secure.efvoyages.ca Open in urlscan Pro
2606:4700::6813:b06a  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response secure.efvoyages.ca/	3 KB 2 KB	165ms 96ms	Document text/html	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 7a6676039eb0a63b2f181d947a681a2b2bfef3648b71f47b05727dc4dd237c56 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 738bf523fa954bb8-YUL content-encoding gzip content-type text/html date Wed, 10 Aug 2022 21:52:16 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Fri, 30 Jul 2021 14:58:16 GMT server cloudflare strict-transport-security max-age=2592000 vary Accept-Encoding x-correlation-id 6985a240-e25b-4176-99fc-29e48f7d59b6 x-frame-options DENY x-powered-by ASP.NET
GET H2	200	polyfill.min.js Show response cdn.polyfill.io/v2/	222 B 450 B	68ms 22ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en,Intl.~locale.fr,default,Array.prototype.includes Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3 Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding br last-modified Thu, 04 Aug 2022 12:24:47 GMT age 0 vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 useragent_normaliser chrome/104.0.0 server-timing cache-yul12829, PASS, fastly;desc="Edge time";dur=12 accept-ranges bytes content-length 126
GET H2	200	Client Show response secure.efvoyages.ca/api/Configuration/	266 B 423 B	49ms 49ms	Script text/javascript	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/api/Configuration/Client Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 853baa40d0cf37e6a69f415ca7a4bd7cead35698cb6fe22cb8f4d4920f202662 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-frame-options DENY x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript x-correlation-id 844ca399-4ab2-4423-8b40-a7f973fdd4c1 strict-transport-security max-age=2592000 cf-ray 738bf524ab774bb8-YUL
GET H2	200	api.js Show response secure.efvoyages.ca/cdn-cgi/bm/cv/669835187/	35 KB 9 KB	31ms 31ms	Script text/javascript	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/cdn-cgi/bm/cv/669835187/api.js Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding gzip x-content-type-options nosniff server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=604800, public cf-ray 738bf5251c184bb8-YUL
GET H2	200	bundle.11b34d0ccb71102ab095.min.js Show response secure.efvoyages.ca/js/	1 MB 471 KB	172ms 172ms	Script application/javascript	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash dcc4b8fd21da0995b8fc99e0672170d77eab1be80018c61548f1c91ba394cc46 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding gzip vary Accept-Encoding cf-cache-status MISS x-powered-by ASP.NET last-modified Fri, 30 Jul 2021 14:58:16 GMT server cloudflare x-frame-options DENY etag "1d78553536ab50b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 content-type application/javascript cache-control public, max-age=14400 x-correlation-id 39ffb999-eb52-49c0-ba17-b0a933a27041 cf-ray 738bf524ab794bb8-YUL expires Thu, 11 Aug 2022 01:52:16 GMT
GET H2	200	hotjar-1038815.js Show response static.hotjar.com/c/	4 KB 2 KB	61ms 20ms	Script application/javascript	108.138.106.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1038815.js?sv=6 Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.106.101 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-106-101.jfk50.r.cloudfront.net Software / Resource Hash 74fe5c7005cbc9b4550e6a1692dd849158bbf811ece1a792c7a379f6af711634 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers strict-transport-security max-age=86400; includeSubDomains content-encoding br x-content-type-options nosniff age 26 x-cache Hit from cloudfront date Wed, 10 Aug 2022 21:51:57 GMT cross-origin-resource-policy cross-origin via 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront) cache-control max-age=60 etag W/2713a2c90ee665b2e045c99b5abfa420 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop JFK50-P3 x-amz-cf-id Zv332T9mOR4jXlUOrejpaAtP4rhxd1pWK4u5W9fJGOT-Al6_ObudMQ==
GET H2	200	modules.3ccc2561e7224ffbf999.js Show response script.hotjar.com/	249 KB 64 KB	64ms 23ms	Script application/javascript	108.139.47.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.3ccc2561e7224ffbf999.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1038815.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.47.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-47-96.jfk50.r.cloudfront.net Software / Resource Hash 2bc0d230e02afee1971f61273cc72443a06d1c0fadb96d63cece02834aa4c7cd Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 15:01:07 GMT content-encoding br x-content-type-options nosniff age 24669 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains content-length 65052 access-control-allow-origin * last-modified Wed, 10 Aug 2022 15:00:34 GMT etag "ed926f4e963f2602835aab2f77b3bea9" vary Accept-Encoding content-type application/javascript via 1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop JFK50-P1 accept-ranges bytes x-robots-tag none x-amz-cf-id OAd-XUi1Bd69y65YqW5A19ZU82QpJGvtNVLk4fiCNfa7k_GcAPO73Q==
OPTIONS H2	204	/ api.rollbar.com/api/1/item/ Frame	0 0	79ms 43ms	Preflight	35.201.81.77 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rollbar.com/api/1/item/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 77.81.201.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-rollbar-access-token Access-Control-Request-Method POST Origin https://secure.efvoyages.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-rollbar-access-token access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 10 Aug 2022 21:52:16 GMT server nginx/1.17.9 via 1.1 google x-response-time 0ms
POST H2	200	/ Show response api.rollbar.com/api/1/item/	100 B 285 B	51ms 48ms	XHR application/json	35.201.81.77 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rollbar.com/api/1/item/ Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 77.81.201.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash 83306ef91536d9e6be105e6d91c02ffc3a25476ede321d80bc442aafa76895ca Request headers X-Rollbar-Access-Token 195264da890f4197b3af26abb5803687 Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json Response headers x-response-time 5ms date Wed, 10 Aug 2022 21:52:16 GMT via 1.1 google x-rate-limit-limit 50000 x-rate-limit-remaining-seconds 53 server nginx/1.17.9 content-type application/json; charset=utf-8 access-control-allow-origin * x-rate-limit-remaining 49998 x-rate-limit-reset 1660168389 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100
PUT H2	200	warning Show response secure.efvoyages.ca/api/logging/	0 67 B	53ms 53ms	XHR text/plain	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/api/logging/warning Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options DENY Request headers Referer https://secure.efvoyages.ca/ X-Correlation-ID 0d508188-4757-c717-d859-a29d31dbcd91 Request-Id 0d508188-4757-c717-d859-a29d31dbcd91 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers strict-transport-security max-age=2592000 x-correlation-id 0d508188-4757-c717-d859-a29d31dbcd91 cf-cache-status DYNAMIC server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY date Wed, 10 Aug 2022 21:52:16 GMT cf-ray 738bf5272f0b4bb8-YUL content-length 0
GET H2	200	me Show response api.storyblok.com/v1/cdn/spaces/	160 B 905 B	189ms 136ms	XHR application/json	108.138.128.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v1/cdn/spaces/me?version=published&cv=1660168336473&token=hcUZ0PeVDE26jpc1GjLxAwtt Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-14.jfk50.r.cloudfront.net Software nginx/1.18.0 / Resource Hash a41ec87337c5f7f1e8ea8b97853a306356c15648e26d21264da506d390c1bf32 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT via 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront) x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop JFK50-P4 x-cache Miss from cloudfront vary Origin content-length 160 x-xss-protection 1; mode=block x-request-id 5eb745df-7a23-4e22-b585-cd7fb50de67c x-runtime 0.007741 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"a41ec87337c5f7f1e8ea8b97853a3063" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://secure.efvoyages.ca access-control-expose-headers Api-Version, Token, Total, Per-Page cache-control max-age=0, public, s-maxage=2 access-control-allow-credentials true x-amz-cf-id iZWbS_Lf2zI71b03j8TP40kmUaaiDDLf7lJYd9nU0weo8r2tpErScw==
GET H2	200	me Show response api.storyblok.com/v1/cdn/spaces/	144 B 892 B	226ms 174ms	XHR application/json	108.138.128.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v1/cdn/spaces/me?version=published&cv=1660168336460&token=Wc9fusBg1K9f6fE1UX7VCwtt Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-14.jfk50.r.cloudfront.net Software nginx/1.18.0 / Resource Hash 9edef9fbd976f8e3344cb92c9746d2124c656dfd37149ab434b54560a122a941 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT via 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront) x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop JFK50-P4 x-cache Miss from cloudfront vary Origin content-length 144 x-xss-protection 1; mode=block x-request-id 016bd5e4-98e5-4890-8fe0-56325cbf28ae x-runtime 0.017294 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"9edef9fbd976f8e3344cb92c9746d212" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 access-control-allow-origin https://secure.efvoyages.ca access-control-expose-headers Api-Version, Token, Total, Per-Page cache-control max-age=0, public, s-maxage=2 access-control-allow-credentials true x-amz-cf-id nLyio7uIfuoZNZcMrHQY5ZGMCHLsHws_WGohX6egvNGEZKy4jbu_hw==
GET H2	200	product-information Show response api.storyblok.com/v1/cdn/stories/en-US/	1 KB 1 KB	172ms 172ms	XHR application/json	108.138.128.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v1/cdn/stories/en-US/product-information?version=published&cv=1660168336473&token=hcUZ0PeVDE26jpc1GjLxAwtt Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-14.jfk50.r.cloudfront.net Software nginx/1.18.0 / Resource Hash 48a02c54cafcc5a0f18089b5f0e4df003ac2bfc4af0d9dad8f4dbe7bcd4cf475 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop JFK50-P4 x-cache Miss from cloudfront vary Accept-Encoding,Origin x-xss-protection 1; mode=block x-request-id 2be77450-42cb-46d8-bf77-9ad3bb4a700b x-runtime 0.043122 access-control-allow-origin https://secure.efvoyages.ca referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"48a02c54cafcc5a0f18089b5f0e4df00" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 via 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront) access-control-expose-headers Api-Version, Token, Total, Per-Page cache-control max-age=0, public, s-maxage=604800 access-control-allow-credentials true link x-amz-cf-id RF-vLMTk33PjwZAqlET3LxghfCAjn7oLPbBHq6blY1sZrpsZTdQ_HQ==
GET H2	200	product-information Show response api.storyblok.com/v1/cdn/stories/en-US/	1 KB 1 KB	173ms 173ms	XHR application/json	108.138.128.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v1/cdn/stories/en-US/product-information?version=published&cv=1660168336473&token=hcUZ0PeVDE26jpc1GjLxAwtt Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-14.jfk50.r.cloudfront.net Software nginx/1.18.0 / Resource Hash 48a02c54cafcc5a0f18089b5f0e4df003ac2bfc4af0d9dad8f4dbe7bcd4cf475 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop JFK50-P4 x-cache Hit from cloudfront vary Accept-Encoding,Origin x-xss-protection 1; mode=block x-request-id 2be77450-42cb-46d8-bf77-9ad3bb4a700b x-runtime 0.043122 access-control-allow-origin https://secure.efvoyages.ca referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"48a02c54cafcc5a0f18089b5f0e4df00" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 via 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront) access-control-expose-headers Api-Version, Token, Total, Per-Page cache-control max-age=0, public, s-maxage=604800 access-control-allow-credentials true link x-amz-cf-id hSaq1iftsbiH8zQSPpKA3nXeVKWDQPX_NuEWN8vuteLQJc64JE7awQ==
GET H2	200	box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response vars.hotjar.com/ Frame 4523	2 KB 1 KB	66ms 20ms	Document text/html	108.138.128.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1038815.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-36.jfk50.r.cloudfront.net Software / Resource Hash 3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://secure.efvoyages.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 806649 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 01 Aug 2022 13:48:07 GMT etag "b310868fbdb4c8ee7d37e1b85ae269fa" last-modified Mon, 01 Aug 2022 13:47:35 GMT strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding via 1.1 3155a44b32f22cf1d72a9a7b7439a6e2.cloudfront.net (CloudFront) x-amz-cf-id 6F6ONUjWc9XI2wkmkeniOH1vQEvNqnvGTdumdKikQdQWgDtHlhZ92g== x-amz-cf-pop JFK50-P4 x-cache Hit from cloudfront x-robots-tag none
POST H2	204	result Show response secure.efvoyages.ca/cdn-cgi/bm/cv/	0 298 B	20ms 19ms	XHR text/plain	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/cdn-cgi/bm/cv/result?req_id=738bf523fa954bb8 Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json Response headers date Wed, 10 Aug 2022 21:52:16 GMT server cloudflare cf-ray 738bf52828504bb8-YUL expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1038815/	147 B 322 B	303ms 102ms	XHR application/json	54.171.44.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1038815/visit-data?sv=6 Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.44.156 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-44-156.eu-west-1.compute.amazonaws.com Software / Resource Hash a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9 Request headers Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	default Show response api.storyblok.com/v1/cdn/stories/public-one-time-payments/	7 KB 3 KB	163ms 163ms	XHR application/json	108.138.128.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.storyblok.com/v1/cdn/stories/public-one-time-payments/default?per_page=1&page=1&version=published&cv=1623340785&token=Wc9fusBg1K9f6fE1UX7VCwtt Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.128.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-128-14.jfk50.r.cloudfront.net Software nginx/1.18.0 / Resource Hash e831087765c85baf56253d89a0b78501a261e1044ce4d62d16205a1556af7465 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-amz-cf-pop JFK50-P4 x-cache Miss from cloudfront vary Accept-Encoding,Origin x-xss-protection 1; mode=block x-request-id f1bdea9f-93e8-4343-9748-c5c74c0abe07 x-runtime 0.033506 access-control-allow-origin https://secure.efvoyages.ca referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"e831087765c85baf56253d89a0b78501" x-download-options noopen access-control-max-age 7200 access-control-allow-methods GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD content-type application/json; charset=utf-8 via 1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront) access-control-expose-headers Api-Version, Token, Total, Per-Page cache-control max-age=0, public, s-maxage=604800 access-control-allow-credentials true link x-amz-cf-id Y7gXCwskr_HSZJzULt8ve_X6UEZMsHTTKs8qlNsYO_FrU6yhulGEOA==
GET H2	200	logo_et.svg a.storyblok.com/f/77447/x/2332588097/	6 KB 3 KB	93ms 20ms	Image image/svg+xml	108.139.29.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://a.storyblok.com/f/77447/x/2332588097/logo_et.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-16.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash ffe457742dd13c02dc1f9a4db04ced709cbdc5f67a17b59406a51ae1c0ff6cec Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 12:30:54 GMT content-encoding gzip age 33683 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 03 Mar 2020 15:49:33 GMT server AmazonS3 etag W/"99aa7c4bc7f39402335a440b6633e5de" vary Accept-Encoding x-amz-version-id dOjPlRi6OB_TrVZE.xhkMqLOitziz5dI via 1.1 e42e8491a089e2183879e26e61dae708.cloudfront.net (CloudFront) cache-control public; max-age=31536000 x-amz-cf-pop JFK50-P2 content-type image/svg+xml x-amz-cf-id o6uzuUEQH81VB3ljXd2QPVVNnGzkcz8mphGlq5wRoZbmQMlNdO4gvg== expires Wed, 03 Mar 2021 15:49:32 GMT
OPTIONS H3	204	/ api.rollbar.com/api/1/item/ Frame	0 0	43ms 42ms	Preflight	35.201.81.77 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rollbar.com/api/1/item/ Protocol H3 Security QUIC, , AES_128_GCM Server 35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 77.81.201.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-rollbar-access-token Access-Control-Request-Method POST Origin https://secure.efvoyages.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-rollbar-access-token access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 10 Aug 2022 21:52:16 GMT server nginx/1.17.9 via 1.1 google x-response-time 0ms
POST H3	200	/ Show response api.rollbar.com/api/1/item/	100 B 121 B	51ms 51ms	XHR application/json	35.201.81.77 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.rollbar.com/api/1/item/ Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 77.81.201.35.bc.googleusercontent.com Software nginx/1.17.9 / Resource Hash 9f578329494b9e6cd24bef0d7112e0b95a86b1302e4d6f236553fc4a98be008d Request headers X-Rollbar-Access-Token 195264da890f4197b3af26abb5803687 Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json Response headers x-response-time 8ms date Wed, 10 Aug 2022 21:52:17 GMT via 1.1 google x-rate-limit-limit 50000 x-rate-limit-remaining-seconds 52 server nginx/1.17.9 content-type application/json; charset=utf-8 access-control-allow-origin * x-rate-limit-remaining 49997 x-rate-limit-reset 1660168389 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100
PUT H2	200	error Show response secure.efvoyages.ca/api/logging/	0 37 B	51ms 51ms	XHR text/plain	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.efvoyages.ca/api/logging/error Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options DENY Request headers Referer https://secure.efvoyages.ca/ X-Correlation-ID 0d508188-4757-c717-d859-a29d31dbcd91 Request-Id 0d508188-4757-c717-d859-a29d31dbcd91 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers strict-transport-security max-age=2592000 x-correlation-id 0d508188-4757-c717-d859-a29d31dbcd91 cf-cache-status DYNAMIC server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY date Wed, 10 Aug 2022 21:52:16 GMT cf-ray 738bf529ead04bb8-YUL content-length 0
GET H2	200	1bb45b8b5cd4442a8d63d150e0fad307.svg secure.efvoyages.ca/img/	427 B 432 B	162ms 162ms	Image image/svg+xml	2606:4700::6813:b06a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://secure.efvoyages.ca/img/1bb45b8b5cd4442a8d63d150e0fad307.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b06a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 121e0d8c091158a73eac4b6f9961c2acda7f20dd2d017efb87653c1f9cd8760c Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://secure.efvoyages.ca/error?c=0d508188-4757-c717-d859-a29d31dbcd91 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Wed, 10 Aug 2022 21:52:17 GMT x-correlation-id c08614a4-c352-4b58-a290-0af75b7a8a4b cf-cache-status MISS x-powered-by ASP.NET strict-transport-security max-age=2592000 content-encoding gzip last-modified Fri, 30 Jul 2021 14:58:16 GMT server cloudflare x-frame-options DENY etag W/"1d785535379f5ab" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 cf-ray 738bf529eae34bb8-YUL expires Thu, 11 Aug 2022 01:52:17 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1038815/	147 B 321 B	102ms 101ms	XHR application/json	54.171.44.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1038815/visit-data?sv=6 Requested by Host: secure.efvoyages.ca URL: https://secure.efvoyages.ca/js/bundle.11b34d0ccb71102ab095.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.44.156 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-171-44-156.eu-west-1.compute.amazonaws.com Software / Resource Hash a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9 Request headers Referer https://secure.efvoyages.ca/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Wed, 10 Aug 2022 21:52:16 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hj object| _hjSettings function| setupClient object| clientRuntimeConfig object| a0_0x433e function| a0_0x3d7e object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| regeneratorRuntime number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| _rollbarURH object| __CF$cv$params

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.efvoyages.ca/	1970-01-20 05:09:30	Name: __cf_bm Value: RG8N6QHF8cxi9oQ691Tfov0Cb3JtKCIbbBA49xTv2Mg-1660168336-0-AVNq1xVmlwgSENgZbSd0nt1vSX5Qh0AGwcASrPD/fefG4dXYLQ8W43HijnJHq3TFFCv8HKqCRzR13+vkNar9mWA6CSov9rYQtaihZy/eir5HJhLSCSJwEKsS1u1wb05IqkProsckjwPKA63G2zNDa66HQq9/XqotsQjHddofB/Wh
			.efvoyages.ca/	1970-01-20 13:55:04	Name: _hjSessionUser_1038815 Value: eyJpZCI6IjMyMzIzNmE2LTA2NGQtNTZkNi1iOTBjLWM1YzA4YWMwNjVhZCIsImNyZWF0ZWQiOjE2NjAxNjgzMzYzNjcsImV4aXN0aW5nIjpmYWxzZX0=
			.efvoyages.ca/	1970-01-20 05:09:30	Name: _hjFirstSeen Value: 1
			secure.efvoyages.ca/	1970-01-20 05:09:28	Name: _hjIncludedInSessionSample Value: 1
			.efvoyages.ca/	1970-01-20 05:09:30	Name: _hjSession_1038815 Value: eyJpZCI6IjEzMmY3MmNiLTI4YzktNGE1Yy1iYTM0LWJkYjhjNzY3Mjc1YSIsImNyZWF0ZWQiOjE2NjAxNjgzMzY3MjIsImluU2FtcGxlIjp0cnVlfQ==
			secure.efvoyages.ca/	1970-01-20 05:09:28	Name: _hjIncludedInPageviewSample Value: 1
			.efvoyages.ca/	1970-01-20 05:09:30	Name: _hjAbsoluteSessionInProgress Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.storyblok.com
api.rollbar.com
api.storyblok.com
cdn.polyfill.io
in.hotjar.com
script.hotjar.com
secure.efvoyages.ca
static.hotjar.com
vars.hotjar.com
108.138.106.101
108.138.128.14
108.138.128.36
108.139.29.16
108.139.47.96
2606:4700::6813:b06a
2a04:4e42:200::282
35.201.81.77
54.171.44.156
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
121e0d8c091158a73eac4b6f9961c2acda7f20dd2d017efb87653c1f9cd8760c
2bc0d230e02afee1971f61273cc72443a06d1c0fadb96d63cece02834aa4c7cd
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
48a02c54cafcc5a0f18089b5f0e4df003ac2bfc4af0d9dad8f4dbe7bcd4cf475
74fe5c7005cbc9b4550e6a1692dd849158bbf811ece1a792c7a379f6af711634
7a6676039eb0a63b2f181d947a681a2b2bfef3648b71f47b05727dc4dd237c56
83306ef91536d9e6be105e6d91c02ffc3a25476ede321d80bc442aafa76895ca
853baa40d0cf37e6a69f415ca7a4bd7cead35698cb6fe22cb8f4d4920f202662
9edef9fbd976f8e3344cb92c9746d2124c656dfd37149ab434b54560a122a941
9f578329494b9e6cd24bef0d7112e0b95a86b1302e4d6f236553fc4a98be008d
a41ec87337c5f7f1e8ea8b97853a306356c15648e26d21264da506d390c1bf32
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
dcc4b8fd21da0995b8fc99e0672170d77eab1be80018c61548f1c91ba394cc46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e831087765c85baf56253d89a0b78501a261e1044ce4d62d16205a1556af7465
ffe457742dd13c02dc1f9a4db04ced709cbdc5f67a17b59406a51ae1c0ff6cec