urlscan.io logo urlscan.io
SecurityTrails logo

cardsahoy.metalist.io Open in urlscan Pro
52.65.72.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://cardsahoy.metalist.io/icekey
Submission: On February 19 via api from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 52.65.72.186, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is cardsahoy.metalist.io.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on February 28th 2023. Valid for: a year.
This is the only time cardsahoy.metalist.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 52.65.72.186 16509 (AMAZON-02)
2 142.251.221.74 15169 (GOOGLE)
9 13.35.148.165 ()
2 142.250.67.8 15169 (GOOGLE)
3 142.250.204.14 15169 (GOOGLE)
2 142.251.221.67 15169 (GOOGLE)
21 7
3    52.65.72.186 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-65-72-186.ap-southeast-2.compute.amazonaws.com
cardsahoy.metalist.io
2    142.251.221.74 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net
fonts.googleapis.com
9    13.35.148.165 (United States)

ASN- ()
PTR: server-13-35-148-165.syd1.r.cloudfront.net
d2ro9ii566d8zi.cloudfront.net
2    142.250.67.8 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f8.1e100.net
www.googletagmanager.com
3    142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net
www.google-analytics.com
2    142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 cloudfront.net
d2ro9ii566d8zi.cloudfront.net
805 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
356 B
3 metalist.io
cardsahoy.metalist.io
2 KB
2 gstatic.com
fonts.gstatic.com
78 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
182 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
122 KB
21 6
Domain Requested by
9 d2ro9ii566d8zi.cloudfront.net cardsahoy.metalist.io
d2ro9ii566d8zi.cloudfront.net
3 www.google-analytics.com www.googletagmanager.com
3 cardsahoy.metalist.io d2ro9ii566d8zi.cloudfront.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com cardsahoy.metalist.io
d2ro9ii566d8zi.cloudfront.net
2 fonts.googleapis.com cardsahoy.metalist.io
d2ro9ii566d8zi.cloudfront.net
21 6

This site contains links to these domains. Also see Links.

Domain
twitter.com
discord.com
www.facebook.com
t.me
medium.com
www.youtube.com
Subject Issuer Validity Valid
*.metalist.io
TrustAsia RSA DV TLS CA G2		 2023-02-28 -
2024-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cardsahoy.metalist.io/icekey
Frame ID: 7A11212A4CB7B3A3BD7427FE8EA7B2AF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cards Ahoy! game

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

1190 kB
Transfer

3406 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request icekey
cardsahoy.metalist.io/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.65.72.186 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-65-72-186.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
80db0ae9e3466454bc68b44db4d4ffbef203a6d47a1b6ef5cedc209d1434ad26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 19 Feb 2024 06:32:31 GMT
etag
W/"65ba0b5c-ca6"
last-modified
Wed, 31 Jan 2024 08:57:00 GMT
server
nginx/1.19.10
vary
Accept-Encoding
via
kong/1.5.1
x-kong-proxy-latency
0
x-kong-upstream-latency
1
css2
fonts.googleapis.com/ 		479 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@400;500;700;800&family=Roboto:wght@400;500;700;800&family=Inter:wght@400;500;600;700&family=Rosario:wght@400;500;600;700&display=swap
Requested by
Host: cardsahoy.metalist.io
URL: https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
8612b8e419216c7840c1f52574ed2fb5f54de45bfe38c57196761302e111bcc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Feb 2024 06:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 06:32:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Feb 2024 06:32:31 GMT
index-17084132.js
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-17084132.js
Requested by
Host: cardsahoy.metalist.io
URL: https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7ebc60bcddc75f2acc3637703fce83f24623f7549d789a1c525a75b32d8a6cd

Request headers

Referer
https://cardsahoy.metalist.io/
Origin
https://cardsahoy.metalist.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 10:02:16 GMT
content-encoding
br
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
73816
etag
W/"baf418b24f72e4439b493ad490be9721"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
TRMuFykLNeLL5QmVlWiA5JQXNkwjV-govjCKwPxdiw3fIHUEW6fgzQ==
index-b61c306e.css
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		194 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Requested by
Host: cardsahoy.metalist.io
URL: https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b61c306eca8e5fce457eb10caf6277a0abff1532295608b9b128b76c58b697b2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 10:02:16 GMT
content-encoding
br
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
73816
etag
W/"0224d43d00f3212274cf0da7cbe1461f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
j17KiVKXQHW-aHjmbBDKJAJqH85lgFWJ5c3bS16_-SCAAkRwmUhT7A==
js
www.googletagmanager.com/gtag/ 		279 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9KEJC4W2WC
Requested by
Host: cardsahoy.metalist.io
URL: https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
869a3a57f7bac02bc39bda91762e14e787389921ca547d3f3ea9a26484486445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:32:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94882
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Feb 2024 06:32:31 GMT
collect
www.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9KEJC4W2WC&gtm=45je42e0v9134035245za200&_p=1708324352105&gcd=13l3l3l3l1&npa=0&dma=0&cid=1151905580.1708324352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708324352&sct=1&seg=0&dl=https%3A%2F%2Fcardsahoy.metalist.io%2Ficekey&dt=Cards%20Ahoy!%20game&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1576
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KEJC4W2WC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 06:32:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cardsahoy.metalist.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		3 KB
809 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-17084132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f10.1e100.net
Software
ESF /
Resource Hash
5d6d9663331261c3447fef941fc4576216a8e4a7cb976983186d980efe22b540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 19 Feb 2024 06:32:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 05:23:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Feb 2024 06:32:32 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-111SN9Q2WG
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-17084132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ba896d100ecb16d13ca5f4edf106962c62244019afc7d95e72fa07b8a6f3dc01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:32:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Feb 2024 06:32:32 GMT
ipCanAccess
cardsahoy.metalist.io/api/universal/ 		42 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cardsahoy.metalist.io/api/universal/ipCanAccess
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-17084132.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.65.72.186 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-65-72-186.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
16ef90d7361bdbc27b772f3d31d69719563715b373a6646ef328f06b646e7fa2

Request headers

Accept
application/json, text/plain, */*
Referer
https://cardsahoy.metalist.io/icekey
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Feb 2024 06:32:32 GMT
via
kong/1.5.1
server
nginx/1.19.10
x-kong-proxy-latency
1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://cardsahoy.metalist.io
x-kong-upstream-latency
106
access-control-expose-headers
Authorization-Token
access-control-allow-credentials
true
logo-ae65a54b.png
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/logo-ae65a54b.png
Requested by
Host: cardsahoy.metalist.io
URL: https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae65a54b9eecc53d0ad8e41eda5b01cd3cd2471cd7e90101c64a10671d98f0ea

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 10:02:19 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
73814
etag
"ef7fb21e61b1971ddd878900d0b307ef"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
11733
x-amz-cf-id
GKTW0AWzM6PFw9eChFWaKhByzaAfCRVChLVol4M-ZhVXdQoZnzqT-Q==
metalist_lab_logo-e2e51ef1.png
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/metalist_lab_logo-e2e51ef1.png
Requested by
Host: cardsahoy.metalist.io
URL: https://cardsahoy.metalist.io/icekey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2e51ef128eeabbda0bf969489a376aa6f7ea1afc7b5cf710ca3c77377000366

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 10:02:19 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:51 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
73814
etag
"07a4184f13bd8345108aeaffacaaaa96"
x-amz-server-side-encryption
AES256
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12392
x-amz-cf-id
wKh7L-UXT-UMY1nzVUjFBGKHld21wYFHEcx95dcMyTC3DU-T-OJk2g==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
462d2b1fb07c090534836d5ea2316fdd5eff007ab4d9abadc3a3dcac7179627b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
bg-1d96eea0.jpg
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/bg-1d96eea0.jpg
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d96eea0eccab4f5c92b7e4699b1b0416a1bcee99ed1a8433ceaec5c9665fed4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:32:33 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
etag
"4ba8a34796d55b70e9dc33096efde5e5"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
107769
x-amz-cf-id
mneIBt9gbLRspn-xww1XHTg43m6tpqKLn1IE3YC310naNUcjusXXfA==
iceKeyTitle-0f3f7ebe.png
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/iceKeyTitle-0f3f7ebe.png
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f3f7ebe60e01e8924c1e74ce781262f859354d3969b70114586b6b00fc7a749

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:32:33 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
etag
"5b3e8af55a9ca4dccf5dcd85fe95fe1a"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10798
x-amz-cf-id
sD86lLlrQTEoQC5kVmVmAz1Z921cuoi9F3k-Hdo-ct4w9DKpe8KJiw==
bg-login-normal-3131b694.png
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/bg-login-normal-3131b694.png
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3131b69466d1dc9c1e54115ea9c12d20290018e401942dacb576cc3219eaa12a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:32:33 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
etag
"8ab653ac8070b136d7ffad84e26e8e4b"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10494
x-amz-cf-id
GHBs4FVnLWKPlV0KBvJgUBCWMpoeTyW8oIH1IEZn6m4Wq65_TLuERg==
bg_faq-69afd5aa.png
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/bg_faq-69afd5aa.png
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69afd5aa863c6f885d3fdcf127b38fd9de90b02ecae17aff60de7ee8c330b652

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:32:33 GMT
via
1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
x-amz-server-side-encryption
AES256
etag
"8c6f7dbebcf4b91dda801a11c772729b"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
23433
x-amz-cf-id
s_f3cYL3bPHI-HjtQ46OF-j8vhKmdkXlvh7UlpUucJVQLi-NDIxFIQ==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ae2a4367b2ab6188dcb118881a6d36de5aaa6c33d7c78f5cb27accfe355c986

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
xfux0WDhWW_fOEoY2FP9zQ.woff2
fonts.gstatic.com/s/rosario/v31/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rosario/v31/xfux0WDhWW_fOEoY2FP9zQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@400;500;700;800&family=Roboto:wght@400;500;700;800&family=Inter:wght@400;500;600;700&family=Rosario:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
ae6cecb84af93696b1e4e43d27cc8bb979131ed177bde1ca4512a787bd60929c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cardsahoy.metalist.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 01:18:51 GMT
x-content-type-options
nosniff
age
105221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32220
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 21:14:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Feb 2025 01:18:51 GMT
BerlinSansFBDemiBold-4c50d832.ttf
d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/ 		95 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/BerlinSansFBDemiBold-4c50d832.ttf
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.165 , United States, ASN (),
Reverse DNS
server-13-35-148-165.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c50d832f4e1401e226566159735dae932dd224d795ac57772061096117e4147

Request headers

Referer
https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-b61c306e.css
Origin
https://cardsahoy.metalist.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 10:02:19 GMT
content-encoding
br
via
1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
last-modified
Wed, 31 Jan 2024 09:03:50 GMT
server
AmazonS3
x-amz-cf-pop
SYD1-C1
age
73814
etag
W/"b6539b6d3432c623d8d4f9cc2a29589e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
font/ttf
access-control-allow-origin
*
x-amz-cf-id
dZDDFm9XJINz2FKhN_IWyIE5T-17cfzQjcmaoFZ0xQpxGlixX9xNkg==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=M+PLUS+Rounded+1c:wght@400;500;700;800&family=Roboto:wght@400;500;700;800&family=Inter:wght@400;500;600;700&family=Rosario:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cardsahoy.metalist.io
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 16 Feb 2024 07:55:45 GMT
x-content-type-options
nosniff
age
254207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Feb 2025 07:55:45 GMT
activationCodePrizeInfo
cardsahoy.metalist.io/api/activity/v2/ 		105 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cardsahoy.metalist.io/api/activity/v2/activationCodePrizeInfo
Requested by
Host: d2ro9ii566d8zi.cloudfront.net
URL: https://d2ro9ii566d8zi.cloudfront.net/cards-ahoy-website/assets/index-17084132.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.65.72.186 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-65-72-186.ap-southeast-2.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
ec13b597babe0cea70d9ee2aa6a0e8245aa9af12b464f9dae4ae2dc6d6fcd284

Request headers

Accept
application/json, text/plain, */*
Referer
https://cardsahoy.metalist.io/icekey
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Feb 2024 06:32:32 GMT
via
kong/1.5.1
server
nginx/1.19.10
x-kong-proxy-latency
1
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://cardsahoy.metalist.io
x-kong-upstream-latency
105
access-control-expose-headers
Authorization-Token
access-control-allow-credentials
true
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-111SN9Q2WG&gtm=45je42e0v9174283209za200&_p=1708324352105&gcd=13l3l3l3l1&npa=0&dma=0&cid=1151905580.1708324352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708324352&sct=1&seg=0&dl=https%3A%2F%2Fcardsahoy.metalist.io%2Ficekey&dt=Cards%20Ahoy!%20game&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1969
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-111SN9Q2WG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 06:32:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cardsahoy.metalist.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9KEJC4W2WC&gtm=45je42e0v9134035245za200&_p=1708324352105&gcd=13l3l3l3l1&npa=0&dma=0&cid=1151905580.1708324352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708324352&sct=1&seg=0&dl=https%3A%2F%2Fcardsahoy.metalist.io%2Ficekey&dt=Cards%20Ahoy!%20game&en=scroll&epn.percent_scrolled=90&_et=27&tfd=6605
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KEJC4W2WC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cardsahoy.metalist.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Feb 2024 06:32:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cardsahoy.metalist.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| isMobile function| isIframe function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime

3 Cookies

Domain/Path Name / Value
.metalist.io/ Name: _ga
Value: GA1.1.1151905580.1708324352
.metalist.io/ Name: _ga_9KEJC4W2WC
Value: GS1.1.1708324352.1.0.1708324352.0.0.0
.metalist.io/ Name: _ga_111SN9Q2WG
Value: GS1.1.1708324352.1.0.1708324352.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cardsahoy.metalist.io
d2ro9ii566d8zi.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
www.googletagmanager.com
13.35.148.165
142.250.204.14
142.250.67.8
142.251.221.67
142.251.221.74
52.65.72.186
0f3f7ebe60e01e8924c1e74ce781262f859354d3969b70114586b6b00fc7a749
16ef90d7361bdbc27b772f3d31d69719563715b373a6646ef328f06b646e7fa2
1ae2a4367b2ab6188dcb118881a6d36de5aaa6c33d7c78f5cb27accfe355c986
1d96eea0eccab4f5c92b7e4699b1b0416a1bcee99ed1a8433ceaec5c9665fed4
3131b69466d1dc9c1e54115ea9c12d20290018e401942dacb576cc3219eaa12a
462d2b1fb07c090534836d5ea2316fdd5eff007ab4d9abadc3a3dcac7179627b
4c50d832f4e1401e226566159735dae932dd224d795ac57772061096117e4147
5d6d9663331261c3447fef941fc4576216a8e4a7cb976983186d980efe22b540
69afd5aa863c6f885d3fdcf127b38fd9de90b02ecae17aff60de7ee8c330b652
80db0ae9e3466454bc68b44db4d4ffbef203a6d47a1b6ef5cedc209d1434ad26
8612b8e419216c7840c1f52574ed2fb5f54de45bfe38c57196761302e111bcc2
869a3a57f7bac02bc39bda91762e14e787389921ca547d3f3ea9a26484486445
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
ae65a54b9eecc53d0ad8e41eda5b01cd3cd2471cd7e90101c64a10671d98f0ea
ae6cecb84af93696b1e4e43d27cc8bb979131ed177bde1ca4512a787bd60929c
b61c306eca8e5fce457eb10caf6277a0abff1532295608b9b128b76c58b697b2
ba896d100ecb16d13ca5f4edf106962c62244019afc7d95e72fa07b8a6f3dc01
d7ebc60bcddc75f2acc3637703fce83f24623f7549d789a1c525a75b32d8a6cd
e2e51ef128eeabbda0bf969489a376aa6f7ea1afc7b5cf710ca3c77377000366
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec13b597babe0cea70d9ee2aa6a0e8245aa9af12b464f9dae4ae2dc6d6fcd284