Submitted URL: http://auth.elfster.com/
Effective URL: https://auth.elfster.com/account/login
Submission: On October 30 via manual from IN — Scanned from DE

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 32 HTTP transactions. The main IP is 34.202.194.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is auth.elfster.com. The Cisco Umbrella rank of the primary domain is 221935.
TLS certificate: Issued by Amazon RSA 2048 M02 on September 4th 2023. Valid for: a year.
This is the only time auth.elfster.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.147.86.141 14618 (AMAZON-AES)
2 16 34.202.194.197 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
1 18.66.97.49 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.32.27.21 16509 (AMAZON-02)
3 104.75.88.209 16625 (AKAMAI-AS)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
32 13
Apex Domain
Subdomains
Transfer
17 elfster.com
auth.elfster.com — Cisco Umbrella Rank: 221935
1 MB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 849
2 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 366
14 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 847
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2298
1 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2155
20 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2150
21 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2386
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
84 KB
32 12
Domain Requested by
17 auth.elfster.com 3 redirects auth.elfster.com
3 ct.pinterest.com s.pinimg.com
auth.elfster.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 connect.facebook.net auth.elfster.com
connect.facebook.net
1 track.hubspot.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 www.facebook.com auth.elfster.com
1 script.hotjar.com static.hotjar.com
1 js.hs-scripts.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googletagmanager.com auth.elfster.com
32 13
Subject Issuer Validity Valid
*.elfster.com
Amazon RSA 2048 M02
2023-09-04 -
2024-10-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-09 -
2024-01-01
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-08-08 -
2023-11-06
3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-07 -
2024-08-07
a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-02
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh

This page contains 2 frames:

Primary Page: https://auth.elfster.com/account/login
Frame ID: CAECEA3F33726BF943804809B043610C
Requests: 31 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 22AB7967C3757DDFB7F5174EF5B7681E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Elfster Authentication

Page URL History Show full URLs

  1. http://auth.elfster.com/ HTTP 301
    https://auth.elfster.com/ HTTP 302
    https://auth.elfster.com/account/entrypoint HTTP 302
    https://auth.elfster.com/account/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

64 %
IPv6

12
Domains

13
Subdomains

13
IPs

2
Countries

1505 kB
Transfer

2251 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://auth.elfster.com/ HTTP 301
    https://auth.elfster.com/ HTTP 302
    https://auth.elfster.com/account/entrypoint HTTP 302
    https://auth.elfster.com/account/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
auth.elfster.com/account/
Redirect Chain
  • http://auth.elfster.com/
  • https://auth.elfster.com/
  • https://auth.elfster.com/account/entrypoint
  • https://auth.elfster.com/account/login
13 KB
13 KB
Document
General
Full URL
https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
a3ff0c24354ece547dad36a9b82aad648f7027b2308aa461cd9a4f4e86a466f4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 01:39:52 GMT
pragma
no-cache
server
Kestrel
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
date
Mon, 30 Oct 2023 01:39:51 GMT
location
/account/login
server
Kestrel
bootstrap.css
auth.elfster.com/lib/bootstrap/css/
191 KB
191 KB
Stylesheet
General
Full URL
https://auth.elfster.com/lib/bootstrap/css/bootstrap.css
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
67419376c8aa4beffb93b0b55ba44941a2fed651a00b6bc94b92cf27c7a87d72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:52 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0f9cdf8"
content-length
195704
content-type
text/css
site.css
auth.elfster.com/css/
22 KB
23 KB
Stylesheet
General
Full URL
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
b61b5c5cb877322dcb1e759c5bac6817ef8e30b70703e61037604677416b0d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:52 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb68e3"
content-length
22883
content-type
text/css
jquery.js
auth.elfster.com/lib/jquery/
282 KB
282 KB
Script
General
Full URL
https://auth.elfster.com/lib/jquery/jquery.js
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:52 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0ff56c4"
content-length
288580
content-type
text/javascript
bootstrap.js
auth.elfster.com/lib/bootstrap/js/
145 KB
145 KB
Script
General
Full URL
https://auth.elfster.com/lib/bootstrap/js/bootstrap.js
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ccabba3bef84bb2da326c3d849ad613094548ae30d1b0e04184677ecc536f573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/account/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:52 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0f975e2"
content-length
148578
content-type
text/javascript
gtm.js
www.googletagmanager.com/
243 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29fe5d3fefb9bf4b7a609386af2aec14d6cb10dd74ed57480f6713da3bbd63db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85107
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Oct 2023 01:39:52 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 30 Oct 2023 01:39:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54253
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
/Pd6MNKzSIPiBLY0CGhhk2t919kgvSWZlgRIrJy0yMaWFpJvqlU8wlp525REIB/DaXOEj5nhMK1F2FAdjoIgjA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 30 Oct 2023 01:39:51 GMT
last-modified
Fri, 20 Oct 2023 01:13:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ED7B8C13B2BE48B5AC9BF74FC261EDAE Ref B: FRAEDGE1119 Ref C: 2023-10-30T01:39:52Z
etag
"0125f9ff22da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13079
core.js
s.pinimg.com/ct/
4 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
498f064c1bffe86b3db6feddfb0ef7c0880784706ba926061b8afc8c30f915e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"68e089f12d37ff44dcb439ca415fa128"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1759
hotjar-3111318.js
static.hotjar.com/c/
10 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3111318.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
4bb9f4abc0de1ba8db7983f005ab84ff2b24942558f38bb756d0504ebcfda548
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 30 Oct 2023 01:39:52 GMT
via
1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/018b16df4989113188c6d44234c21893
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
G78l37bvkIaC-xlQwFAPd4nPhEcRCkaoTWdtx2UNGrt5KRM1d23uXA==
7850326.js
js.hs-scripts.com/
974 B
1 KB
Script
General
Full URL
https://js.hs-scripts.com/7850326.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNZWZN5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d2faf5baa0408bf5826c1f55bfdc74db9b2a065a0ef6ce6c329a14100412afb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
003a5497-2ccb-4dc2-aedf-6c8cb581e361
x-envoy-upstream-service-time
6
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
003a5497-2ccb-4dc2-aedf-6c8cb581e361
last-modified
Mon, 30 Oct 2023 01:32:47 GMT
server
cloudflare
x-trace
2B7F4833592CC2B65E8A32BAC055DA44968705A8D3000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://auth.elfster.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5b5c96c966-82bfm
cf-ray
81dff26e6b4e35ed-FRA
expires
Mon, 30 Oct 2023 01:40:53 GMT
main.2363e810.js
s.pinimg.com/ct/lib/
65 KB
19 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.2363e810.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00:48b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fddeee8998e5da1e1d2a8d9ff42304cfd347636c416699a636c332d4f0a15889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"e14386753b976632b74c6592f970c617"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18827
2370849996513459
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2370849996513459?v=2.9.136&r=stable&domain=auth.elfster.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
113e30c374d97538a5a7c8a2f68ff298dc5c917d73ddc6b9bfe953dcef641a6f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 30 Oct 2023 01:39:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
6dTxkz4boNFHhqd9bBPuGJb3o23TgK4B3s0J7A3yJ9G6Q0+TnSwWrNT/L7qXruVq0eBGWoSdt2eB4ZLHVLm2aQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.132f983e088e46bc619e.js
script.hotjar.com/
226 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.132f983e088e46bc619e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3111318.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 14:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
213105
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56235
last-modified
Fri, 27 Oct 2023 14:28:06 GMT
etag
"24211094ec33cac8a2dbf78e3d341c4f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
rPiYojNOVT4VB4w_FL4Wro_xk89Dnpd2mKkn8tXDH3CYebOIbCWKsQ==
/
ct.pinterest.com/user/
302 B
692 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2614190438503&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1698629992760&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2363e810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.846656b8.1698629992.3b491c88
x-envoy-upstream-service-time
0
content-length
175
x-pinterest-rid
1722551896639325
pin-unauth
dWlkPU5EVmhabVExWVRndFkyTTFNeTAwWW1VMUxXSmpNbUV0WVRjelpqWTFPVFJtTkRaaA
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.elfster.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
8c8a4c0c37a13484f6e8d8b3db226c1f627e090e
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
456 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2614190438503&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fauth.elfster.com%2Faccount%2Flogin%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222363e810%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1698629992761
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Oct 2023 01:39:52 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.846656b8.1698629992.3b491c89
content-type
image/gif
access-control-allow-origin
*
pinterest-version
8c8a4c0c37a13484f6e8d8b3db226c1f627e090e
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
9379558386878423
expires
Sat, 01 Jan 2000 00:00:00 GMT
5964989.js
bat.bing.com/p/action/
0
115 B
Script
General
Full URL
https://bat.bing.com/p/action/5964989.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 30 Oct 2023 01:39:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 321D4EBD6861438A920559348F0A0B9D Ref B: FRAEDGE1119 Ref C: 2023-10-30T01:39:52Z
x-cache
CONFIG_NOCACHE
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2370849996513459&ev=PageView&dl=https%3A%2F%2Fauth.elfster.com%2Faccount%2Flogin&rl=&if=false&ts=1698629992849&sw=1600&sh=1200&v=2.9.136&r=stable&ec=0&o=4126&fbp=fb.1.1698629992848.939315674&ler=empty&it=1698629992751&coo=false&rqm=GET
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/account/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 30 Oct 2023 01:39:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
7850326.js
js.hs-analytics.net/analytics/1698629700000/
66 KB
21 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1698629700000/7850326.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7850326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754f2cb27ecce673be1485b6b27fc2b18bc8a87ab91ac913c3a8c99aad2ff8f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
CD7ARXWV713JD3VQ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
27c61766-3230-4fdd-b1bc-cf5b82eaeeaf
x-envoy-upstream-service-time
33
x-amz-id-2
dllNGyeCJ/fM+MaJ3TgI6dL65ldpxncUcevAS8Kh6FA3s1I25qONiAuWMOx7EA2gRePPFdOPl50=
x-evy-trace-listener
listener_https
x-request-id
27c61766-3230-4fdd-b1bc-cf5b82eaeeaf
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 12 Oct 2023 15:13:23 GMT
server
cloudflare
etag
W/"4c69fdfdda1b228f555fa8d70a7aa982"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
81dff2710db59be8-FRA
expires
Mon, 30 Oct 2023 01:44:53 GMT
banner.js
js.hs-banner.com/v2/7850326/
65 KB
20 KB
Script
General
Full URL
https://js.hs-banner.com/v2/7850326/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7850326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc036572798434cb5e29ce5997ee7258a03499cd2e4de3dd0e9fa4422f1ec6ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:53 GMT
x-amz-version-id
iXylHJssZUTuwTyOJWqyPnWVq.guVTFh
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
2VWP0GGTZZXE7BHX
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
cb82115b-14e5-4cf8-ae74-4f63142c3fa2
x-envoy-upstream-service-time
24
x-amz-id-2
D0lB2Of0zYtdvz06wtJuAyOdqTxwrCS9/5i5oUJVCN6QxIbP8OALWw18cXBlUwrtBVFQkXsBHDg=
x-evy-trace-listener
listener_https
x-request-id
cb82115b-14e5-4cf8-ae74-4f63142c3fa2
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 18 Oct 2023 17:03:39 GMT
server
cloudflare
etag
W/"7af9e4843851ca86f7d70bc6e61b911c"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.elfster.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-8ghtd
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
81dff2711c113610-FRA
expires
Mon, 30 Oct 2023 01:44:53 GMT
elfster-logo-black.png
auth.elfster.com/images/
2 KB
2 KB
Image
General
Full URL
https://auth.elfster.com/images/elfster-logo-black.png
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
2cf4b3afa5c9aede7ef67af0c0a02c080ae8a1f48a435a48eaa5747ad6d43ec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb3917"
content-length
2199
content-type
image/png
google.svg
auth.elfster.com/images/
1 KB
1 KB
Image
General
Full URL
https://auth.elfster.com/images/google.svg
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ce7baa55e02742ab96ef03d9eb8c628e757ac7c3a4afa13e34984fddea808cc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb351e"
content-length
1182
content-type
image/svg+xml
elfster-ios-app-store-button.png
auth.elfster.com/images/
4 KB
4 KB
Image
General
Full URL
https://auth.elfster.com/images/elfster-ios-app-store-button.png
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
221e6bb574f2ecdd8318beb1cd73c8f080d206867ce1a975fa793cecaa47878f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb2104"
content-length
4228
content-type
image/png
elfster-android-app-play-store-button.png
auth.elfster.com/images/
4 KB
4 KB
Image
General
Full URL
https://auth.elfster.com/images/elfster-android-app-play-store-button.png
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
8fd41105091a093b15e89fed13e02242c1fbd09e39c24a7abf8d5c91a98ca60f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb3e1f"
content-length
3999
content-type
image/png
Roboto-Medium.ttf
auth.elfster.com/fonts/
165 KB
165 KB
Font
General
Full URL
https://auth.elfster.com/fonts/Roboto-Medium.ttf
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369

Request headers

Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Origin
https://auth.elfster.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0f9a344"
content-length
168644
content-type
application/x-font-ttf
Roboto-Bold.ttf
auth.elfster.com/fonts/
163 KB
164 KB
Font
General
Full URL
https://auth.elfster.com/fonts/Roboto-Bold.ttf
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4

Request headers

Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Origin
https://auth.elfster.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0f9bc28"
content-length
167336
content-type
application/x-font-ttf
Roboto-Regular.ttf
auth.elfster.com/fonts/
164 KB
165 KB
Font
General
Full URL
https://auth.elfster.com/fonts/Roboto-Regular.ttf
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481

Request headers

Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Origin
https://auth.elfster.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0f9a0c4"
content-length
168260
content-type
application/x-font-ttf
fontello.woff2
auth.elfster.com/fonts/
19 KB
19 KB
Font
General
Full URL
https://auth.elfster.com/fonts/fontello.woff2?56356160
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
07388bf1433f87e1197948819026a2a7ab4a5499df73c036511a77cd0c7b8d28

Request headers

Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Origin
https://auth.elfster.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb7d1c"
content-length
19612
content-type
font/woff2
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
auth.elfster.com/fonts/
14 KB
14 KB
Font
General
Full URL
https://auth.elfster.com/fonts/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
Requested by
Host: auth.elfster.com
URL: https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.194.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-194-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1

Request headers

Referer
https://auth.elfster.com/css/site.css?v=2023-1025-1722-286
Origin
https://auth.elfster.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:55 GMT
last-modified
Wed, 25 Oct 2023 17:22:23 GMT
server
Kestrel
accept-ranges
bytes
etag
"1da0767d0fb0784"
content-length
13828
content-type
font/woff2
ct.html
ct.pinterest.com/ Frame 22AB
565 B
625 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2363e810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://auth.elfster.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.846656b8.1698629999.3b492eed
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 01:39:59 GMT
pinterest-version
8c8a4c0c37a13484f6e8d8b3db226c1f627e090e
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
0
x-pinterest-rid
3649666734089119
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=699552306&v=1.1&a=7850326&pu=https%3A%2F%2Fauth.elfster.com%2Faccount%2Flogin&t=Elfster+Authentication&cts=1698629999446&vi=65e56870d06c9ff3aef0851f049f8ce4&nc=true&u=220254919.65e56870d06c9ff3aef0851f049f8ce4.1698629999443.1698629999443.1698629999443.1&b=220254919.1.1698629999443&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 01:39:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
f30d0894-f2ad-4c98-84cf-1168bf378511
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
9
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
f30d0894-f2ad-4c98-84cf-1168bf378511
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIPBjCxW%2BShdEFQkjA8zTc9WEz1cH4KBU0ob1UBBdH2Rhzpj0LE%2Bkn27Mk3S42ea7BvucGEW81fSOG08oXd8rooURrJBXIYfNBXYFKf4GwxnmeGeJw4fmCaiZ0Lm2yZIe4iS1P24VMW4u9BmjY4Y"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-674b9fb979-sf6pl
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
81dff298abf15d9a-FRA
x-robots-tag
none
0
bat.bing.com/action/
0
287 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5964989&tm=gtm002&Ver=2&mid=3d543037-678c-4243-b7f1-dcd9360b0af0&sid=3cb9cee076c511eea5c42f077e680165&vid=3cb9dfa076c511ee8e7dfd9348dcea52&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Elfster%20Authentication&p=https%3A%2F%2Fauth.elfster.com%2Faccount%2Flogin&r=&lt=9950&evt=pageLoad&sv=1&rn=518157
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.elfster.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 01:39:58 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9FE575CE0934F38AFF3A81C7A1241DB Ref B: FRAEDGE1119 Ref C: 2023-10-30T01:39:59Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| pintrk function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| ueto_6f3a9c2a65 object| uetq object| _hsp function| onConversationsAPIReady function| sendIdentify object| hsConversationsOnReady object| _hsq object| _paq function| sanitizeKey boolean| _hstc_loaded function| $ function| jQuery number| uidEvent object| bootstrap boolean| _hspb_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime

18 Cookies

Domain/Path Name / Value
auth.elfster.com/ Name: .AspNetCore.Antiforgery.VyLW6ORzMgk
Value: CfDJ8LYvo7ciu05DmMRHWg7cPshaCs7iIi9VTr7bFDahs8Fl41sr63RZlpi1o9ezACXBWn3LemkD1ADrsRdSavMZZ0vgX-lWX8h_u3r7PjOmbIkRdPVDquVL61ftEpgkwKMSHbVazsi43fwoU-tPAPdEa-0
.elfster.com/ Name: _gcl_au
Value: 1.1.1810302264.1698629993
.elfster.com/ Name: _fbp
Value: fb.1.1698629992848.939315674
.auth.elfster.com/ Name: _pin_unauth
Value: dWlkPU5EVmhabVExWVRndFkyTTFNeTAwWW1VMUxXSmpNbUV0WVRjelpqWTFPVFJtTkRaaA
.pinterest.com/ Name: ar_debug
Value: 1
.elfster.com/ Name: _hjSessionUser_3111318
Value: eyJpZCI6IjY0MDE5M2UyLTcwMWMtNWIxOC1hNzc4LWNmYjUwOTE5NzYxNyIsImNyZWF0ZWQiOjE2OTg2Mjk5OTk0MzcsImV4aXN0aW5nIjpmYWxzZX0=
.elfster.com/ Name: _hjFirstSeen
Value: 1
.elfster.com/ Name: _hjIncludedInSessionSample_3111318
Value: 0
.elfster.com/ Name: _hjSession_3111318
Value: eyJpZCI6IjVhNTNjYWIzLTFiMGUtNGU4ZS1hMjJhLTk0NDIyYzQ2ZTM2MCIsImNyZWF0ZWQiOjE2OTg2Mjk5OTk0MzcsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.elfster.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.elfster.com/ Name: __hstc
Value: 220254919.65e56870d06c9ff3aef0851f049f8ce4.1698629999443.1698629999443.1698629999443.1
.elfster.com/ Name: hubspotutk
Value: 65e56870d06c9ff3aef0851f049f8ce4
.elfster.com/ Name: __hssrc
Value: 1
.elfster.com/ Name: __hssc
Value: 220254919.1.1698629999443
.elfster.com/ Name: _uetsid
Value: 3cb9cee076c511eea5c42f077e680165
.elfster.com/ Name: _uetvid
Value: 3cb9dfa076c511ee8e7dfd9348dcea52
.bing.com/ Name: MUID
Value: 154FFE7F788560EC0BDBEDC579EE61FA
.hubspot.com/ Name: __cf_bm
Value: ds_EK14M668x8xTaJWGUmXQFv_3Rntsr5_Miubbas1o-1698629999-0-ATmnMeRxBOhL3fvMieN+j58I+Q2DGEvs53nALbObtdL9errcFFtNsNytZJdnYJLDQcWiYDZmYpVAfrBm8DM7Tiw=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.elfster.com
bat.bing.com
connect.facebook.net
ct.pinterest.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
s.pinimg.com
script.hotjar.com
static.hotjar.com
track.hubspot.com
www.facebook.com
www.googletagmanager.com
104.75.88.209
13.32.27.21
18.66.97.49
2606:4700:4400::ac40:991b
2606:4700::6810:4fba
2606:4700::6810:bc59
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1450:4001:811::2008
2a02:26f0:ab00:48b::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.202.194.197
54.147.86.141
07388bf1433f87e1197948819026a2a7ab4a5499df73c036511a77cd0c7b8d28
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
113e30c374d97538a5a7c8a2f68ff298dc5c917d73ddc6b9bfe953dcef641a6f
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
221e6bb574f2ecdd8318beb1cd73c8f080d206867ce1a975fa793cecaa47878f
29fe5d3fefb9bf4b7a609386af2aec14d6cb10dd74ed57480f6713da3bbd63db
2cf4b3afa5c9aede7ef67af0c0a02c080ae8a1f48a435a48eaa5747ad6d43ec2
2d2faf5baa0408bf5826c1f55bfdc74db9b2a065a0ef6ce6c329a14100412afb
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
498f064c1bffe86b3db6feddfb0ef7c0880784706ba926061b8afc8c30f915e9
4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369
4bb9f4abc0de1ba8db7983f005ab84ff2b24942558f38bb756d0504ebcfda548
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
67419376c8aa4beffb93b0b55ba44941a2fed651a00b6bc94b92cf27c7a87d72
754f2cb27ecce673be1485b6b27fc2b18bc8a87ab91ac913c3a8c99aad2ff8f6
8e63336037bea50c9887beee711d5776ac0906b701a435ba6a002caf1a724b91
8fd41105091a093b15e89fed13e02242c1fbd09e39c24a7abf8d5c91a98ca60f
a3ff0c24354ece547dad36a9b82aad648f7027b2308aa461cd9a4f4e86a466f4
b61b5c5cb877322dcb1e759c5bac6817ef8e30b70703e61037604677416b0d09
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4
bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3
ccabba3bef84bb2da326c3d849ad613094548ae30d1b0e04184677ecc536f573
ce7baa55e02742ab96ef03d9eb8c628e757ac7c3a4afa13e34984fddea808cc9
da88b5aaa98c29a87e083a9edc66b83263a994d39634d80696eaf0532485c142
dc036572798434cb5e29ce5997ee7258a03499cd2e4de3dd0e9fa4422f1ec6ed
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fddeee8998e5da1e1d2a8d9ff42304cfd347636c416699a636c332d4f0a15889