preauth.io
Open in
urlscan Pro
13.32.121.42
Public Scan
Submission: On September 06 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Amazon on October 5th 2020. Valid for: a year.
This is the only time preauth.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 13.32.121.42 13.32.121.42 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700:303... 2606:4700:3037::6815:8fa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2606:4700::68... 2606:4700::6810:7baf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 54.165.167.42 54.165.167.42 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2600:9000:215... 2600:9000:2156:1a00:2:c605:29c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
4 | 2606:4700::68... 2606:4700::6812:1b47 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:215... 2600:9000:2156:5800:2:49a2:4500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2600:9000:215... 2600:9000:2156:ae00:4:f6ce:61c0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.85.240.134 52.85.240.134 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 54.200.228.33 54.200.228.33 | 16509 (AMAZON-02) (AMAZON-02) | |
36 | 12 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-42.fra60.r.cloudfront.net
preauth.io |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-167-42.compute-1.amazonaws.com
instacash.pe |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
assets8.lottiefiles.com |
ASN16509 (AMAZON-02, US)
renderer-assets.typeform.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-240-134.arn1.r.cloudfront.net
cdn.segment.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-228-33.us-west-2.compute.amazonaws.com
api.segment.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
preauth.io
preauth.io |
184 KB |
9 |
segment.io
api.segment.io |
1 KB |
9 |
typeform.com
embed.typeform.com form.typeform.com renderer-assets.typeform.com |
385 KB |
2 |
unpkg.com
1 redirects
unpkg.com |
104 KB |
2 |
rsms.me
rsms.me |
224 KB |
1 |
segment.com
cdn.segment.com |
54 KB |
1 |
lottiefiles.com
assets8.lottiefiles.com |
18 KB |
1 |
google-analytics.com
www.google-analytics.com |
70 B |
1 |
instacash.pe
instacash.pe |
5 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
51 KB |
36 | 10 |
Domain | Requested by | |
---|---|---|
10 | preauth.io |
preauth.io
|
9 | api.segment.io |
cdn.segment.com
|
4 | form.typeform.com |
embed.typeform.com
form.typeform.com renderer-assets.typeform.com |
3 | renderer-assets.typeform.com |
form.typeform.com
renderer-assets.typeform.com |
2 | embed.typeform.com |
preauth.io
embed.typeform.com |
2 | unpkg.com |
1 redirects
preauth.io
|
2 | rsms.me |
preauth.io
rsms.me |
1 | cdn.segment.com |
renderer-assets.typeform.com
|
1 | assets8.lottiefiles.com |
unpkg.com
|
1 | www.google-analytics.com |
www.googletagmanager.com
|
1 | instacash.pe |
preauth.io
|
1 | www.googletagmanager.com |
preauth.io
|
36 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.getonbrd.com |
instacash.pe |
www.linkedin.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
preauth.io Amazon |
2020-10-05 - 2021-11-04 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-08 - 2022-07-07 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
instacash.pe Amazon |
2021-09-06 - 2022-10-05 |
a year | crt.sh |
*.typeform.com Amazon |
2020-11-30 - 2021-12-29 |
a year | crt.sh |
typeform.com Cloudflare Inc ECC CA-3 |
2020-10-28 - 2021-10-27 |
a year | crt.sh |
*.lottiefiles.com Amazon |
2020-11-25 - 2021-12-24 |
a year | crt.sh |
*.segment.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-19 - 2022-08-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://preauth.io/
Frame ID: B35BD40B178C9F40C28421D3775E00FE
Requests: 19 HTTP requests in this frame
Frame:
https://form.typeform.com/to/oRFi0ZxM?typeform-embed-id=7694943467460194&typeform-embed=embed-widget&typeform-source=preauth.io&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true&embed-hide-headers=true
Frame ID: A1D93763A20E13B2C819E9A0E100575B
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Preauth | Credit Card's Preauthorization as a ServiceDetected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: We're hiring Visit our careers page
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://unpkg.com/@dotlottie/player-component@latest/dist/dotlottie-player.js HTTP 302
- https://unpkg.com/@dotlottie/player-component@1.0.4/dist/dotlottie-player.js
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
preauth.io/ |
34 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inter.css
rsms.me/inter/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
129 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
preauth.io/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preauth.png
preauth.io/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dotlottie-player.js
unpkg.com/@dotlottie/player-component@1.0.4/dist/ Redirect Chain
|
386 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
instacash.pe/images/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed.js
embed.typeform.com/next/ |
36 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
luis-chau.webp
preauth.io/img/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
juanjo-rocarey.webp
preauth.io/img/ |
21 KB 22 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sebas-burgos.webp
preauth.io/img/ |
13 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fio-quispe.webp
preauth.io/img/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
diego-michelena.webp
preauth.io/img/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carlos-amoros.webp
preauth.io/img/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pepe-quichiz.webp
preauth.io/img/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 70 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Inter-roman.var.woff2
rsms.me/inter/font-files/ |
222 KB 223 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.css
embed.typeform.com/next/css/ |
806 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oRFi0ZxM
form.typeform.com/to/ Frame A1D9 |
126 KB 44 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dlf10_dz8hjhlh.lottie
assets8.lottiefiles.com/dotlotties/ |
18 KB 18 KB |
XHR
application/zip |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
form.typeform.com/cdn-cgi/bm/cv/669835187/ Frame A1D9 |
35 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modern-renderer.1cb52ebf3dea63bfd8db.js
renderer-assets.typeform.com/ Frame A1D9 |
456 KB 137 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modern-vendors~form.f98ca7e08e358ec3681f.js
renderer-assets.typeform.com/ Frame A1D9 |
452 KB 131 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modern-form.83220ac83416ac4062d2.js
renderer-assets.typeform.com/ Frame A1D9 |
191 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/9at6spGDYXelHDdz4r0cP73b3wV1f0ri/ Frame A1D9 |
349 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
view-form-open
form.typeform.com/forms/oRFi0ZxM/insights/events/ Frame A1D9 |
2 B 187 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
result
form.typeform.com/cdn-cgi/bm/cv/ Frame A1D9 |
0 315 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
api.segment.io/v1/ Frame A1D9 |
21 B 143 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
i
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ Frame A1D9 |
21 B 142 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| tf function| onYouTubeIframeAPIReady object| dotlottie-player object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.typeform.com/ | Name: __cf_bm Value: tdB93bZa11D1OozU7sOP7BOzKiPhqlzux23uZc_MFx0-1630920479-0-AeqHeEo0KseTebPSzwaCN+oGVfLFaDov25WGTLWtSrNc3ZPteUpmfnvR7BOgYoGqgM1Ltb0BZ5ho18nevRlS4qfXA7laFzFmcgJDLYadBR3cApmcjXW/ouE6qTncAczhQn2YNRrlwcohb83n4CZSDZpOx79rYeZbzuyLKg/xStt3oRD0i30+hlds1P20YYpUcg== |
|
.typeform.com/ | Name: attribution_user_id Value: e68450f5-0028-480c-a0cc-a6c506241bf5 |
|
.preauth.io/ | Name: _ga Value: GA1.1.1009895979.1630920478 |
|
.preauth.io/ | Name: _ga_1YDFSDRX8G Value: GS1.1.1630920478.1.0.1630920478.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.segment.io
assets8.lottiefiles.com
cdn.segment.com
embed.typeform.com
form.typeform.com
instacash.pe
preauth.io
renderer-assets.typeform.com
rsms.me
unpkg.com
www.google-analytics.com
www.googletagmanager.com
13.32.121.42
2600:9000:2156:1a00:2:c605:29c0:93a1
2600:9000:2156:5800:2:49a2:4500:93a1
2600:9000:2156:ae00:4:f6ce:61c0:93a1
2606:4700:3037::6815:8fa
2606:4700::6810:7baf
2606:4700::6812:1b47
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::200e
52.85.240.134
54.165.167.42
54.200.228.33
07430bb9a4f6860f89cef8010b3035b16e3d90a64ed2045b94d2bc214d69a4bb
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
11d75268478f3ef63debca1ec848a289244d413b7e62b84722b8ba6faa40e497
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
12ffe035edc26a8ab05ee4fd6b6338b46de88382d7fddeef0f9147f54ba3bf75
13efbdf663f708cf650dcc223bd5b7c1d42f99c996155057b89edca966c8f008
154166eab3e7acbb015e54fd9a3781c6ded7ff086eb38658b47db8cd08245b22
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
34a7e7ab71cc3e0ad8ca9f89a73c1d75189c2f2ea4ad3ef2dc82175049669d3c
3640e783552ac10a0d5ee695386472f4744a099439d060c5a9770ff2a90737fb
3c43688c05cce1c5c4d36c392e4df0d27415d0a1e43ada0d5b666c89a7f3c1c9
3f8c22aeb94863184836c92494486b8b9f0d1c4ceaef01304cdc8cd136936898
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5ffe1a2f500bf2efd86a7d8913d5b4a7ccda17ce415b3136be0683464302b75c
79a5b3c96abbf10993f5e84339903709407c8a43e7b4d6c712e5f1267ce5987a
79df8c78e89fb75296fa5c9bcce1d72dd08245553dbb4a31488909e9565fadbe
816bfb0ee170358effb5c00a1c77ea420b4a09c1a8ebfaf4cf6809f07f047667
a1b41b0c70ae30a3e363bca04170879e75e7574783956d7f2396d2af3eef4984
a1e36dc11173ac3448504679bf47616ece699902eab6f0f9ec8be93f573020dd
b1dcad1a5265e54d617ace786cf0e90de1baada36787ce9190156cbd3ce563cd
b6024f8d368aff1ba729a649b8e2b7ad82d98973940085729bab0b9ae5d82645
c54d1b256cba2987bab8cf732b9cceea538a10e3995a11e7fa441838f2f03ce1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c08b92ccd8798ff5549a441f30ed758199114834f032c5006b7864321077e4
ee00bb3d1cedfd6e85fd062375ce9a2b76845a6eb45a7fabd9c19063e714baef
effd7ce6ed5f47c331ed9333eb10d6ad78f496277f95dabb0d7dcba847d34a97
f196e9e5c0931bfc1c31328526014f28aa2d928bb36d4e12812ee0b3a6862bd2