urlscan.io logo urlscan.io
SecurityTrails logo

portal.octane.co Open in urlscan Pro
18.66.122.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://portal.octane.co/
Effective URL: https://portal.octane.co/
Submission: On June 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 18.66.122.52, located in United States and belongs to AMAZON-02, US. The main domain is portal.octane.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 11th 2023. Valid for: a year.
This is the only time portal.octane.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 18.66.122.52 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.18 16509 (AMAZON-02)
2 18.66.147.5 16509 (AMAZON-02)
3 44.211.195.229 14618 (AMAZON-AES)
19 8
6    18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net
portal.octane.co
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net
widget.intercom.io
2    18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net
js.intercomcdn.com
3    44.211.195.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-195-229.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
6 octane.co
portal.octane.co
781 KB
4 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2415
api-iam.intercom.io — Cisco Umbrella Rank: 2403
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 1866
21 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2911
209 KB
2 gstatic.com
fonts.gstatic.com
45 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
131 KB
19 6
Domain Requested by
6 portal.octane.co portal.octane.co
3 api-iam.intercom.io js.intercomcdn.com
2 js.intercomcdn.com widget.intercom.io
2 fonts.gstatic.com portal.octane.co
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com portal.octane.co
www.googletagmanager.com
1 widget.intercom.io portal.octane.co
1 region1.google-analytics.com www.googletagmanager.com
19 8

This site contains links to these domains. Also see Links.

Domain
www.roadrunnerfinancial.com
octane.co
Subject Issuer Validity Valid
*.octane.co
Amazon RSA 2048 M02		 2023-05-11 -
2024-06-08		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://portal.octane.co/
Frame ID: 7733C504D21C178E82EB8338E1E35B2E
Requests: 14 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.259a7c5f.js
Frame ID: 365F2E6B00B1BBC460ABFD434A54DDD5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Servicing Portal

Page URL History Show full URLs

  1. http://portal.octane.co/ HTTP 307
    https://portal.octane.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1198 kB
Transfer

5199 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://portal.octane.co/ HTTP 307
    https://portal.octane.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.octane.co/
Redirect Chain
  • http://portal.octane.co/
  • https://portal.octane.co/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.octane.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4569cc54453837154a8b91c71a9fb1e31a247b51631109f2118ebf6aaf76ef01
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69021
content-encoding
gzip
content-type
text/html
date
Sun, 04 Jun 2023 15:32:45 GMT
etag
W/"ccd08fcbbe4db35cf78ffc702e4a3727"
last-modified
Wed, 24 May 2023 18:12:49 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-id
R0hGfcOvjd0p6Z9F8ru4l_SngepnHKjl17BynMqF9eErasdbwoEoxg==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
BjLABQMT15xo2dfM24bB0.QUQf5BhMeu
x-cache
Hit from cloudfront
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://portal.octane.co/
Non-Authoritative-Reason
HSTS
gtm.js
www.googletagmanager.com/ 		136 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KKS2VXH
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c72352f377dd2e1a517f195e80d7277cf3cffbb0a7c3d50da6adb06038ec16a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 10:43:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52405
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Jun 2023 10:43:05 GMT
main.f444957937822cc39498.bundle.js
portal.octane.co/js/ 		4 MB
749 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.octane.co/js/main.f444957937822cc39498.bundle.js
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90e1fe2346980a4e8eb379570866e30a5af1e52dc6b7077fb3eb9f533d277f00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.octane.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
QuzyGfffXcB8iZvP8SNcvGWw2IOnCpmC
content-encoding
gzip
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
date
Sun, 04 Jun 2023 20:00:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P2
age
52956
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 May 2023 18:12:50 GMT
server
AmazonS3
etag
W/"7c98816ed9c488d79aca22cc603c3aed"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
gKGrHARTuEPaVPEeBQxD0RwCaE9RJUE13w5OT-aUXINL7MnYu6QH6w==
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKS2VXH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 05 Jun 2023 10:35:27 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
458
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 05 Jun 2023 12:35:27 GMT
js
www.googletagmanager.com/gtag/ 		225 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3K1F2KK2E9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KKS2VXH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95c19c3bc9df8868dceadc841dd8030866fca618441012a7dfe1c3eb882d9ed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 10:43:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81193
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 05 Jun 2023 10:43:05 GMT
meta.json
portal.octane.co/ 		20 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://portal.octane.co/meta.json?1685961785804
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/js/main.f444957937822cc39498.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9eaed273908b7d970c49906048db04c68e61b34a1e68be24bfbd3364df5bde04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.octane.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 17:44:18 GMT
x-amz-version-id
oObX5t.I0hbYaOF0OmfYlvInOBzo0Q9i
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P2
age
61128
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 May 2023 18:12:50 GMT
server
AmazonS3
etag
"d3fe4329bb99a88dc331c545d32a52af"
x-frame-options
SAMEORIGIN
content-type
application/json
accept-ranges
bytes
x-amz-cf-id
8i_yRpBbaG1sHsGr8duazCqiLmiN5pl9wtb2h14FlAFT5-rWai_47Q==
501.0109fb09cf45d517aed9.bundle.js
portal.octane.co/js/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.octane.co/js/501.0109fb09cf45d517aed9.bundle.js
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/js/main.f444957937822cc39498.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b2fece231a1c8dd1657b2456c97b0d51cdbdfb158ce696b6a20d17f3ac195a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.octane.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 20:00:31 GMT
x-amz-version-id
yyICWZLiXMDtSHzjnOFbqc2U5YeQ8SUO
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
52955
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 May 2023 18:12:49 GMT
server
AmazonS3
etag
W/"18bed5edbbac5239f02f643d01d7d233"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
gCP6eMETq-gsLJqdAYKhVfLa8w0bEx7w8ID6We6miUrQgLvTTeERDw==
305.c5ee5e98c8ea5d7acb13.bundle.js
portal.octane.co/js/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.octane.co/js/305.c5ee5e98c8ea5d7acb13.bundle.js
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/js/main.f444957937822cc39498.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd8db7cb020f8a3b8ccb3dc940da5ba70729301cacc29f7a176aaaedc9989f0b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.octane.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 20:00:31 GMT
x-amz-version-id
CxjDAMbjaWYqP2sH4S9QjurSYC0I2wrI
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
52955
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 May 2023 18:12:49 GMT
server
AmazonS3
etag
W/"61b019439760abe71ecb031d73272f21"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
37KVvON5T7S17sVDTh4BRJivMSE-nxnQJIETUrWDivOrFhxZJlfbKg==
212.ebe272d30d41ba2492ed.bundle.js
portal.octane.co/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.octane.co/js/212.ebe272d30d41ba2492ed.bundle.js
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/js/main.f444957937822cc39498.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbc514b17372e533027c9aa25a387b4849e64917fd0b359995286a73c76abe5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.octane.co/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sun, 04 Jun 2023 20:00:31 GMT
x-amz-version-id
xxn996VujX0_KgHrNuDGaIx3X4J8Qo8e
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
52955
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 24 May 2023 18:12:49 GMT
server
AmazonS3
etag
W/"0bcab7d8e6f09e3650a40b2c87c46f6f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
5bK2xX-7dxZCKqD9e9BMhBF66C2a2vs36gSx1LSWyGv28rdqo2nEnQ==
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3K1F2KK2E9&gtm=45je35v0&_p=345815830&cid=1850642895.1685961786&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685961785&sct=1&seg=0&dl=https%3A%2F%2Fportal.octane.co%2Flogin&dt=Octane%20Account%20Services%20-%20Servicing%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3K1F2KK2E9&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jun 2023 10:43:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.octane.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=345815830&t=pageview&_s=1&dl=https%3A%2F%2Fportal.octane.co%2Flogin&ul=en-us&de=UTF-8&dt=Octane%20Account%20Services%20-%20Servicing%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1746773874&gjid=1416391410&cid=1850642895.1685961786&tid=UA-127981948-6&_gid=1341118181.1685961786&_r=1&_slc=1&gtm=45He35v0n81KKS2VXH&z=816643973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 05 Jun 2023 10:43:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://portal.octane.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4KLg.woff
fonts.gstatic.com/s/montserrat/v24/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4KLg.woff
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b6aaba6162ec7da35d1b7e97e6c01e7ca78f7fdddaa16aa8a8767e02183bc04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.octane.co/
Origin
https://portal.octane.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 23:23:35 GMT
x-content-type-options
nosniff
age
127170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16032
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 23:23:35 GMT
qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtyU5rZP.woff2
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b2fa706d33b212b5924d7ea4db659fe1f9a64682f507535fdf1bb8e4161e665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.octane.co/
Origin
https://portal.octane.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 23:05:32 GMT
x-content-type-options
nosniff
age
128253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29328
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 21:59:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 23:05:32 GMT
kn8sbonm
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/kn8sbonm
Requested by
Host: portal.octane.co
URL: https://portal.octane.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63087cdd174e50bf7381b78bfd383e2e478c762df76f32897e88c1196b0afb4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
5owN2vZlmMfT0uHTIeHc4C0TnwQZMM4T
content-encoding
gzip
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
date
Mon, 05 Jun 2023 10:36:16 GMT
x-amz-cf-pop
FRA2-C1
age
424
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2677
last-modified
Mon, 05 Jun 2023 08:17:54 GMT
server
AmazonS3
etag
"d37e412c0f1d29341323ff875498f65d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
Qrypong_IVaQlRrYIaqx0LEPzdiX-wXcZpGaByFywdofumTMRA0ddA==
frame-modern.259a7c5f.js
js.intercomcdn.com/ Frame 365F 		484 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.259a7c5f.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/kn8sbonm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b788a60f929553d0ff980b3a4e6c953ce6c91ad5fe9e0c24d560fc91948934a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
yWYUrJ61LBx7w3VB5olqzp6EuHI8XpOi
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Mon, 05 Jun 2023 10:17:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
1509
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
137950
last-modified
Mon, 05 Jun 2023 08:16:20 GMT
server
AmazonS3
etag
"5f610b4b9fe3cacebf86103c6411b472"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
PFmHMj2t7-rLwGzKfJeN-NObKtlZBLBeHKt8s7dtmW-ZVxdDngx9UA==
vendor-modern.adf58a2c.js
js.intercomcdn.com/ Frame 365F 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.adf58a2c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/kn8sbonm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a571b2a3dbe937cc5bd87d65d56b116e3b8846f00ef7cb60d89225cfbaead975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-amz-version-id
MZaSn7NMy1aJ3wt0UY1khDuGb85k_JM5
content-encoding
gzip
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
date
Mon, 05 Jun 2023 09:54:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
2946
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74359
last-modified
Fri, 02 Jun 2023 13:52:18 GMT
server
AmazonS3
etag
"982fb6ec17bf901cb6b9dc3f79f4eae1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
s_kunKxSBZilosoN7-hpJ4kAvV9qx5f_U58qezJVbBg_42uvAygE6w==
ping
api-iam.intercom.io/messenger/web/ Frame 365F 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.259a7c5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.211.195.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-195-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6a1790e7581afbfaa211faced5f840a139a27ae97b4a1a3221c91831c709428c
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Jun 2023 10:43:07 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-033c47eacef8c1043
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0001m5m7n45qi0bdaq70
x-runtime
0.342405
server
nginx
etag
W/"6a1790e7581afbfaa211faced5f840a1"
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.octane.co
x-intercom-version
257c300ac763983075809d6c7093c70478d3d14b
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
ping
api-iam.intercom.io/messenger/web/ Frame 365F 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.259a7c5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.211.195.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-195-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
87655f423e087382ec4324e91457e839fb5cd145fb9290a6e8f12c09ab4292a9
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Jun 2023 10:43:07 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-033c47eacef8c1043
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0001gu31e7plcd1c62gg
x-runtime
0.209344
server
nginx
etag
W/"87655f423e087382ec4324e91457e839"
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.octane.co
x-intercom-version
257c300ac763983075809d6c7093c70478d3d14b
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
ping
api-iam.intercom.io/messenger/web/ Frame 365F 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.259a7c5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.211.195.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-195-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ea3d0e263f9054c02d7c2db265f484b9b9a8f8a5e35c44726dff3ec45e228882
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 05 Jun 2023 10:43:08 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-033c47eacef8c1043
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0041m8c8ce5kb7npd3ag
x-runtime
0.210954
server
nginx
etag
W/"ea3d0e263f9054c02d7c2db265f484b9"
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://portal.octane.co
x-intercom-version
257c300ac763983075809d6c7093c70478d3d14b
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| dataLayer function| Intercom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| webpackChunkconsumer_servicing_portal function| IMask object| __REACT_INTL_CONTEXT__ object| DD_LOGS string| version function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| __intercomAssignLocation function| __intercomReloadLocation

8 Cookies

Domain/Path Name / Value
portal.octane.co/ Name: _dd_s
Value: logs=1&id=4d107514-ac39-468f-a8ba-d5fb1c123215&created=1685961785681&expire=1685962685681
.octane.co/ Name: _ga_3K1F2KK2E9
Value: GS1.1.1685961785.1.0.1685961785.0.0.0
.octane.co/ Name: _ga
Value: GA1.2.1850642895.1685961786
.octane.co/ Name: _gid
Value: GA1.2.1341118181.1685961786
.octane.co/ Name: _gat_UA-127981948-6
Value: 1
.octane.co/ Name: intercom-id-kn8sbonm
Value: ac253f6e-daa0-4d69-95ed-3fc3483e835f
.octane.co/ Name: intercom-session-kn8sbonm
Value:
.octane.co/ Name: intercom-device-id-kn8sbonm
Value: 3cc167b8-d2aa-47fe-b35d-537aecf46eaa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
fonts.gstatic.com
js.intercomcdn.com
portal.octane.co
region1.google-analytics.com
widget.intercom.io
www.google-analytics.com
www.googletagmanager.com
13.224.189.18
18.66.122.52
18.66.147.5
2001:4860:4802:32::36
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82f::2008
44.211.195.229
1b2fa706d33b212b5924d7ea4db659fe1f9a64682f507535fdf1bb8e4161e665
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b2fece231a1c8dd1657b2456c97b0d51cdbdfb158ce696b6a20d17f3ac195a9
4569cc54453837154a8b91c71a9fb1e31a247b51631109f2118ebf6aaf76ef01
5b6aaba6162ec7da35d1b7e97e6c01e7ca78f7fdddaa16aa8a8767e02183bc04
5b788a60f929553d0ff980b3a4e6c953ce6c91ad5fe9e0c24d560fc91948934a
63087cdd174e50bf7381b78bfd383e2e478c762df76f32897e88c1196b0afb4a
6a1790e7581afbfaa211faced5f840a139a27ae97b4a1a3221c91831c709428c
87655f423e087382ec4324e91457e839fb5cd145fb9290a6e8f12c09ab4292a9
90e1fe2346980a4e8eb379570866e30a5af1e52dc6b7077fb3eb9f533d277f00
95c19c3bc9df8868dceadc841dd8030866fca618441012a7dfe1c3eb882d9ed7
9eaed273908b7d970c49906048db04c68e61b34a1e68be24bfbd3364df5bde04
a571b2a3dbe937cc5bd87d65d56b116e3b8846f00ef7cb60d89225cfbaead975
bd8db7cb020f8a3b8ccb3dc940da5ba70729301cacc29f7a176aaaedc9989f0b
c72352f377dd2e1a517f195e80d7277cf3cffbb0a7c3d50da6adb06038ec16a8
dbc514b17372e533027c9aa25a387b4849e64917fd0b359995286a73c76abe5a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ea3d0e263f9054c02d7c2db265f484b9b9a8f8a5e35c44726dff3ec45e228882