urlscan.io logo urlscan.io
SecurityTrails logo

www.octoclicks.co.id Open in urlscan Pro
45.60.87.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.cimbclicks.co.id/
Effective URL: https://www.octoclicks.co.id/
Submission: On February 28 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 31 HTTP transactions. The main IP is 45.60.87.24, located in United States and belongs to INCAPSULA, US. The main domain is www.octoclicks.co.id. The Cisco Umbrella rank of the primary domain is 564669.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on January 17th 2023. Valid for: 6 months.
This is the only time www.octoclicks.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 45.60.87.24 19551 (INCAPSULA)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 54.246.217.115 16509 (AMAZON-02)
1 52.31.128.179 16509 (AMAZON-02)
1 13.37.25.97 16509 (AMAZON-02)
1 1 52.208.37.125 16509 (AMAZON-02)
1 54.66.31.110 16509 (AMAZON-02)
31 7
24    45.60.87.24 (United States)

ASN19551 (INCAPSULA, US)
www.cimbclicks.co.id
www.octoclicks.co.id
3    2a02:26f0:3500:2b9::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    54.246.217.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-217-115.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.31.128.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-128-179.eu-west-1.compute.amazonaws.com
cimbniaga.demdex.net
1    13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
cimb.sc.omtrdc.net
1    52.208.37.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-37-125.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    54.66.31.110 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-31-110.ap-southeast-2.compute.amazonaws.com
doc.octoclicks.co.id
Apex Domain
Subdomains		 Transfer
24 octoclicks.co.id
www.octoclicks.co.id — Cisco Umbrella Rank: 564669
doc.octoclicks.co.id
1 MB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 198
cimbniaga.demdex.net — Cisco Umbrella Rank: 924411
5 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 470
62 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1048
517 B
1 omtrdc.net
cimb.sc.omtrdc.net — Cisco Umbrella Rank: 217060
270 B
1 cimbclicks.co.id
www.cimbclicks.co.id
57 B
31 6
Domain Requested by
23 www.octoclicks.co.id www.octoclicks.co.id
3 assets.adobedtm.com www.octoclicks.co.id
assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
www.octoclicks.co.id
1 doc.octoclicks.co.id www.octoclicks.co.id
1 cm.everesttech.net 1 redirects
1 cimb.sc.omtrdc.net assets.adobedtm.com
1 cimbniaga.demdex.net assets.adobedtm.com
1 www.cimbclicks.co.id 1 redirects
31 8

This site contains links to these domains. Also see Links.

Domain
www.cimbniaga.co.id
www.digicert.com
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-01-17 -
2023-07-16		 6 months crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
doc.octoclicks.co.id
DigiCert SHA2 Secure Server CA		 2023-02-07 -
2024-03-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.octoclicks.co.id/
Frame ID: 94A7564C578098398A06494E0A9BACFF
Requests: 36 HTTP requests in this frame

Frame: https://cimbniaga.demdex.net/dest5.html?d_nsid=0
Frame ID: 5155905B12A408F5FDFA53A4254E922F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OCTO Clicks

Page URL History Show full URLs

  1. https://www.cimbclicks.co.id/ HTTP 302
    https://www.octoclicks.co.id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

31
Requests

97 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

5
Countries

1521 kB
Transfer

4045 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.cimbclicks.co.id/ HTTP 302
    https://www.octoclicks.co.id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cm.everesttech.net/cm/dd?d_uuid=20959718988786729733084800933758383918 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-3utQAAACE83QNe

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.octoclicks.co.id/
Redirect Chain
  • https://www.cimbclicks.co.id/
  • https://www.octoclicks.co.id/
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
3ca2ff531d352fc239abcee668c96b93af47e37b65d6b0b828df8ca4783dbfa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-type
text/html
date
Tue, 28 Feb 2023 12:08:19 GMT
etag
"639ca4cb-e33"
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-iinfo
14-48155418-47401837 pNYN RT(1677586097848 479) q(0 0 0 0) r(3 3) U12
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
https://www.octoclicks.co.id
strict-transport-security
max-age=31536000
Rety-was-ioy-For-left-bed-poore-not-blooken-succ
www.octoclicks.co.id/ 		191 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/Rety-was-ioy-For-left-bed-poore-not-blooken-succ
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
e3cd56a62955e402e937d8658eb07edf003942f0be12c647f2c1efa3e5d0b675
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
14-48155418-48155517 NNNN CT(6 9 0) RT(1677586097848 808) q(0 0 0 -1) r(0 0) U2
cache-control
private, max-age=60
server-timing
bon, total;dur=8.021194000000001
content-length
63322
UUID.js
www.octoclicks.co.id/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/UUID.js
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d3067493d550c5c19149107a59d7724a1fd3f4caaeed0aa47bdb3ce95bf383e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:06 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4ca-1c41"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
14-48155418-48155186 2NYN RT(1677586097848 813) q(0 0 0 -1) r(11 11) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
launch-3b2e76424d5d.min.js
assets.adobedtm.com/1a383fb0653a/a78f81516466/ 		174 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/1a383fb0653a/a78f81516466/launch-3b2e76424d5d.min.js
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b9::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b503ef7094d9d3490a54614ec932a65a90d6fdbc44bd6847be015d3bc0f67da0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
content-encoding
gzip
last-modified
Fri, 02 Dec 2022 04:02:50 GMT
server
AkamaiNetStorage
etag
"a633baeafb2fa0c318c54fa45a89871f:1669953770.24137"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.octoclicks.co.id
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
48571
expires
Tue, 28 Feb 2023 13:08:20 GMT
9.fcf2c34a.chunk.css
www.octoclicks.co.id/login/static/css/ 		546 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/login/static/css/9.fcf2c34a.chunk.css
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2d0797a0d2c85cfb1bbe2ca2e399e5a86f2322d32b4555adb8236617d670b191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-886ea"
x-frame-options
SAMEORIGIN
content-type
text/css
x-iinfo
14-48155418-48153836 2NYN RT(1677586097848 810) q(0 0 0 -1) r(11 11) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
9.a070fb4a.chunk.js
www.octoclicks.co.id/login/static/js/ 		1 MB
471 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/login/static/js/9.a070fb4a.chunk.js
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
babcd199bbd07187aaaecb358f73d996c025a02caf20f1e3bd8ba90f0eaa197d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-179d75"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
14-48155418-48153809 2NYN RT(1677586097848 816) q(0 0 0 -1) r(11 11) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
main.b60ed553.chunk.js
www.octoclicks.co.id/login/static/js/ 		585 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/login/static/js/main.b60ed553.chunk.js
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d256d7bff98be1ca7783a4c759f493a7f07cd7f6471f9f1b64b90ab5c05da5ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-92318"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
14-48155418-48147818 2NYN RT(1677586097848 819) q(0 0 0 -1) r(11 11) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
_Incapsula_Resource
www.octoclicks.co.id/ 		139 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=161265869
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6b9f52b3490d2f9823b14a3c7da8dd3bf1922720ed805c38c9597715dd543b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
19863
content-type
application/javascript
crypto.js
www.octoclicks.co.id/ 		103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/crypto.js
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/UUID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
93914f6bb0d8ea7be3792c190549f4aed681cce41730634fb7543ee1b64dd4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-19d9f"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-iinfo
14-48155418-48149130 2NYN RT(1677586097848 1919) q(0 0 0 -1) r(11 11) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BCBD49B557E9AA377F000101%40AdobeOrg&d_nsid=0&ts=1677586100683
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a383fb0653a/a78f81516466/launch-3b2e76424d5d.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.217.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-217-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0d1633b373af60a29d2130d6624d035de6cfaf62751d09d75c9708ce94b2d820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.octoclicks.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v046-04e0e9a66.edge-irl1.demdex.com 17 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
mgmlckB5TDg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.octoclicks.co.id
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
310
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a383fb0653a/a78f81516466/launch-3b2e76424d5d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b9::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.octoclicks.co.id
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Tue, 28 Feb 2023 13:08:20 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a383fb0653a/a78f81516466/launch-3b2e76424d5d.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:2b9::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:20 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.octoclicks.co.id
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1597
expires
Tue, 28 Feb 2023 13:08:20 GMT
dest5.html
cimbniaga.demdex.net/ Frame 5155 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cimbniaga.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a383fb0653a/a78f81516466/launch-3b2e76424d5d.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.128.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-128-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.octoclicks.co.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v046-08026f3a6.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
l0oMCil6Qq4=
content-encoding
gzip
date
Tue, 28 Feb 2023 12:08:22 GMT
last-modified
Wed, 8 Feb 2023 11:26:58 GMT
vary
accept-encoding
id
cimb.sc.omtrdc.net/ 		2 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cimb.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=BCBD49B557E9AA377F000101%40AdobeOrg&mid=21430294985018190573054734351390023122&ts=1677586101774
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a383fb0653a/a78f81516466/launch-3b2e76424d5d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-25-97.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.octoclicks.co.id/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Feb 2023 12:08:22 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.octoclicks.co.id
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y-3utQAAACE83QNe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=20959718988786729733084800933758383918
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-3utQAAACE83QNe
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-3utQAAACE83QNe
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/
Protocol
HTTP/1.1
Server
54.246.217.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-217-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0d6a26255.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ASFczUOhTOQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y-3utQAAACE83QNe
Date
Tue, 28 Feb 2023 12:08:21 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
OpenSansRegular.90327f5a.woff
www.octoclicks.co.id/login/static/media/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/login/static/media/OpenSansRegular.90327f5a.woff
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
fe640f52967c9e03a524ce5e21369203dca41289d748d9f36d93c911cd517eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.octoclicks.co.id/login/
Origin
https://www.octoclicks.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-10798"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-iinfo
14-48155418-48153836 2NYN RT(1677586097848 13447) q(0 1 1 -1) r(6 6) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
OpenSansBold.05d1a99a.woff
www.octoclicks.co.id/login/static/media/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/login/static/media/OpenSansBold.05d1a99a.woff
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d887ffaa65b934c37c3e3f5f1e4c8179b6aa7aad889990fa60185290e8b095ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.octoclicks.co.id/login/
Origin
https://www.octoclicks.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-111f0"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-iinfo
14-48155418-48157571 2NYN RT(1677586097848 13451) q(0 1 1 -1) r(3 3) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
OpenSansSemibold.4c7b8237.woff
www.octoclicks.co.id/login/static/media/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/login/static/media/OpenSansSemibold.4c7b8237.woff
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
7dd1d222926ec0980ec0cf2c2de61cf584205a97baddfabd7f76e27f38664b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.octoclicks.co.id/login/
Origin
https://www.octoclicks.co.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-110dc"
x-frame-options
SAMEORIGIN
content-type
application/font-woff
x-iinfo
14-48155418-48155181 2NYN RT(1677586097848 13454) q(0 0 0 -1) r(2 2) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4dc4a2e6f1b971a595da82c5302a270637047844c66e0a91c20d268d95085a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
CWU%20White.png
www.octoclicks.co.id/assets/octo_clicks/general/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/octo_clicks/general/CWU%20White.png
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
10686efd6cf63a6d8e702ec30982a002295e4753134c7b609961f6eb6bae47a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:31 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 20 Jul 2020 08:08:31 GMT
x-cdn
Imperva
etag
"abcfd7f9f53f4c9a58a86e860a9af6d9-1"
content-type
image/png
x-iinfo
14-48155418-48153809 2CNN RT(1677586097848 13471) q(0 0 0 -1) r(0 0)
cache-control
max-age=3020, public
content-length
7927
expires
Tue, 28 Feb 2023 12:58:51 GMT
truncated
/ 		300 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e65c78d8ecfd943fa519481359ec020085ba5a60a593762e5791389853a9fdfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		654 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8d0f0517549b64a6d84b417ba80e9bb4a8d32430f86ebd3db000bff279a78c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
octo_clicks_receipt.svg
www.octoclicks.co.id/assets/octo_clicks/general/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/octo_clicks/general/octo_clicks_receipt.svg
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
MinIO/RELEASE.2019-12-19T22-52-26Z /
Resource Hash
5414b74f74a9b9260d6560929a9bb381cf3d1ae6e8cbf8f39bdd0d100e20aef7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
block-all-mixed-content
date
Tue, 28 Feb 2023 12:08:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 08 Jun 2020 09:00:34 GMT
server
MinIO/RELEASE.2019-12-19T22-52-26Z
x-cdn
Imperva
x-amz-request-id
1747FBAE473F234D
etag
"e9bab5109382353d96e55aecd0c7a7d0-1"
vary
Origin
content-type
image/svg+xml
x-iinfo
14-48155418-47401837 pNYN RT(1677586097848 13473) q(0 0 0 -1) r(3 3) U2
cache-control
private
accept-ranges
bytes
x-xss-protection
1; mode=block
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4fa63aba5bfe3074c1a594eddbf23ffba8f2033818f2842353253e544f39c12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		919 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcc1522ee03417a512376fa57445e990b7aa3ec8cafb567f00cab3d2b60cf2dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1001 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14875e6c47554a1a07e98edb31bd77f53b4a121f72657d462da68f5e23bc91f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
digicert.91ab8d9d.svg
www.octoclicks.co.id/login/static/media/ 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/login/static/media/digicert.91ab8d9d.svg
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
9e4158c297ef2d96f73e81d1f41295ba477076d9f732c8e4bda15e6a677879bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2022 17:03:07 GMT
server
nginx
x-cdn
Imperva
content-encoding
gzip
etag
"639ca4cb-4022"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
x-iinfo
14-48155418-48157802 nNYN RT(1677586097848 13474) q(0 0 5 -1) r(8 8) U2
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
getlandingpageconfig
www.octoclicks.co.id/api/usersettings/v1/non/ 		789 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/api/usersettings/v1/non/getlandingpageconfig
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/static/js/9.a070fb4a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b4b8c73ee791226fd9c7b1d7726d0f4b36e55df79450b752df3102cbdbfd1610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.octoclicks.co.id/login/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
x-frame-options
DENY
content-type
application/json;charset=UTF-8
x-iinfo
14-48155418-48157806 nNYN RT(1677586097848 13475) q(0 0 5 -1) r(8 8) U6
cache-control
no-cache, no-store, max-age=0, must-revalidate
access_token
null
x-xss-protection
1; mode=block
expires
0
loginbanner
www.octoclicks.co.id/api/usersettings/v1/non/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/api/usersettings/v1/non/loginbanner
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/static/js/9.a070fb4a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
621cd30b845476f69059bb4847e161f8f6440d22f3a3677a58dc5fd915a2f269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.octoclicks.co.id/login/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
x-cdn
Imperva
x-frame-options
DENY
content-type
application/json;charset=UTF-8
x-iinfo
14-48155418-47401837 pNYN RT(1677586097848 13477) q(0 3 3 -1) r(6 6) U6
cache-control
no-cache, no-store, max-age=0, must-revalidate
access_token
null
x-xss-protection
1; mode=block
expires
0
cake.js
doc.octoclicks.co.id/1125286/ 		68 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doc.octoclicks.co.id/1125286/cake.js?r=0.9494000493762931
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/static/js/main.b60ed553.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.31.110 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-31-110.ap-southeast-2.compute.amazonaws.com
Software
haile /
Resource Hash
a6281dafe9f357a71aca072afb9ec8953c566d1705f2972eec43ee13646f6b5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Feb 2023 12:08:33 GMT
strict-transport-security
max-age=86400
content-encoding
gzip
server
haile
vary
Origin
access-control-allow-methods
GET, OPTIONS
content-type
application/x-javascript
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pics-label
(PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
_Incapsula_Resource
www.octoclicks.co.id/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/_Incapsula_Resource?SWKMTFSR=1&e=0.6231132478397128
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
Rety-was-ioy-For-left-bed-poore-not-blooken-succ
www.octoclicks.co.id/ 		760 B
922 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.octoclicks.co.id/Rety-was-ioy-For-left-bed-poore-not-blooken-succ?d=www.octoclicks.co.id
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/Rety-was-ioy-For-left-bed-poore-not-blooken-succ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
da39b24496d87cfeede9ba348e005e52f6b5356607516622ef5e2ee8799fc9b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json; charset=utf-8
Referer
https://www.octoclicks.co.id/login/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
14-48155418-48155517 PNYN RT(1677586097848 13760) q(0 3 3 -1) r(3 3) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=8.373021
Pasti-Cuan-IFrame-OC-.jpeg
www.octoclicks.co.id/assets/img/login_banner/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/img/login_banner/Pasti-Cuan-IFrame-OC-.jpeg
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
beec814e816ff7d16666ac4a9d60bf017300c3acf9b7a31919219d40c10ea978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 25 Feb 2023 16:52:44 GMT
x-cdn
Imperva
etag
"9b246930b6c8d0150fbfdaffa536227f-1"
content-type
image/jpeg
x-iinfo
14-48155418-48155566 2cNN RT(1677586097848 14158) q(0 0 0 -1) r(0 0)
cache-control
max-age=1, public
content-length
111287
expires
Tue, 28 Feb 2023 12:08:33 GMT
iframe-OC_1366x708_hemat-maudy_13.png
www.octoclicks.co.id/assets/img/login_banner/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/img/login_banner/iframe-OC_1366x708_hemat-maudy_13.png
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a58a7194624ae094eb6fb14d847d421d5fe788b986b277e0e5963f04b3e6bdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 05 Feb 2023 16:32:56 GMT
x-cdn
Imperva
etag
"8cf43f973e247da88137fb7269dbfa8a-1"
content-type
image/jpeg
x-iinfo
14-48155418-48149130 2CNN RT(1677586097848 14171) q(0 0 0 -1) r(0 0)
cache-control
max-age=26467, public
content-length
146090
expires
Tue, 28 Feb 2023 19:29:39 GMT
iframe-OC_1366x708_edukasi-bayar-tagihan.jpg
www.octoclicks.co.id/assets/img/login_banner/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/img/login_banner/iframe-OC_1366x708_edukasi-bayar-tagihan.jpg
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e620f6878ff1c7cb9ccd61e8d8c9bb620d570135858de93d6f13004843ab2fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 10 Feb 2023 04:54:46 GMT
x-cdn
Imperva
etag
"fd4becd0177143a54045f180eceba378-1"
content-type
image/jpeg
x-iinfo
14-48155418-48149130 2CNN RT(1677586097848 14163) q(0 0 0 -1) r(0 0)
cache-control
max-age=24146, public
content-length
40606
expires
Tue, 28 Feb 2023 18:50:58 GMT
iframe-OC_UPC-Feb23-ID6.jpg
www.octoclicks.co.id/assets/img/login_banner/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/img/login_banner/iframe-OC_UPC-Feb23-ID6.jpg
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
576e3514df2b2fe46fd830348ca80f22464c095e15817128fa8c18dbf28e5235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 25 Feb 2023 16:52:59 GMT
x-cdn
Imperva
etag
"ad514f24ad0c316ed54b4f0555f27ac4-1"
content-type
image/jpeg
x-iinfo
14-48155418-48149130 2cNN RT(1677586097848 14172) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1, public
content-length
105384
expires
Tue, 28 Feb 2023 12:08:33 GMT
iframe-OC_1366x708_edukasi-deposito.jpg
www.octoclicks.co.id/assets/img/login_banner/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.octoclicks.co.id/assets/img/login_banner/iframe-OC_1366x708_edukasi-deposito.jpg
Requested by
Host: www.octoclicks.co.id
URL: https://www.octoclicks.co.id/login/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.24 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f09ec0b091bc238bdcac56f9f9aafec9094c0734f803f501adee58de0a051429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.octoclicks.co.id/login/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 12:08:32 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 05 Feb 2023 16:33:09 GMT
x-cdn
Imperva
etag
"a3df472eef40f46628571c518c5199eb-1"
content-type
image/jpeg
x-iinfo
14-48155418-48153809 2CNN RT(1677586097848 14168) q(0 0 0 -1) r(0 0)
cache-control
max-age=26467, public
content-length
26776
expires
Tue, 28 Feb 2023 19:29:39 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| a0_0x39ff function| a0_0x2153 object| reese84 function| reese84interrogator function| initializeProtection function| protectionSubmitCaptcha object| imported function| generateUUID function| getUserIP function| sha256 function| getCookie function| AESDecryption function| getcsid function| promolib object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| _0x9986 object| CryptoJS object| webpackJsonpclicks function| clearImmediate function| setImmediate object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ string| url number| count number| count2 object| arrsuccess object| success string| ref function| live object| ___sc1125286 object| ___so1125286

14 Cookies

Domain/Path Name / Value
www.octoclicks.co.id/ Name: 04fccebbcde61d58aa22caa6523271a4
Value: 4388a6044b4748028381ccf92b98248a
.octoclicks.co.id/ Name: nlbi_2320799
Value: iiQ7TlXzq1y+mvNSTzvd+AAAAACsgADHvT/KWTulv2sOJ+FG
.octoclicks.co.id/ Name: visid_incap_2320799
Value: Oj7iCsdPRhK+9zxR5IgZSrLu/WMAAAAAQUIPAAAAAACguhejnxaYE6UR8nP+oiHQ
.octoclicks.co.id/ Name: incap_ses_393_2320799
Value: 77rICm7qrUAJkkc8Mzh0BbLu/WMAAAAANZicZUsVP+BPOYpRZWuZiw==
www.octoclicks.co.id/ Name: e6b9236c98ab30fbe4da4240633e2e88
Value: a30c1b4d5a9650d0dcb5d4a4d4a90aeb
.demdex.net/ Name: demdex
Value: 20959718988786729733084800933758383918
.octoclicks.co.id/ Name: AMCVS_BCBD49B557E9AA377F000101%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-3utQAAACE83QNe
.dpm.demdex.net/ Name: dpm
Value: 20959718988786729733084800933758383918
.octoclicks.co.id/ Name: AMCV_BCBD49B557E9AA377F000101%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19417%7CMCMID%7C21430294985018190573054734351390023122%7CMCAAMLH-1678190901%7C6%7CMCAAMB-1678190901%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1677593302s%7CNONE%7CMCSYNCSOP%7C411-19424%7CMCAID%7CNONE%7CvVersion%7C5.4.0
www.octoclicks.co.id/ Name: a31e2ae0c24ba92faf5f8c64e5ca44a3
Value: cbee58228aa2a4bed87e0d8632c47c9a
.octoclicks.co.id/ Name: nlbi_2320799_2147483392
Value: QG1QPfei0TQSujByTzvd+AAAAAB9Zlh8MJzr2P7Jfdp8PD9+
.www.octoclicks.co.id/ Name: reese84
Value: 3:+nQ5YHawpUy6+tfi8BGBKw==:RhT5wkXO+oCbxw6DrcEJKfLRR7zXs6wiXoBxM04yhXOfWXOddFJyoWUvy2r45Rakwnx/ZusnFxHlt1FfQRarINbPhD+3YiYgD1cxEWqrDJnn+adO/wKZDU+UW9EFDVgH9l4QEHU/PVXyiYD4bA+BKxTSlQ7KOowyh3JajWnibu/+bi4gjDa5NYK2trUXZ4Y65/rgMvmWJQSaW3TC+o3dP98U/61gWLLuZy0hF/gQYWjMsQQuI292+M1su5oNQfQY2GCKR7NvWRBSzKV8W4NUpV9ArSecpvFBBFcvyYdMAyGvRpCf6xHxo+rY1LtTW5pVzbKpkOuTsGHLoKpjC7vNEgX7Y3YdxrWBsBUGtJsp0cJLgDVec7dETnfOeq6CkZA+lcZj2FzdmXZq6iHanjWJIz8CmXIjEkZ5dSS35KaRiCN8CkENM0Y7Sy5uABPBbNiy8OXz1/t3ThCB1rmDX8rJpU/Jwje0Mw1RbseJ5n+S7qZEGFCTVGbRLoD8cvURjz6CH93AxVaJjD2CxiietqIuMRI8dU63hlPsY4CywAOsRmU/ONXtVgLJ4P8t+T9Yqd5fgDEIw3Cgu63DE+L6KtIET7teTUgrFybCNtPvs46NEZg=:Qm2w79C3LaaQIk4DWiTWiQo0QqzDSWB9c47EOr2GEvU=
www.octoclicks.co.id/ Name: d0bd583700c925b901c9af4fd2f63d53
Value: 58eeffa59d1b67143f4efec9d60df987

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cimb.sc.omtrdc.net
cimbniaga.demdex.net
cm.everesttech.net
doc.octoclicks.co.id
dpm.demdex.net
www.cimbclicks.co.id
www.octoclicks.co.id
13.37.25.97
2a02:26f0:3500:2b9::1e80
45.60.87.24
52.208.37.125
52.31.128.179
54.246.217.115
54.66.31.110
0d1633b373af60a29d2130d6624d035de6cfaf62751d09d75c9708ce94b2d820
10686efd6cf63a6d8e702ec30982a002295e4753134c7b609961f6eb6bae47a5
14875e6c47554a1a07e98edb31bd77f53b4a121f72657d462da68f5e23bc91f5
2d0797a0d2c85cfb1bbe2ca2e399e5a86f2322d32b4555adb8236617d670b191
3ca2ff531d352fc239abcee668c96b93af47e37b65d6b0b828df8ca4783dbfa3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
5414b74f74a9b9260d6560929a9bb381cf3d1ae6e8cbf8f39bdd0d100e20aef7
576e3514df2b2fe46fd830348ca80f22464c095e15817128fa8c18dbf28e5235
621cd30b845476f69059bb4847e161f8f6440d22f3a3677a58dc5fd915a2f269
6b9f52b3490d2f9823b14a3c7da8dd3bf1922720ed805c38c9597715dd543b21
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dd1d222926ec0980ec0cf2c2de61cf584205a97baddfabd7f76e27f38664b0c
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93914f6bb0d8ea7be3792c190549f4aed681cce41730634fb7543ee1b64dd4da
9e4158c297ef2d96f73e81d1f41295ba477076d9f732c8e4bda15e6a677879bc
a58a7194624ae094eb6fb14d847d421d5fe788b986b277e0e5963f04b3e6bdaf
a6281dafe9f357a71aca072afb9ec8953c566d1705f2972eec43ee13646f6b5a
b4b8c73ee791226fd9c7b1d7726d0f4b36e55df79450b752df3102cbdbfd1610
b4dc4a2e6f1b971a595da82c5302a270637047844c66e0a91c20d268d95085a0
b503ef7094d9d3490a54614ec932a65a90d6fdbc44bd6847be015d3bc0f67da0
babcd199bbd07187aaaecb358f73d996c025a02caf20f1e3bd8ba90f0eaa197d
beec814e816ff7d16666ac4a9d60bf017300c3acf9b7a31919219d40c10ea978
c8d0f0517549b64a6d84b417ba80e9bb4a8d32430f86ebd3db000bff279a78c3
d256d7bff98be1ca7783a4c759f493a7f07cd7f6471f9f1b64b90ab5c05da5ed
d3067493d550c5c19149107a59d7724a1fd3f4caaeed0aa47bdb3ce95bf383e5
d887ffaa65b934c37c3e3f5f1e4c8179b6aa7aad889990fa60185290e8b095ef
da39b24496d87cfeede9ba348e005e52f6b5356607516622ef5e2ee8799fc9b0
dcc1522ee03417a512376fa57445e990b7aa3ec8cafb567f00cab3d2b60cf2dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cd56a62955e402e937d8658eb07edf003942f0be12c647f2c1efa3e5d0b675
e4fa63aba5bfe3074c1a594eddbf23ffba8f2033818f2842353253e544f39c12
e620f6878ff1c7cb9ccd61e8d8c9bb620d570135858de93d6f13004843ab2fae
e65c78d8ecfd943fa519481359ec020085ba5a60a593762e5791389853a9fdfb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09ec0b091bc238bdcac56f9f9aafec9094c0734f803f501adee58de0a051429
fe640f52967c9e03a524ce5e21369203dca41289d748d9f36d93c911cd517eaf