f2b465386e2a2f8fecc34f833b87e0bec8284a27bd664fe8dba3267e24
78603ecb884c3edaeb90229b5ed948aae0d98494e2c4549dca70e7ba2ae74f10
7ee3d9c20239ab8342c430ed3c538fcfaaf98cff9e9aee040350e9ad0431dd7a
810a015aa2461ff45be6208c0477670d5217a6938b796f16bc7e78bfc0772679
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
91959af03d0eee0af9bf267ff02b06d384b4c4b3d7663db8dbba8b038bc9b2ec
92a2808838c407a6c94fef48b0da662d3b3b8a4aea6e87b3546f6f79825ab224
93e6fce86b3e5ed803a398dccf529297d187d81f63f3f6e3c68a566a9b13e53e
99749bc05a12b80855cae27961a7b98ba7a1d2327b8e3735573e2596685ef48c
a9c87da9fa2c51cafa8e45f3adb8ef1d4f67276092a88dfcdf1f2314fc63efd8
ad6cccd126c0763a73647036d9392735f83130cf12a5c22487ea5f34bec8c23a
bbdaf6236e844b425ad7f97d73d768a368493cded89164e61e4f80a8d5db888f
c9bc6cd678ff4d98d206b1f0c875dae80761819b4abb7a602ba2671302dda261
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e51e6837569f731e8f8dab23b2e3b8c7509d2b13ff12763e3d6d68d6df59c544
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28d581145255a1a9799c5e7c6729890a9d0c17f81a665e6a5c292f69550f65d
f46c42251a656e24f69fe0673988d3341bdcbdad1b91c57fca1e2f9c452b15a7