Submitted URL: http://elfster.com/
Effective URL: https://www.elfster.com/
Submission: On December 08 via api from US

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 30 HTTP transactions. The main IP is 3.86.173.210, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.elfster.com.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on August 1st 2019. Valid for: 2 years.
This is the only time www.elfster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 3.86.173.210 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.55.30 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.73.108 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.73.11 16509 (AMAZON-02)
1 65.9.73.103 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 143.204.55.102 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
30 20
Domain Requested by
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.elfster.com www.elfster.com
2 www.facebook.com www.elfster.com
connect.facebook.net
2 api.hubspot.com js.usemessages.com
2 bat.bing.com www.googletagmanager.com
www.elfster.com
2 connect.facebook.net www.elfster.com
connect.facebook.net
2 elfster.com 2 redirects
1 track.hubspot.com
1 vc.hotjar.io script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 js.hs-banner.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 static.hotjar.com www.elfster.com
1 js.hs-scripts.com www.googletagmanager.com
1 cdn.elfster.com www.elfster.com
1 www.googletagmanager.com www.elfster.com
1 fonts.googleapis.com www.elfster.com
30 20

This site contains links to these domains. Also see Links.

Domain
blog.elfster.com
itunes.apple.com
play.google.com
apps.apple.com
Subject Issuer Validity Valid
www.elfster.com
GeoTrust EV RSA CA 2018
2019-08-01 -
2021-09-26
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.elfster.com
Amazon
2020-12-04 -
2022-01-02
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-11-02 -
2021-01-30
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2020-10-27 -
2021-04-27
6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.hotjar.com
Amazon
2020-01-22 -
2021-02-22
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2020-07-27 -
2021-07-27
a year crt.sh
*.hotjar.io
Amazon
2020-09-15 -
2021-10-15
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.elfster.com/
Frame ID: 3AB8E746AFBAE1656406005608527890
Requests: 29 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 9EC8D6E24BD2CA36F3EEF35AE590B769
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://elfster.com/ HTTP 301
    https://elfster.com/ HTTP 302
    https://www.elfster.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

30
Requests

100 %
HTTPS

68 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

833 kB
Transfer

1569 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://elfster.com/ HTTP 301
    https://elfster.com/ HTTP 302
    https://www.elfster.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.elfster.com/
Redirect Chain
  • http://elfster.com/
  • https://elfster.com/
  • https://www.elfster.com/
50 KB
50 KB
Document
General
Full URL
https://www.elfster.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.86.173.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-173-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d9e4b7842aad58c02eb0860916825631e1151204c742fc546c64b41f1d565f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.elfster.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-type
text/html; charset=utf-8
content-length
50998
cache-control
private
expires
Tue, 08 Dec 2020 17:22:28 GMT
server
Microsoft-IIS/10.0
set-cookie
ElfAuth=671E5DB9A3D1D415DCFB064635ACC073D7DB9D1F5ED79E8547DBD79FD0547D997B25C6919F9EDFF8F9C9FA3DCC3431859F2465F3FFA50DE58AC71321578BB795CFF4BD6E75E28AB19295D6C69CB87825425FF208D72C16B139B250BD0F26D38E252E48AACE967C2B828785EA08C423F73D41B66FB67984E15431FBBD973DFBFA581B33322F5D11391388B06F9380C9E5; expires=Wed, 08-Jun-2022 16:22:28 GMT; path=/; SameSite=None; secure
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
DENY

Redirect headers

date
Tue, 08 Dec 2020 17:22:27 GMT
content-type
text/html; charset=utf-8
content-length
140
location
https://www.elfster.com
cache-control
private
expires
Tue, 08 Dec 2020 17:22:27 GMT
server
Microsoft-IIS/10.0
set-cookie
ElfAuth=3691894D26D9C23B349BAFA949690AFC86028EAAA1405E144946B6C3F1374121CB18DC7CB699B516D5F815CAA2F9ACF7FE5F29A93D3C2B259CFF73599E41B96313E18B5039ABBBF857B8783C91BC42D19D91D3C86D90EDB83E87EE0BB55EDF98D422A59AEF1513DA887AC8DD0C6169EB8BAAAADF1739C0F526652920DF01983B20D00491D795D668F30EC4B45BDCB705; expires=Wed, 08-Jun-2022 16:22:27 GMT; path=/; SameSite=None; secure
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
DENY
css
fonts.googleapis.com/
3 KB
957 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ed0cb16ca7999709b33caf9ff9caecdfa28909e08c650a5f291569b20948902c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 17:14:08 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Tue, 08 Dec 2020 17:22:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 08 Dec 2020 17:22:28 GMT
gtm.js
www.googletagmanager.com/
115 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ee9d41584e4687e9b64649ceead128e8001936dac2769c1917acf942b00790f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40505
x-xss-protection
0
last-modified
Tue, 08 Dec 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Dec 2020 17:22:28 GMT
sprite-pub-home-2018-12v1.png
cdn.elfster.com/free-downloadables/
71 KB
71 KB
Image
General
Full URL
https://cdn.elfster.com/free-downloadables/sprite-pub-home-2018-12v1.png
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-30.osl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e56f6ebde5b19aec404a120a1977a4537924f32103b2dbbafbb35d46eac4dfe7

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 07 Dec 2020 19:23:43 GMT
via
1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
last-modified
Tue, 04 Dec 2018 22:27:49 GMT
server
AmazonS3
age
79126
etag
"b6620dfc492e072e7c307c4e765f2a99"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
OSL50-C1
accept-ranges
bytes
content-length
72624
x-amz-cf-id
Dc-T8BC3tz6bhor_8f0o2CiFJTnbmm252uWvzB5iYq6LiccEwjqiPQ==
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ef3b91884f4d6c2007e169ecd9aaaffc98cc0217b18a759bd59bdc55ec899db

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
hero-rudolph-1200.jpg
www.elfster.com/img/landing/
192 KB
193 KB
Image
General
Full URL
https://www.elfster.com/img/landing/hero-rudolph-1200.jpg
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.86.173.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-173-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
97786543c09a8d3c2b98b012913d5d42c5876f4224408545556801234bf090fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 07 Dec 2020 14:54:08 GMT
server
Microsoft-IIS/10.0
etag
"80e6cd1a8ccd61:0"
x-download-options
noopen
x-frame-options
DENY
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Authorization,Content-Type
content-length
196731
etr-10-sprite-elfster-home-2020-09-15.png
www.elfster.com/img/landing/
181 KB
181 KB
Image
General
Full URL
https://www.elfster.com/img/landing/etr-10-sprite-elfster-home-2020-09-15.png
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.86.173.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-173-210.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
f729f9795506ae9d7a320140c2485ffa670777a66a1572c58856ac90f6f5c288
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Dec 2020 12:41:57 GMT
server
Microsoft-IIS/10.0
etag
"58de32845fcdd61:0"
x-download-options
noopen
x-frame-options
DENY
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/png
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Authorization,Content-Type
content-length
184963
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.elfster.com
Referer
https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 21:58:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:13 GMT
server
sffe
age
242624
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
expires
Sun, 05 Dec 2021 21:58:44 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.elfster.com
Referer
https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 09:30:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:15 GMT
server
sffe
age
287538
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Sun, 05 Dec 2021 09:30:10 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.elfster.com
Referer
https://fonts.googleapis.com/css?family=Poppins:400,500,600&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 02:06:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
314159
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Sun, 05 Dec 2021 02:06:29 GMT
fbevents.js
connect.facebook.net/en_US/
89 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-trip-id
603378373
pragma
public
x-fb-debug
EOSav7GeGriKobX8x87ryfJCQeqE7/T+vIQBWNx5h5KdHi+IYncYg1rMMuQi4wL/o/ypo9fJTJFTRM9F0DvcXQ==
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
DENY
date
Tue, 08 Dec 2020 17:22:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23320
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/
27 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref
Ref A: 1A43B6F2D09E48F6B8D6A8B86378A670 Ref B: FRAEDGE1313 Ref C: 2020-12-08T17:22:28Z
etag
"0b27f152fa7d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8454
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1958
date
Tue, 08 Dec 2020 16:49:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 08 Dec 2020 18:49:50 GMT
7850326.js
js.hs-scripts.com/
1 KB
885 B
Script
General
Full URL
https://js.hs-scripts.com/7850326.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4309b50c63680c474f46f679754307526d00325e7c26c317f6f47d41b9ad5732

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
48
cf-polished
origSize=1262
cf-request-id
06e4f951b0000005d859852000000001
cf-bgj
minify
server
cloudflare
x-trace
2B186C913886A986A9D19850923B7F630567A2202F000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.elfster.com
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5fe82b2f8c4405d8-FRA
expires
Tue, 08 Dec 2020 17:23:28 GMT
hotjar-1933376.js
static.hotjar.com/c/
6 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1933376.js?sv=6
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
37f8564c5415609460d91e7d64c1328a51ead7c2e897399a623b6b086e653006
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:00 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
28
etag
W/14d484b85cdfd72a5d6454fd97053274
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
AMS1-C1
content-length
1864
via
1.1 e029c86e892e2d8a35492f6625a1d26e.cloudfront.net (CloudFront)
x-amz-cf-id
M-E8QM3gvU2lFyUvXewRFcmCUtgnxgZXC2f_ZZlcm5SxZwFRlg9Ovw==
js
www.google-analytics.com/gtm/
108 KB
38 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-MXVK9C3&t=gtm2&cid=1212202861.1607448148
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fa696524293b82c2533bb0afdd8f7da553278171489ce91958c0b68ccca3400
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38781
x-xss-protection
0
expires
Tue, 08 Dec 2020 17:22:28 GMT
2370849996513459
connect.facebook.net/signals/config/
239 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2370849996513459?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c4bc605f52e18d6c1ccda335ba61a8148d2c3a9a4f2610706735dd7cd6de9cd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
/GYbqGRnnl7F9WgFABUOrLTF4TDa0JfL/iuVWrxniM3FQyEg+FaNC7qvjstnCL2npcvFNiMwW6smsb0Whr9Lbg==
x-fb-trip-id
603378373
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 08 Dec 2020 17:22:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1818185479
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/
0
147 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56196202&Ver=2&mid=b92b29d9-0564-42c7-a8f5-9c09356e27c5&sid=f25443d0397911eba07f397fa557d415&vid=f25444a0397911eba864af779147f477&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Secret%20Santa%20Generator%20%26%20Christmas%20List%20App%20%7C%20Elfster&kw=secret%20santa%20generator,%20secret%20santa%20organizer,%20secret%20santa%20gift%20exchange,%20online%20secret%20santa,%20gift%20exchange,%20secret%20santa%20name%20picker,%20christmas%20gift%20exchange&p=https%3A%2F%2Fwww.elfster.com%2F&r=&lt=964&evt=pageLoad&msclkid=N&sv=1&rn=410487
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 08 Dec 2020 17:22:28 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 256FB52813414C5099B50D20A015DC43 Ref B: FRAEDGE1313 Ref C: 2020-12-08T17:22:28Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
7850326.js
js.hs-analytics.net/analytics/1607448000000/
60 KB
18 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1607448000000/7850326.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7850326.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480e9c94375884e107ab03dcf4ebd67e4cd0b90a66d1252d5435309f0934788c

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-encoding
br
cf-cache-status
HIT
age
118
x-amz-server-side-encryption
AES256
x-amz-request-id
CACFDFBD6E63D60E
x-amz-id-2
R8XbXxVyUOo/pkGlA4xOZtqzdkZlkyEJY3kH9uktEyljQ6a13cgN3q4fdpg4o1054Nrxlpg8phk=
last-modified
Mon, 07 Dec 2020 20:19:09 GMT
server
cloudflare
etag
W/"badc3b329405d08d6ed35299a8499f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
06e4f951f000002c4a871fa000000001
cf-ray
5fe82b2fe8ee2c4a-FRA
expires
Tue, 08 Dec 2020 17:25:30 GMT
conversations-embed.js
js.usemessages.com/
79 KB
20 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7850326.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
via
1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
433
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.7966/bundles/project.js&cfRay=5fe8209aecb62b7d-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
06e4f951ea00001f394d852000000001
last-modified
Mon, 07 Dec 2020 03:40:46 UTC
server
cloudflare
etag
W/"084f0064b523664ce082aebef736853e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
kCPoihtV0nKfLLh1Z8xOU8_A5Ba4lvrR
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
5fe82b2fdbaa1f39-FRA
x-amz-cf-id
j3BfQxLKIDXgqqgOqPb3YNPmCTF-7CnUNKrbpByAQdO6RGyN6oD_oQ==
7850326.js
js.hs-banner.com/
50 KB
13 KB
Script
General
Full URL
https://js.hs-banner.com/7850326.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7850326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
644ecf08f24314a3a8317fffa3e90787c1f251329d5385414863e6b589a44df5

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=uBvmOw==, md5=DwVYbTBUmxpuJl+trcmxIQ==
date
Tue, 08 Dec 2020 17:22:28 GMT
content-encoding
br
cf-cache-status
HIT
age
119
x-guploader-uploadid
ABg5-UwwUPQaDsiaXgKPCLKuC-6TxRE1AU6Rlx0lVWtDx6nwGuC9TlnXThy0T6taaGxK8NbDH9QI74uSdpbBdfXu9Ok
x-goog-storage-class
STANDARD
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
06e4f951ef00001f313e8fe000000001
timing-allow-origin
*
last-modified
Mon, 30 Nov 2020 21:37:20 GMT
server
cloudflare
etag
W/"0f05586d30549b1a6e265fadadc9b121"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1606772240322355
access-control-allow-origin
https://www.elfster.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
51478
cf-ray
5fe82b2fedbe1f31-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 08 Dec 2020 17:25:29 GMT
modules.fbb9fad30a2f1bae1942.js
script.hotjar.com/
221 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.fbb9fad30a2f1bae1942.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1933376.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6a36fb6b8e55509924f58b0b1e57c95fa9c8d0c6a64fd41712b03a616d9bde52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 16:48:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
2016
x-cache
Hit from cloudfront
content-length
58977
access-control-allow-origin
*
last-modified
Tue, 08 Dec 2020 16:45:19 GMT
etag
"dcd9afc628bffb164d527911911330ad"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
i0t2XZLkH_lN-X5GknekiR-FJGtNXQpjwRGo4XBUjBFwe372T1QYuw==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 9EC8
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1933376.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.elfster.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.elfster.com/

Response headers

content-type
text/html
content-length
851
date
Wed, 25 Nov 2020 18:10:04 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Wed, 25 Nov 2020 15:48:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
iMv-Jo3KSzh8KlOGpFotuLBrWE52fueiFdFOGKnB1RkwJYTrYYb-yA==
age
1120344
public
api.hubspot.com/livechat-public/v1/message/
258 B
433 B
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=7850326&conversations-embed=static-1.7966&mobile=false&messagesUtk=6c1dd730a30648ab8facc18f7b8d235a&traceId=6c1dd730a30648ab8facc18f7b8d235a
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce2715d45f25ec548280f4129286c91e7c19f6e198b21c16bc3df3e87eefd634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.elfster.com/

Response headers

date
Tue, 08 Dec 2020 17:22:29 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
202
cf-request-id
06e4f952dd000005dcee87d000000001
server
cloudflare
x-trace
2BC71C960E3E3D08F4747EE7FBEAA338FBD39FA2F5000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.elfster.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
5fe82b316e8305dc-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Other
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=7850326&conversations-embed=static-1.7966&mobile=false&messagesUtk=6c1dd730a30648ab8facc18f7b8d235a&traceId=6c1dd730a30648ab8facc18f7b8d235a
Protocol
H2
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://www.elfster.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
content-type
text/plain; charset=utf-8
content-length
18
x-trace
2BE79B44715FFAA6DB73BF4A10D1AFF9225CE65F21000000000000000000
allow
HEAD,GET,OPTIONS
vary
Accept-Encoding
access-control-allow-credentials
false
access-control-allow-origin
https://www.elfster.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
cf-cache-status
DYNAMIC
cf-request-id
06e4f95246000005dc32181000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
cf-ray
5fe82b306b1b05dc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/
1 B
166 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=315836528&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elfster.com%2F&ul=en-us&de=UTF-8&dt=Online%20Secret%20Santa%20Generator%20%26%20Christmas%20List%20App%20%7C%20Elfster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=rAXyKNnFQLCj74Db_V5S0A.4&_u=aGDAAEADQAAAAC~&jid=414153416&gjid=621264861&cid=1212202861.1607448148&tid=UA-139251-1&_gid=1654062992.1607448148&_r=1&gtm=2wgbu0MNZWZN5&z=2127055725
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Dec 2020 17:22:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.elfster.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
377 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2370849996513459&ev=PageView&dl=https%3A%2F%2Fwww.elfster.com%2F&rl=&if=false&ts=1607448148607&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1607448148605.63644071&it=1607448148431&coo=false&rqm=GET
Requested by
Host: www.elfster.com
URL: https://www.elfster.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 08 Dec 2020 17:22:28 GMT
1933376
vc.hotjar.io/sessions/
0
257 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/1933376?s=0.25&r=0.1874370867000732
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fbb9fad30a2f1bae1942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.102 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-102.osl50.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Dec 2020 17:22:28 GMT
via
1.1 277d0e3af1ffdcb1ee40b7dc9f040147.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
OSL50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
q4WnPMdNsRMilt0W89UEMfxXtV1iFi5BgEjDZt4rc1qThwCODF7Maw==
__ptq.gif
track.hubspot.com/
45 B
592 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=7850326&pu=https%3A%2F%2Fwww.elfster.com%2F&t=Online+Secret+Santa+Generator+%26+Christmas+List+App+%7C+Elfster&cts=1607448148634&vi=235939ac50fe6c04b140a354c714af95&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5fe82b311c952c3a-FRA
date
Tue, 08 Dec 2020 17:22:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
cf-request-id
06e4f952b500002c3a5f38b000000001
x-robots-tag
none
collect
www.google-analytics.com/
35 B
120 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=315836528&t=timing&_s=2&dl=https%3A%2F%2Fwww.elfster.com%2F&ul=en-us&de=UTF-8&dt=Online%20Secret%20Santa%20Generator%20%26%20Christmas%20List%20App%20%7C%20Elfster&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1236&pdt=90&dns=0&rrt=586&srt=191&tcp=0&dit=964&clt=964&_gst=984&_gbt=1020&_cst=888&_cbt=970&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=1212202861.1607448148&tid=UA-139251-1&_gid=1654062992.1607448148&gtm=2wgbu0MNZWZN5&z=1739884244
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Dec 2020 11:13:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22129
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
106 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.elfster.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryX8nqJ5AC4DtiR33Q

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Tue, 08 Dec 2020 17:22:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.elfster.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| $masterHdrMenuBtn object| $masterNav object| $masterNavMenu object| $masterNavMenuItemsWithSubmenus object| $activeSubMenu function| initializeMenus function| subMenuClick function| addClass function| removeClass function| hasClass function| resetMenus function| closeMenu object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| uetq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData function| UET function| onConversationsAPIReady function| sendIdentify object| hsConversationsOnReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| _hsq object| _paq boolean| _hstc_loaded object| _hsp boolean| _hspb_loaded boolean| hubspot_live_messages_running object| HubSpotConversations object| google_optimize boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

17 Cookies

Domain/Path Name / Value
.elfster.com/ Name: __hssrc
Value: 1
.elfster.com/ Name: __hstc
Value: 220254919.235939ac50fe6c04b140a354c714af95.1607448148632.1607448148632.1607448148632.1
.elfster.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.elfster.com/ Name: __hssc
Value: 220254919.1.1607448148632
.elfster.com/ Name: _fbp
Value: fb.1.1607448148605.63644071
.elfster.com/ Name: _gat_UA-139251-1
Value: 1
.elfster.com/ Name: _gcl_au
Value: 1.1.2009966665.1607448148
.elfster.com/ Name: _hjFirstSeen
Value: 1
.elfster.com/ Name: _hjTLDTest
Value: 1
.elfster.com/ Name: _uetvid
Value: f25444a0397911eba864af779147f477
.elfster.com/ Name: _uetsid
Value: f25443d0397911eba07f397fa557d415
www.elfster.com/ Name: ElfAuth
Value: 671E5DB9A3D1D415DCFB064635ACC073D7DB9D1F5ED79E8547DBD79FD0547D997B25C6919F9EDFF8F9C9FA3DCC3431859F2465F3FFA50DE58AC71321578BB795CFF4BD6E75E28AB19295D6C69CB87825425FF208D72C16B139B250BD0F26D38E252E48AACE967C2B828785EA08C423F73D41B66FB67984E15431FBBD973DFBFA581B33322F5D11391388B06F9380C9E5
.elfster.com/ Name: _gid
Value: GA1.2.1654062992.1607448148
.elfster.com/ Name: _ga
Value: GA1.2.1212202861.1607448148
.elfster.com/ Name: _gaexp
Value: GAX1.2.rAXyKNnFQLCj74Db_V5S0A.18690.4
.elfster.com/ Name: hubspotutk
Value: 235939ac50fe6c04b140a354c714af95
.elfster.com/ Name: _hjid
Value: 913c8d1c-0e6d-414b-9f22-b573fc10eaeb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
bat.bing.com
cdn.elfster.com
connect.facebook.net
elfster.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
script.hotjar.com
static.hotjar.com
track.hubspot.com
vars.hotjar.com
vc.hotjar.io
www.elfster.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
143.204.55.102
143.204.55.30
2606:4700::6811:43b0
2606:4700::6811:d2cc
2606:4700::6811:edcc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:814::2003
2a00:1450:4001:818::2008
2a00:1450:4001:824::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.86.173.210
65.9.73.103
65.9.73.108
65.9.73.11
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
37f8564c5415609460d91e7d64c1328a51ead7c2e897399a623b6b086e653006
3c4bc605f52e18d6c1ccda335ba61a8148d2c3a9a4f2610706735dd7cd6de9cd
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4309b50c63680c474f46f679754307526d00325e7c26c317f6f47d41b9ad5732
480e9c94375884e107ab03dcf4ebd67e4cd0b90a66d1252d5435309f0934788c
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
644ecf08f24314a3a8317fffa3e90787c1f251329d5385414863e6b589a44df5
659630c07a9005c1bb4e68bf15946ba4a0d5e8ede79aec22a98f202a55491ab2
6a36fb6b8e55509924f58b0b1e57c95fa9c8d0c6a64fd41712b03a616d9bde52
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef3b91884f4d6c2007e169ecd9aaaffc98cc0217b18a759bd59bdc55ec899db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fa696524293b82c2533bb0afdd8f7da553278171489ce91958c0b68ccca3400
97786543c09a8d3c2b98b012913d5d42c5876f4224408545556801234bf090fb
9ee9d41584e4687e9b64649ceead128e8001936dac2769c1917acf942b00790f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
ce2715d45f25ec548280f4129286c91e7c19f6e198b21c16bc3df3e87eefd634
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9e4b7842aad58c02eb0860916825631e1151204c742fc546c64b41f1d565f11
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56f6ebde5b19aec404a120a1977a4537924f32103b2dbbafbb35d46eac4dfe7
ed0cb16ca7999709b33caf9ff9caecdfa28909e08c650a5f291569b20948902c
f729f9795506ae9d7a320140c2485ffa670777a66a1572c58856ac90f6f5c288