urlscan.io logo urlscan.io
SecurityTrails logo

production.d1c8he8zul0rg4.amplifyapp.com Open in urlscan Pro
65.9.58.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
Submission: On February 23 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 31 HTTP transactions. The main IP is 65.9.58.78, located in United States and belongs to AMAZON-02, US. The main domain is production.d1c8he8zul0rg4.amplifyapp.com.
TLS certificate: Issued by Amazon on December 10th 2020. Valid for: a year.
This is the only time production.d1c8he8zul0rg4.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 65.9.58.78 16509 (AMAZON-02)
19 2600:9000:206... 16509 (AMAZON-02)
4 151.101.112.176 54113 (FASTLY)
1 52.36.120.14 16509 (AMAZON-02)
2 35.201.81.77 15169 (GOOGLE)
31 6
5    65.9.58.78 (United States)

ASN16509 (AMAZON-02, US)
production.d1c8he8zul0rg4.amplifyapp.com
19    2600:9000:206f:fc00:11:6e9c:ebc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
subscription-widget-production.mcards.com
4    151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    52.36.120.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-120-14.us-west-2.compute.amazonaws.com
m.stripe.com
2    35.201.81.77 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 77.81.201.35.bc.googleusercontent.com
api.rollbar.com
Domain Requested by
19 subscription-widget-production.mcards.com production.d1c8he8zul0rg4.amplifyapp.com
subscription-widget-production.mcards.com
5 production.d1c8he8zul0rg4.amplifyapp.com 1 redirects production.d1c8he8zul0rg4.amplifyapp.com
3 js.stripe.com subscription-widget-production.mcards.com
js.stripe.com
2 api.rollbar.com subscription-widget-production.mcards.com
1 m.stripe.com m.stripe.network
1 m.stripe.network js.stripe.com
0 app.entertainment.com.au Failed subscription-widget-production.mcards.com
31 7

This site contains no links.

Subject Issuer Validity Valid
*.d1c8he8zul0rg4.amplifyapp.com
Amazon		 2020-12-10 -
2022-01-08		 a year crt.sh
*.mcards.com
Amazon		 2020-12-12 -
2022-01-10		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-19 -
2021-05-04		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-20 -
2021-05-04		 3 months crt.sh
api.rollbar.com
DigiCert SHA2 Secure Server CA		 2020-07-13 -
2022-07-27		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
Frame ID: FD26C3C94592119E58C1652A7775FD1A
Requests: 4 HTTP requests in this frame

Frame: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Frame ID: C750403B550F5134CD6A63E3F5FB4D31
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
Frame ID: 1C8CD63AD74E4367E4F5FCDB05AAC799
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 72DC3F687A63E2423DB6FAFE81C12F36
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/- HTTP 301
    https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

31
Requests

97 %
HTTPS

20 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

444 kB
Transfer

1448 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/- HTTP 301
    https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
Redirect Chain
  • https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-
  • https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49342c5a55f41836e6359714a3d17098bb69be2bda50576b41a84472d7537a89

Request headers

:method
GET
:authority
production.d1c8he8zul0rg4.amplifyapp.com
:scheme
https
:path
/build/buy-bucks.esm.js/-/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html
date
Tue, 23 Feb 2021 12:28:10 GMT
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Error from cloudfront
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
_nnn4P3oHQ6EbXE0ocxN7uudQx38cwvK6vWrqtJ588d0RDhxnQm5mA==

Redirect headers

content-type
application/xml
content-length
0
date
Tue, 23 Feb 2021 12:28:09 GMT
server
AmazonS3
location
/build/buy-bucks.esm.js/-/
x-cache
Error from cloudfront
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
xk3oUdvSe9iUEkx-Tg4Wssv0Zv_p-XY88ec0dMnDPHsJC3eYGVD1pg==
buy-bucks.esm.js
production.d1c8he8zul0rg4.amplifyapp.com/build/ 		459 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js
Requested by
Host: production.d1c8he8zul0rg4.amplifyapp.com
URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a4c2ffbd32bae8e1fd987978fd3cb7da52ccd41ddf048ccc3802422531b921c

Request headers

Origin
https://production.d1c8he8zul0rg4.amplifyapp.com
Referer
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 23 Feb 2021 12:28:14 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
last-modified
Fri, 12 Feb 2021 05:05:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"3591239142056c26ec5c17f57e7b495b"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, s-maxage=2
accept-ranges
bytes
content-length
459
x-amz-cf-id
9VYoCL6vnqtU9m0ASqrrB8mKmZ1bBYnI-d5KZ4poVbJvmrz8UcHKbQ==
p-937b76bf.js
production.d1c8he8zul0rg4.amplifyapp.com/build/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-937b76bf.js
Requested by
Host: production.d1c8he8zul0rg4.amplifyapp.com
URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bb58ec2f960e6635f6beb89f47372fe6c7b0a974dbc898627825120a3d7a885

Request headers

Origin
https://production.d1c8he8zul0rg4.amplifyapp.com
Referer
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 23 Feb 2021 12:28:15 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 05:05:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"50a8a439044d694dd1993996042bf695"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, s-maxage=2
x-amz-cf-id
BVqJFOWHJEi1HuacrIoVNjsSW8mW5V-CaBAvpyaGvFTki3jvtM0BNg==
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
p-b55f32a8.entry.js
production.d1c8he8zul0rg4.amplifyapp.com/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-b55f32a8.entry.js
Requested by
Host: production.d1c8he8zul0rg4.amplifyapp.com
URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-937b76bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d90cce8593aaa60b6c136c4a3f35dd1d52345329162d26708193651eb4e1c0ae

Request headers

Origin
https://production.d1c8he8zul0rg4.amplifyapp.com
Referer
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 23 Feb 2021 12:28:17 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 05:05:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"f692117b6f969b0f8a001efe43ac594c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, s-maxage=2
x-amz-cf-id
X_Ei26upYvQgqcWfy1Os9nsBQpvS3V9L_jhnT_1YHlEVApi1GR8vWg==
via
1.1 7e513424eee237ee26467e8fd5656ec1.cloudfront.net (CloudFront)
/
subscription-widget-production.mcards.com/ Frame C750 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Requested by
Host: production.d1c8he8zul0rg4.amplifyapp.com
URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-937b76bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b43a6cba23a5451c6582d39c9e0eddbd8e2aefe18382b4f5095a8e7552286215

Request headers

:method
GET
:authority
subscription-widget-production.mcards.com
:scheme
https
:path
/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js/-/

Response headers

content-type
text/html
date
Tue, 23 Feb 2021 12:28:18 GMT
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
etag
W/"93abbf9cc26584d663fdf136a72e42e9"
x-amz-server-side-encryption
AES256
server
AmazonS3
cache-control
no-cache, s-maxage=2
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
G3xSkcbmrf0je_qNkIT9qxwq-9uPpzLQiZucUpV1uTEQTdK-eA-ivA==
4823690406ae2ba3a407.css
subscription-widget-production.mcards.com/_next/static/css/ Frame C750 		2 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/css/4823690406ae2ba3a407.css
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
052528dafa0aebaaf2c80025396be8ab49b6a0b71fd558fe6f8c1c2aae392faa

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"450a4d761ad559fbe48f18f306639dcb"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
XR3IDNFTKP-1E44pJdQXiMXlw9fiep6-SXON7qZENeKXkirqnf9t-Q==
main-242233d8da89178fcc77.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/main-242233d8da89178fcc77.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67a47c8415ace7852efafb45c960fb53be488ae14e993ad645e6a61f7a567c1b

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"a8d21fc35131941e7956f576b67ca39f"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
NFaKAiINYTzL-aMXoQIG-9PsnfjpymiGjTQB4xYVT-nY-rGoKR3-fw==
webpack-14d9c18cc9cd7740f40a.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/webpack-14d9c18cc9cd7740f40a.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a1c63cf2ced9935281f7fb07722771aa0b5e7a80d3e06bec806a918badfb20b

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"5af8b53ef1fe3d26ed4c4293616a4f08"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
MqeEVhAN-e_T-21PUIC7EQ-VoTq2onYGDcm8PN3iMihNOEQe0MWdJw==
framework.3fa6dc05c4b0dea380d9.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/framework.3fa6dc05c4b0dea380d9.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb772414ed0938b27cede6d138877bb0f9e3ca4367b67542137fc926cf4835e9

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"4761f48e868fc5d7f012c7973889bc5d"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
zaOS9ap6Lyl4PGA6E7Kkf82LiVNgkbec-BiRf73vBpnrZ-F6l9TgUA==
0eceb729.e5a24b77bfcb00a6d800.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/0eceb729.e5a24b77bfcb00a6d800.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e4b49c38d327fee588c6b95dcee7cd7947703cec1d6c1b4932f2d00abd4aab9

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"69cee4dc6de99900323892f443812396"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
fUHHK6T-FF3jiOpqnG9vdOYPICPKkg3f_hDcMvNICpFPlKDD25EtyQ==
d6a9949e.feed9a8cf3889e9389b4.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		39 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/d6a9949e.feed9a8cf3889e9389b4.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49863f998c71eff4375d76e6d518f2f4f317e19147bb143fc160adfbd5287802

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"adac1491c47fb7a1e78a1fae4996d322"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
uYSY-ZWk-gqL4JoxEjfxUHo4EpQva64I_kkaJEYwdBde36FlYLXH4w==
commons.29a4da8c3529c4318fb3.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		682 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/commons.29a4da8c3529c4318fb3.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be68b76e24ef0e39b3dea99a96886b5993d58b15dae0a557280df12d970c3288

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"bacd8803f0f5dad0b875025c0add71ee"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
VZpsLXGy6zB4_lbtjPAfYVFlRP5wMPCHJ0Q2ktYFMw2NIseg9hgC6w==
364b773ec42e3107eb67c6f036e36f3bff0fc84c.1104c6ef3b5efd485a34.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/364b773ec42e3107eb67c6f036e36f3bff0fc84c.1104c6ef3b5efd485a34.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e1058164407928ba5b097056aefeaf4788879aefc29a10ab3dbc4ac3abc70294

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"4b68128fcb12c04da26ca1d8d9d86839"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
4-3D-dWvQY-ZRrNR2QskKOmU_LprcOR0cJ6r7Sil6Pp2m4hAbzIRbw==
feb543d1c46b67b42dc29edd91e9c0458a786ccd.a7b9a80104667d874a27.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		126 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/feb543d1c46b67b42dc29edd91e9c0458a786ccd.a7b9a80104667d874a27.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c19c6a6ad949baba0e5370d8f61bfbff9580a953222eb42e880d5b17032e853

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"67b2e8080b3c00932ffcb679128e2baf"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
RkrSzwxz-Wm1olYvJsMUR9O9BywNDWDEu1PtAJO1usZsLGnaEFtWuw==
b290580f89363e491131ca3f3e4ed5bdcd0605f1.42de565460c141ecd134.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/b290580f89363e491131ca3f3e4ed5bdcd0605f1.42de565460c141ecd134.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b13a15482beaa7790fe99a77abf61ec6025aa872b29b080b7c5883619e624ed7

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"c1e03061478d5e1a64f9a273e38f78a7"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
uYqeTR5dEMUlToIIIDks7kGkDdeZcDDkpkpB1j-2bmJCfV1EI53BPg==
0dd8fc29d103b6b855d3601d0347ab4b5c457bcb.cc0e5822667b486dbaaa.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/0dd8fc29d103b6b855d3601d0347ab4b5c457bcb.cc0e5822667b486dbaaa.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beff505f8e6170ecfa18eaf6d8a90fb24a1f5a29155ec70e6cb7522da14b3c53

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"57cca78154faf1a9e15c702cc4ab19d7"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
yaQ3Tmj6OcQu-BxUYQVdFkOLrlbOOnEvL_K23xxqJOiwmBQ4LTXQ0w==
b1542cc239bf56c8a14913c0a930efe682b5cf86.3212cbc66fefd57f740c.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		75 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/b1542cc239bf56c8a14913c0a930efe682b5cf86.3212cbc66fefd57f740c.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3915e20610713ec1723bf64e4538a363b5bdf5168b98f6517a3ec4e78e30290f

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"4fdc85e9801c939f41e3c221ecece18d"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
UdnbXbOlUP1X1gQ3B2lVpdBpIQ5LNUdOWvWHrVfsnyokOCmW1FxkuQ==
4f344f86181b91d321034160ec6a20c3bf88ebf1.6aa8b081a75fef126484.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/4f344f86181b91d321034160ec6a20c3bf88ebf1.6aa8b081a75fef126484.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5dd5bccb8879565ce374009556f41ba274873815a33fceb543a41cdf02aadcd

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"6779a57eef5dc6321406de046fa9f773"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
k1V-fMmtt5ZI9e9nHP-WTpwFFnAXZpgo3wBP7K7y8jWIMlYqVKE_BQ==
_app-5f3c8329e74a5dbb0506.js
subscription-widget-production.mcards.com/_next/static/chunks/pages/ Frame C750 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/pages/_app-5f3c8329e74a5dbb0506.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2dead1df372e79097c3f4979750969bfdf00b33be720c047bc64ddf478629d9

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"fc1f35a39e621fb3135d0d82ea121181"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
q4PPnclsoVTr7j8fgY6F01R4XZJs5UH50V8FZjb_6sfC2bZwndCi9Q==
e27089e29a6f70223231f6d6442d8049f4ed6558.a43238bb22b34c163492.js
subscription-widget-production.mcards.com/_next/static/chunks/ Frame C750 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/e27089e29a6f70223231f6d6442d8049f4ed6558.a43238bb22b34c163492.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
934985827c5f652004ec0540caef79b686d7cc10cccc7316bbeaaf505b24cda1

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"c4d51831e34cac4232934fedf254d0b5"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
-UFnlI_BgyI3_28IlOa1JNz2QvcM-AlrvVHihPQSjoSdiwMpQVuDeA==
index-8a343290efb609afcea3.js
subscription-widget-production.mcards.com/_next/static/chunks/pages/ Frame C750 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/chunks/pages/index-8a343290efb609afcea3.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
365804b6770e5ed50911d729e5fdfc2a409a0fdfa6125ceb8dd3bc38099714e7

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"a7582e616d0cccc63693b201bbdb3785"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
q0DS7p7UVpaqXCSJFJi-pGv2d9gIIsbl48yO-N6AMo5SsQr6fH8Y3Q==
_buildManifest.js
subscription-widget-production.mcards.com/_next/static/du78cZ-pGDE9e07cUX4Qo/ Frame C750 		1 KB
1010 B 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/du78cZ-pGDE9e07cUX4Qo/_buildManifest.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
139609832c16736594948fb310526a584cd3f22c037613559d8830c8442a1043

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:20 GMT
content-encoding
gzip
etag
W/"79ef8024df4ae712b05a7b9c152727a0"
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
cache-control
no-cache, s-maxage=2
x-amz-cf-id
Bmezzwziqg2ew5nk4l7jW-MB3Eyh6J_nt5ZT9O0SYkP5zvrxOlpZ6w==
_ssgManifest.js
subscription-widget-production.mcards.com/_next/static/du78cZ-pGDE9e07cUX4Qo/ Frame C750 		76 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription-widget-production.mcards.com/_next/static/du78cZ-pGDE9e07cUX4Qo/_ssgManifest.js
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 23 Feb 2021 12:28:20 GMT
via
1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
last-modified
Tue, 16 Feb 2021 00:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"abee47769bf307639ace4945f9cfd4ff"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache, s-maxage=2
accept-ranges
bytes
content-length
76
x-amz-cf-id
ILntXRR6PHNNjCm_ZpNENDGkNMkx2nX93PcaiFdNwOc8TbP8L8c8bA==
v3
js.stripe.com/ Frame C750 		211 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/_next/static/chunks/364b773ec42e3107eb67c6f036e36f3bff0fc84c.1104c6ef3b5efd485a34.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b937552f203be51562c58a8b999937f30bca0db656d043daa60a4a21088c1ba
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:21 GMT
content-encoding
gzip
vary
Accept-Encoding
age
136
via
1.1 varnish
x-cache
HIT
content-length
56172
x-amz-id-2
Z2Va2HkYKOuvEWwH00nHGBZBlcPHLDFfTcGQFnuMCrsDT2MucQPz1OwvfRgN7xzE6yWd+rRqQ5k=
x-served-by
cache-hhn4023-HHN
timing-allow-origin
*
last-modified
Mon, 22 Feb 2021 20:33:19 GMT
server
AmazonS3
etag
"ca4fe591c566d2540cc2fe9bc5bcb8d4"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
09A877B5503CC4D1
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
208
config
app.entertainment.com.au/api/widgets/a2174af0-0cf0-0139-36e5-0242ac110003/ Frame C750 		0
0
m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
js.stripe.com/v3/ Frame 1C8C 		215 B
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
303ebe696c5acd686abaf6c8811d63732e39794e6299409a8d94fdbf283ecb16
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003

Response headers

x-amz-id-2
Pb7TfqxpvHNS1xabfOYEOebaCl2GfSHpqdPf98+zDmchDq0HQXyJ4ULFmpDrt2mmoxlcyYzaHE8=
x-amz-request-id
348D3CE5BA9D8AD7
last-modified
Thu, 18 Feb 2021 20:28:39 GMT
etag
"8826b02b000b4fc2c04c76c52ebc9050"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Tue, 23 Feb 2021 12:28:21 GMT
via
1.1 varnish
age
160
x-served-by
cache-hhn4023-HHN
x-cache
HIT
x-cache-hits
476
vary
Accept-Encoding
access-control-allow-origin
*
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length
185
m-outer-578a66643e76d3d4e86b821a1ddf68a2.js
js.stripe.com/v3/fingerprinted/js/ Frame 1C8C 		1 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-578a66643e76d3d4e86b821a1ddf68a2.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 23 Feb 2021 12:28:21 GMT
content-encoding
gzip
vary
Accept-Encoding
age
144
via
1.1 varnish
x-cache
HIT
content-length
699
x-amz-id-2
uhkKm4cWUBxt+SBAbnKPemJXFFXpKQckbfUgOHZHnOIuBadipxG4fCCnBing/egNnwEpfgx9yvA=
x-served-by
cache-hhn4023-HHN
timing-allow-origin
*
last-modified
Thu, 18 Feb 2021 20:28:42 GMT
server
AmazonS3
etag
"356a16407e7a019ffdf35f454b7438a9"
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-request-id
87D3782F6BEE0D9E
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
401
inner.html
m.stripe.network/ Frame 72DC 		33 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-578a66643e76d3d4e86b821a1ddf68a2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js.stripe.com/v3/m-outer-8826b02b000b4fc2c04c76c52ebc9050.html

Response headers

server
nginx
content-type
text/html; charset=utf-8
last-modified
Fri, 04 Dec 2020 19:17:49 GMT
etag
W/"5fca8b5d-84a0"
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
public, max-age=300
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Tue, 23 Feb 2021 12:28:21 GMT
age
74
x-served-by
cache-sea4421-SEA, cache-hhn4023-HHN
x-cache
HIT, HIT
x-cache-hits
1, 258
x-timer
S1614083302.782775,VS0,VE0
vary
Accept-Encoding
content-length
12226
6
m.stripe.com/ Frame 72DC 		156 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.120.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-120-14.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
bc46827bb680a376d4d5606a73a7cce7c2665812955cdb4f10f0236c0eb9c793
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Feb 2021 12:28:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
/
api.rollbar.com/api/1/item/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Protocol
H2
Server
35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-rollbar-access-token
Origin
https://subscription-widget-production.mcards.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.9
date
Tue, 23 Feb 2021 12:28:22 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type,x-rollbar-access-token
x-response-time
0ms
via
1.1 google
alt-svc
clear
/
api.rollbar.com/api/1/item/ Frame C750 		100 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rollbar.com/api/1/item/
Requested by
Host: subscription-widget-production.mcards.com
URL: https://subscription-widget-production.mcards.com/_next/static/chunks/b1542cc239bf56c8a14913c0a930efe682b5cf86.3212cbc66fefd57f740c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.81.77 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
77.81.201.35.bc.googleusercontent.com
Software
nginx/1.17.9 /
Resource Hash
da772574237e549005dc4152177a509d8bf9b61512b3979a86cf5cb7a42687c2

Request headers

X-Rollbar-Access-Token
36c0a64fc6da40b8b71d305199057586
Referer
https://subscription-widget-production.mcards.com/?iframe=true&widgetUuid=a2174af0-0cf0-0139-36e5-0242ac110003
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

x-response-time
11ms
date
Tue, 23 Feb 2021 12:28:23 GMT
via
1.1 google
x-rate-limit-limit
10000
x-rate-limit-remaining-seconds
8
server
nginx/1.17.9
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rate-limit-remaining
9998
x-rate-limit-reset
1614083310
access-control-allow-credentials
true
alt-svc
clear
content-length
100

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.entertainment.com.au
URL
https://app.entertainment.com.au/api/widgets/a2174af0-0cf0-0139-36e5-0242ac110003/config

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| mcardsApi

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rollbar.com
app.entertainment.com.au
js.stripe.com
m.stripe.com
m.stripe.network
production.d1c8he8zul0rg4.amplifyapp.com
subscription-widget-production.mcards.com
app.entertainment.com.au
151.101.112.176
2600:9000:206f:fc00:11:6e9c:ebc0:93a1
35.201.81.77
52.36.120.14
65.9.58.78
052528dafa0aebaaf2c80025396be8ab49b6a0b71fd558fe6f8c1c2aae392faa
0c19c6a6ad949baba0e5370d8f61bfbff9580a953222eb42e880d5b17032e853
139609832c16736594948fb310526a584cd3f22c037613559d8830c8442a1043
303ebe696c5acd686abaf6c8811d63732e39794e6299409a8d94fdbf283ecb16
365804b6770e5ed50911d729e5fdfc2a409a0fdfa6125ceb8dd3bc38099714e7
3915e20610713ec1723bf64e4538a363b5bdf5168b98f6517a3ec4e78e30290f
3bb58ec2f960e6635f6beb89f47372fe6c7b0a974dbc898627825120a3d7a885
49342c5a55f41836e6359714a3d17098bb69be2bda50576b41a84472d7537a89
49863f998c71eff4375d76e6d518f2f4f317e19147bb143fc160adfbd5287802
4b937552f203be51562c58a8b999937f30bca0db656d043daa60a4a21088c1ba
5e4b49c38d327fee588c6b95dcee7cd7947703cec1d6c1b4932f2d00abd4aab9
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
67a47c8415ace7852efafb45c960fb53be488ae14e993ad645e6a61f7a567c1b
6a4c2ffbd32bae8e1fd987978fd3cb7da52ccd41ddf048ccc3802422531b921c
934985827c5f652004ec0540caef79b686d7cc10cccc7316bbeaaf505b24cda1
9a1c63cf2ced9935281f7fb07722771aa0b5e7a80d3e06bec806a918badfb20b
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
b13a15482beaa7790fe99a77abf61ec6025aa872b29b080b7c5883619e624ed7
b2dead1df372e79097c3f4979750969bfdf00b33be720c047bc64ddf478629d9
b43a6cba23a5451c6582d39c9e0eddbd8e2aefe18382b4f5095a8e7552286215
bb772414ed0938b27cede6d138877bb0f9e3ca4367b67542137fc926cf4835e9
bc46827bb680a376d4d5606a73a7cce7c2665812955cdb4f10f0236c0eb9c793
be68b76e24ef0e39b3dea99a96886b5993d58b15dae0a557280df12d970c3288
beff505f8e6170ecfa18eaf6d8a90fb24a1f5a29155ec70e6cb7522da14b3c53
d5dd5bccb8879565ce374009556f41ba274873815a33fceb543a41cdf02aadcd
d90cce8593aaa60b6c136c4a3f35dd1d52345329162d26708193651eb4e1c0ae
da772574237e549005dc4152177a509d8bf9b61512b3979a86cf5cb7a42687c2
e1058164407928ba5b097056aefeaf4788879aefc29a10ab3dbc4ac3abc70294