preferred-renovations.net
Open in
urlscan Pro
208.98.35.93
Public Scan
Submitted URL: https://preferred-renovations.net/
Effective URL: https://preferred-renovations.net/Authentication/Login?ReturnUrl=%2F
Submission: On October 13 via api from BE — Scanned from CA
Effective URL: https://preferred-renovations.net/Authentication/Login?ReturnUrl=%2F
Submission: On October 13 via api from BE — Scanned from CA
Summary
This website contacted 6 IPs
in 1 countries
across 6 domains to perform 30 HTTP transactions.
The main IP is 208.98.35.93, located in
Chicago, United States and
belongs to SHARKTECH, US.
The main domain is preferred-renovations.net.
TLS certificate: Issued by R11 on August 11th 2024. Valid for: 3 months.
This is the only time preferred-renovations.net was scanned on urlscan.io!
TLS certificate: Issued by R11 on August 11th 2024. Valid for: 3 months.
This is the only time preferred-renovations.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 22 | 208.98.35.93 208.98.35.93 | 46844 (SHARKTECH) (SHARKTECH) | |
| 5 | 3.171.139.21 3.171.139.21 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700:303... 2606:4700:3037::ac43:8ef5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2607:f8b0:400... 2607:f8b0:400d:c0d::61 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2607:f8b0:400... 2607:f8b0:400d:c0b::64 | 15169 (GOOGLE) (GOOGLE) | |
| 30 | 6 |
22
208.98.35.93
(Chicago, United States)
ASN46844 (SHARKTECH, US)
PTR: gushes.candlestickcreator.com
ASN46844 (SHARKTECH, US)
PTR: gushes.candlestickcreator.com
| preferred-renovations.net |
5
3.171.139.21
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-21.jfk52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-171-139-21.jfk52.r.cloudfront.net
| kendo.cdn.telerik.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
preferred-renovations.net
1 redirects
preferred-renovations.net |
414 KB |
| 5 |
telerik.com
kendo.cdn.telerik.com — Cisco Umbrella Rank: 13663 |
2 MB |
| 1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34 |
|
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
104 KB |
| 1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1222 |
10 KB |
| 1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270 |
25 KB |
| 30 | 6 |
| Domain | Requested by | |
|---|---|---|
| 22 | preferred-renovations.net |
1 redirects
preferred-renovations.net
|
| 5 | kendo.cdn.telerik.com |
preferred-renovations.net
|
| 1 | www.google-analytics.com |
www.googletagmanager.com
|
| 1 | www.googletagmanager.com |
preferred-renovations.net
|
| 1 | use.fontawesome.com |
preferred-renovations.net
|
| 1 | stackpath.bootstrapcdn.com |
preferred-renovations.net
|
| 30 | 6 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| azfrankp-002-site4.ftempurl.com R11 |
2024-08-11 - 2024-11-09 |
3 months | crt.sh |
| blazor.cdn.telerik.com Amazon RSA 2048 M03 |
2023-11-17 - 2024-12-15 |
a year | crt.sh |
| bootstrapcdn.com WE1 |
2024-09-20 - 2024-12-19 |
3 months | crt.sh |
| use.fontawesome.com WE1 |
2024-09-09 - 2024-12-09 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-09-24 - 2024-12-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://preferred-renovations.net/Authentication/Login?ReturnUrl=%2F
Frame ID: D71AF41F1049D58C0EDC7628B9848C6B
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
Login - Job InformationPage URL History Show full URLs
-
https://preferred-renovations.net/
HTTP 302
https://preferred-renovations.net/Authentication/Login?ReturnUrl=%2F Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Clipboard.js
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- clipboard(?:-([\d.]+))?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
Moment.js
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- moment(?:\.min)?\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://preferred-renovations.net/
HTTP 302
https://preferred-renovations.net/Authentication/Login?ReturnUrl=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
Login
preferred-renovations.net/Authentication/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-main.css
kendo.cdn.telerik.com/themes/6.2.0/bootstrap/ |
1 MB 193 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
kendo.cdn.telerik.com/2023.2.829/js/ |
95 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jszip.min.js
kendo.cdn.telerik.com/2023.2.829/js/ |
80 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kendo.all.min.js
kendo.cdn.telerik.com/2023.2.829/js/ |
4 MB 1 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kendo.aspnetmvc.min.js
kendo.cdn.telerik.com/2023.2.829/js/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kendo-ui-license.js
preferred-renovations.net/js/ |
473 B 422 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ |
138 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
use.fontawesome.com/releases/v5.0.13/css/ |
40 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Rebrand_ThemeBuilder.css
preferred-renovations.net/css/ |
1 MB 187 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Rebrand_Custom.css
preferred-renovations.net/css/ |
2 KB 679 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
SidebarModal.css
preferred-renovations.net/css/ |
2 KB 688 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
NewLogo.png
preferred-renovations.net/images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.bundle.min.js
preferred-renovations.net/lib/bootstrap/dist/js/ |
77 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
site.js
preferred-renovations.net/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kendo.js
preferred-renovations.net/js/ |
23 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Application.js
preferred-renovations.net/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask.js
preferred-renovations.net/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jqurey.serializejson.js
preferred-renovations.net/js/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JqueryUI.js
preferred-renovations.net/js/ |
283 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.cookie.js
preferred-renovations.net/js/ |
2 KB 778 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.min.js
preferred-renovations.net/js/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootbox.js
preferred-renovations.net/js/ |
44 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moment.js
preferred-renovations.net/js/ |
150 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BlockUI.js
preferred-renovations.net/js/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clipboard.js
preferred-renovations.net/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.unobtrusive.min.js
preferred-renovations.net/js/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
310 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
preferred-renovations.net/ |
31 KB 31 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
128 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| JSZip object| kendoall object| kendo object| KendoLicensing object| kendoaspnetmvc function| onBeforeEdit function| healthCheck object| validator object| bootstrap object| jQuery112405748925975423587 function| formatValidationFields function| displayValidationIssuesMessage function| BootboxAlert function| BootboxAlertWithCallback function| BootboxConfirm function| htmlDecode function| htmlEncode function| copyToClipboard function| blockUiGeneral function| blockUiClose function| getToken function| getKendoGrid function| getKendoButton function| getKendoSpreadsheet function| getKendoDropDownTree function| getKendoComboBox function| getKendoMultiColumnComboBox function| getKendoTextBox function| getKendoChart function| getKendoNumericTextBox function| getKendoWindow function| getKendoDropDownList function| getKendoEditor function| getKendoTabStrip function| getKendoMultiSelect function| getNumericTextBox function| getKendoCheckBox function| getKendoDatePicker function| getKendoSwitch function| AddTooltipsToGrid function| RefreshGridData function| openKendoWindow function| openKendoWindowReset function| closeKendoWindow function| applyFilter function| colorText function| resizeDiv function| setResizeDiv function| resizeGrid function| makeNumeric function| setResizeGrid function| resizePdfViewer function| setResizePdfViewer function| ClearFilters function| ClearSelected function| kendoRemoveButtonClass function| SaveGridData function| AddNewGridData function| GridOnChange function| onCancel function| onSave function| onSaveChanges function| onDelete function| onChange function| onDataBound function| deleteRow function| deleteRowSpecial function| deleteRowNoConfirm function| getKendoGridName function| makeRequired function| resetKendoFormItems function| setKendoProgress function| initializeKendoWindow function| addCivilianTimeHoverToKendoTimePicker function| onExportExcel function| onOpenExcludeNotActive function| onOpenEditWindow function| onCloseEditWindow function| getKendoColumnIndex function| LookupListAjax function| disableDropdown function| kendoResizeColumn function| kendoResetColumn function| onCellOpen function| resetColumnhWidth number| GridInTabDiff function| DisplayProgressMessage function| ConfirmSubmit function| ToggleButton function| onGridError function| onTabError function| onGenericError function| blockUIGeneral function| blockUIClose function| blockUIForDownload function| downloadTokenValue function| finishDownload function| SetReadOnly function| clearFilter function| removeFilter function| HideFooter function| ShowFooter function| flagChange function| unflagChange function| formattedDate function| parseJsonDate function| getUrlVars function| onOpenPrintWindow function| onClosePrintWindow function| validationTestForValidDate function| validationTestForValidDateMessage function| onClearFilters function| IsEditable function| uuidv4 function| getGridData number| m string| mp object| bootbox function| moment object| clipboard function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| preferred-renovations.net/ | Name: .AspNetCore.Antiforgery.S36LFVpsgFM Value: CfDJ8Mk-j8eI-s9EjzD0knqnN5eke7FZGa5delVM25we60ERNqCGfjKrVErigCXt0BlwL35c_9NpC6Gt5Ih5G2_0w2D9WyAo3im_UnzgKjltC2iVYJ0g24-v7Z0QrIJC9eK-dQx758xiGitGeKMx3zC5KyM |
|
| .preferred-renovations.net/ | Name: _ga Value: GA1.1.31423480.1728854441 |
|
| .preferred-renovations.net/ | Name: _ga_WVMR51LTGN Value: GS1.1.1728854440.1.0.1728854440.0.0.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kendo.cdn.telerik.com
preferred-renovations.net
stackpath.bootstrapcdn.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
208.98.35.93
2606:4700:3037::ac43:8ef5
2606:4700::6812:bcf
2607:f8b0:400d:c0b::64
2607:f8b0:400d:c0d::61
3.171.139.21
00e14ec3635ab554190c4e93b15a9a13ed25ba8a3a10e58fe9012c0f8a7ad22e
21bf9726f3ef961675566af38744d516bcfc7a5bbed04805946c0b1794621954
2c3d4225a93509b68f1a35cbd67b5f362ae6d149c0e77451b015498fb0d8dc82
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
43be7ad285a0fa67e4930cc900c36c6121eaef9a6a9b5d38267490720c759999
4da20d5a91335f0f531a95248a46ca07f44a56a7e457efeddf64324b8e0af94d
515555801cca6436cd218d22af29cde240088f2d0eae14398e19e14ff118b881
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
5f0352350fe32bf7524fb44be0f91d8944c3a6d4fcaad06c92deb926e2b6b9a4
61e5bb4d7337f637429192c58f56a1aa17cce287c2378d699c8bb13d9caa0434
6bcbad3ece9b1f6994ad9d9d0b106f94f3358589f4a12d0271190028c4ab3801
6dc27f18877818106f4b2115ff49a69c16e3db5c80d81cad17aacf4e248077a7
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79dcf6396703b3fdab38f17c6a9f276b354b8a08dbc185ce934f4fb465798c91
8db9affe7c77edb9c4d09b3b70cff2a9669040960f239508265859e0e2689f93
8ef662b30b87eafd4881372e4cdf11fef9cc65d5cffe493d00a7ed4c85cc6208
a47bbec491cfe2006d3b79afdb9bfd5b020094e11d6dacca177d513c1ad9b36e
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
a9ef1de20ecc5a5d3ebd59d4efb33e6c6b56413f1c05e18a7d04e0f77c033d56
aabb8bce8f674cffa0c568f6e5278a3d224fb57d3791a989ede16985aaaf9e54
bb473aa724f0ead59417c4e976aa8573bde1bc0e9eba0aff97736c1d88487bee
bbdc07f28f90731df78c73ebd16a0abe3425cfd3ee5e84760d6ebfbce5a8914b
be4707ee80f4dc188723a9adf38f1baa36f6ef60ef4f095d65eb11ee7c96eca5
c7c6c07e9983f274029056a5a31b39a1f1fa28e729c61df5982ef93a2a3a2910
cdb57e707e04ab6ec7b61c2bec9ad105b737afcd07b90bb9e9f101c783cb1011
ce699297c70220c7bedd2f500496186499a0c9298fd1e93b9336986c189ae0ef
d1e06e7170b2129dddaf0805b6079e40bdd7b7d473090dd5e9d2cb9490af5d75
e13057342e7e0db8486405aaa51b9d7effe8aa3b6a69c56a46985f81b8549ce4
f37b49f099343dbbc6bf94c87149ee478eea228ddfd7833b3332ea0a018339b3