urlscan.io logo urlscan.io
SecurityTrails logo

cpg.gp.com Open in urlscan Pro
157.133.232.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.cpg.gp.digital/ctt?ms=MTc4MDcyMTIS1&kn=6&r=NDQ5NjM5MjgxNjU0S0&b=0&j=MTk2MTUxOTE0MwS2&mt=1&rt=0
Effective URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples...
Submission Tags: falconsandbox
Submission: On January 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 33 HTTP transactions. The main IP is 157.133.232.108, located in United States and belongs to SAP-HYBRIS-WA1, US. The main domain is cpg.gp.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on March 12th 2019. Valid for: 2 years.
This is the only time cpg.gp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.112.69.44 19795 (ACOUSTIC-...)
7 157.133.232.108 397464 (SAP-HYBRI...)
19 2600:9000:20e... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.108.234.6 14340 (SALESFORCE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
33 7
1    74.112.69.44 (United States)

ASN19795 (ACOUSTIC-ATL-01, US)
PTR: recp.rm02.net
links.cpg.gp.digital
7    157.133.232.108 (United States)

ASN397464 (SAP-HYBRIS-WA1, US)
PTR: hybrismailprd.quiltednorthern.com
cpg.gp.com
19    2600:9000:20eb:8600:1b:16e1:800:21 (United States)

ASN16509 (AMAZON-02, US)
d2o3o2wreiygww.cloudfront.net
2    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    13.108.234.6 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl5-iad.la1-c1cs-iad.salesforceliveagent.com
c.la1-c2cs-iad.salesforceliveagent.com
1    2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
19 d2o3o2wreiygww.cloudfront.net cpg.gp.com
d2o3o2wreiygww.cloudfront.net
7 cpg.gp.com cpg.gp.com
d2o3o2wreiygww.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com cpg.gp.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com cpg.gp.com
1 c.la1-c2cs-iad.salesforceliveagent.com cpg.gp.com
1 links.cpg.gp.digital 1 redirects
33 8
Subject Issuer Validity Valid
www3.gppro.com
DigiCert SHA2 High Assurance Server CA		 2019-03-12 -
2021-03-16		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
la1-c1cs-iad.salesforceliveagent.com
DigiCert SHA2 Secure Server CA		 2019-05-06 -
2021-05-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Frame ID: 4FDDCC7651E6A3BE889C5A674A6A3A0C
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.cpg.gp.digital/ctt?ms=MTc4MDcyMTIS1&kn=6&r=NDQ5NjM5MjgxNjU0S0&b=0&j=MTk2MTUxOTE0MwS2&mt=1&rt=0 HTTP 302
    https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+\/(?:sys_master|hybr|_ui\/(?:responsive\/)?(?:desktop|common(?:\/images|\/img)?))\//i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+\/(?:sys_master|hybr|_ui\/(?:responsive\/)?(?:desktop|common(?:\/images|\/img)?))\//i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

33
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

2011 kB
Transfer

5525 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.cpg.gp.digital/ctt?ms=MTc4MDcyMTIS1&kn=6&r=NDQ5NjM5MjgxNjU0S0&b=0&j=MTk2MTUxOTE0MwS2&mt=1&rt=0 HTTP 302
    https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set overview
cpg.gp.com/mystery-coupon/
Redirect Chain
  • http://links.cpg.gp.digital/ctt?ms=MTc4MDcyMTIS1&kn=6&r=NDQ5NjM5MjgxNjU0S0&b=0&j=MTk2MTUxOTE0MwS2&mt=1&rt=0
  • https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMy...
18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
d389f4fa640672e797a6456b5c0f4107f85facbcd1cd36591ae9c260f81d0bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
cpg.gp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:58 GMT
Server
Apache
Retry-After
5400
X-Frame-Options
SAMEORIGIN
Set-Cookie
JSESSIONID=6A40C0BAD1AB022859C7B760423ACD6D.app11; Path=/; Secure; HttpOnly profile.consent.given=false; Max-Age=360000000; Expires=Mon, 14-Jun-2032 21:18:58 GMT; Path=/; Secure anonymous-consents=%5B%5D; Max-Age=31536000; Expires=Mon, 17-Jan-2022 05:18:58 GMT; Path=/; Secure cookie-notification=NOT_ACCEPTED; Max-Age=360000000; Expires=Mon, 14-Jun-2032 21:18:58 GMT; Path=/; Secure
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Pragma
no-cache
Expires
0
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Type
text/html;charset=UTF-8
Content-Language
en
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Sun, 17 Jan 2021 05:18:58 GMT
Location
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Content-Length
0
Connection
close
Content-Type
text/plain; charset=UTF-8
addons_responsive.css
cpg.gp.com/wro/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/wro/addons_responsive.css
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
29c1e112ada89163ea276cc83f533c99ded554852a64ebc397bec2631b0e5efb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
9655
X-XSS-Protection
1; mode=block
pragma
no-cache
Server
Apache
X-Frame-Options
sameorigin
ETag
"3f436caed160815777baee3e65ccacc71b39fdf4"
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
cache-control
no-cache
Keep-Alive
timeout=5, max=99
Retry-After
5400
expires
0
bundle.common.min.css
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/css/ 		131 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/css/bundle.common.min.css
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41215ffb5de722625793db20bd3d229a1edb99955bca62032b486da5bd35a95a

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:29 GMT
content-encoding
gzip
last-modified
Fri, 20 Nov 2020 20:54:42 GMT
server
AmazonS3
age
207571
etag
W/"4bef67f57d2a921618f0d64b97842e8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
eXPQxMLv_7f7MCuNZFc_-pICKhBd6RwfE2dAxbMFsn6_vr3H180E2A==
sapContentPage.css
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/lib/yForms/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/lib/yForms/sapContentPage.css
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07cdf021e450d065b28a6b08b8418fc8d71eef6812a462139a4325c42d26bb07

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:30 GMT
content-encoding
gzip
last-modified
Fri, 20 Nov 2020 20:54:42 GMT
server
AmazonS3
age
207570
etag
W/"06d0489eeaf1aec9b575d7e380c233fd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
IQtmorrU_ZOWt4FpgKZhqa2yrNN8XWiEI0mUAqse0kslMgMtQadYFQ==
marketingpages.styles.min.css
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/css/ 		137 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/css/marketingpages.styles.min.css
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0aa63be158beb8b5c0651f6e3628ae73dee6c66ad086e87db062179b03800ba

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:03:01 GMT
content-encoding
gzip
last-modified
Fri, 20 Nov 2020 20:54:43 GMT
server
AmazonS3
age
119759
etag
W/"bd654846cd670d4536c9c1fbd39d63d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
v8lEbSg49nmMI53C18oxmp2Y0qA9zhWbxByICSYPYiRdSODG4j8YRA==
analyticsmediator.js
cpg.gp.com/_ui/shared/js/ 		1007 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/_ui/shared/js/analyticsmediator.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
e682b9c90570cd1d9ce7b1e07915faafa006e5819ec41a2ce5b1d90c9f394e9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Jan 2021 22:09:20 GMT
Server
Apache
ETag
W/"1007-1610402960000-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public,max-age=6000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Retry-After
5400
generatedVariables.js
cpg.gp.com/_ui/shared/js/ 		272 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/_ui/shared/js/generatedVariables.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 11 Jan 2021 22:09:20 GMT
Server
Apache
ETag
W/"272-1610402960000-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public,max-age=6000
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Retry-After
5400
api.js
www.google.com/recaptcha/ 		850 B
623 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Sun, 17 Jan 2021 05:18:59 GMT
jquery-3.2.1.min.js
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/js/jquery-3.2.1.min.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:31 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 14:07:00 GMT
server
AmazonS3
age
207569
etag
W/"473957cfb255a781b42cb2af51d54a3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
4sr4p3KY_akcL1hwniK9hjHfG-gFpwRSUiRE4rrYFrX5P8Uhk4-Czw==
all_responsive.js
cpg.gp.com/wro/ 		337 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/wro/all_responsive.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
182020e5cb831d1bb1d023e2b2e809190e726f93a0942b1cc8796b824435cbbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
93856
X-XSS-Protection
1; mode=block
pragma
no-cache
Server
Apache
X-Frame-Options
sameorigin
ETag
"dca5f911e5080f27f9ce02dad083a273e45bf130"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
cache-control
no-cache
Keep-Alive
timeout=5, max=100
Retry-After
5400
expires
0
addons_responsive.js
cpg.gp.com/wro/ 		194 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/wro/addons_responsive.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
56a92d86219bdd99eea6c0cd1a8ac62d319639a6a02b97114fb3c6a44ac0d391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
53358
X-XSS-Protection
1; mode=block
pragma
no-cache
Server
Apache
X-Frame-Options
sameorigin
ETag
"e27ad866ba22e5854436238d70e6ddc80cc1df82"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
cache-control
no-cache
Keep-Alive
timeout=5, max=100
Retry-After
5400
expires
0
api.js
www.google.com/recaptcha/ 		907 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c6e0819dc9d245ff23be77471d5c99e8625cf9bd720f27f77dac1add28765ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
574
x-xss-protection
1; mode=block
expires
Sun, 17 Jan 2021 05:18:59 GMT
deployment.js
c.la1-c2cs-iad.salesforceliveagent.com/content/g/js/43.0/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.la1-c2cs-iad.salesforceliveagent.com/content/g/js/43.0/deployment.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.108.234.6 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl5-iad.la1-c1cs-iad.salesforceliveagent.com
Software
Jetty /
Resource Hash
41538a9a2d52f364d491b098924dc70a5d806e23386c34fc9f079c5ec94099e9

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 05:18:59 GMT
Cache-Control
max-age=60, must-revalidate
Last-Modified
Mon, 11 Jan 2021 16:30:04 GMT
Server
Jetty
Accept-Ranges
bytes
Content-Length
41750
Content-Type
application/javascript
bootstrap.min.js
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/bootstrap/dist/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:32 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 14:07:23 GMT
server
AmazonS3
age
207567
etag
W/"04c84852e9937b142ac73c285b895b85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
s6ulC-HU0pLXZTyrogvXlv5GdPhyGDkWDmAdjoxJJyssV0QDJ0FH_w==
manifest.js
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/ 		837 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/manifest.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
949a47d52cfdaacade2d496e9502db01ec38e3e6e6375fc1c59537b26a3c59c3

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:33 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:51 GMT
server
AmazonS3
age
207567
etag
"e3ce8787f8b22aa5c8fcd1732b44b430"
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
837
x-amz-cf-id
g8hPe533ZZ8ZpTVfCiWuiwyHnNRaZoPOh2iHExxhYrU9jxemorP3BA==
vendor.js
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/ 		1 MB
371 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/vendor.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0fdabb9611ded2586ffbfd0ae8368879289184373b69c1eda767ba2abb0d3896

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:33 GMT
content-encoding
gzip
last-modified
Fri, 20 Nov 2020 20:54:55 GMT
server
AmazonS3
age
207567
etag
W/"145579169b4b21cee8e3732307c041a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
2AUWaQM6ZyEuAf_q3NMgHCpPTi9UcFF21Kz3L_QPZ4Wx4wd6gCH7NA==
bundle.common.min.js
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/ 		131 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/bundle.common.min.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce313cdb8b89c481246f465e9220eddd0808de4436beeec2463dd66d9a6f08f4

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 14 Jan 2021 19:39:33 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:45 GMT
server
AmazonS3
age
207567
etag
"d5f0b5866847d8b06971b1974764d415"
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
131
x-amz-cf-id
cm7aJaGo1X2ZkfgciOvC2uquyJoIUNdOURzWz4JiviVMQonIPQ5RNA==
marketingpages.js
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/ 		2 MB
502 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/marketingpages.js
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d3e6d17c750f7d82287aa9e25174e922dc1d2e33c628132a2b737bac5ed8248

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:03:01 GMT
content-encoding
gzip
last-modified
Fri, 20 Nov 2020 20:54:51 GMT
server
AmazonS3
age
119759
etag
W/"c909fabbb2a855ba15806743f3b89b87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
VdUP6za9cC8fZ8qgXax9NwZpPTIgX6r8_AzXez-0rMoWK1muPMLBfQ==
gtm.js
www.googletagmanager.com/ 		87 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M93CJ9
Requested by
Host: cpg.gp.com
URL: https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
165794a91db500f39ae01cf055a2d3fac7d30c816f0c4ffbfe8bd4c7949cdfec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:18:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34110
x-xss-protection
0
last-modified
Sun, 17 Jan 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Jan 2021 05:18:59 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M93CJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
7167
date
Sun, 17 Jan 2021 03:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 17 Jan 2021 05:19:32 GMT
collect
www.google-analytics.com/j/ 		1 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=512700783&t=pageview&_s=1&dl=https%3A%2F%2Fcpg.gp.com%2Fmystery-coupon%2Foverview%3Fcpuserid%3D12A28E70-9C8B-4949-9F54-634F3C527A3F%26qples_uniqueID%3DBLANK%26qples_couponIDs%3DBLANK%26utm_source%3DAcoustic%26utm_medium%3Demail%26utm_content%3DMainCTA_RevealMyMysteryOffer%26utm_campaign%3DMB_FFMysteryOffer%26spMailingID%3D17807212%26spUserID%3DNDQ5NjM5MjgxNjU0S0%26spJobID%3D1961519143%26spReportId%3DMTk2MTUxOTE0MwS2&ul=en-us&de=UTF-8&dt=Mystery%20Savings%20Just%20for%20You!%20-%20Georgia-Pacific%20%7C%20Georgia-Pacific&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=552418124&gjid=1355958749&cid=1033520781.1610860739&tid=UA-59705703-1&_gid=342349866.1610860739&_r=1&gtm=2wg161M93CJ9&z=692565601
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 05:18:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cpg.gp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/ 		334 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/qc5B-qjP0QEimFYUxcpWJy5B/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cpg.gp.com
Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 04:30:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2932
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133916
x-xss-protection
0
last-modified
Sun, 06 Dec 2020 23:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Jan 2022 04:30:07 GMT
token
cpg.gp.com/authorizationserver/oauth/ 		118 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpg.gp.com/authorizationserver/oauth/token?client_id=mobile_android&client_secret=secret&grant_type=client_credentials
Requested by
Host: d2o3o2wreiygww.cloudfront.net
URL: https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/js/vendor.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.133.232.108 , United States, ASN397464 (SAP-HYBRIS-WA1, US),
Reverse DNS
hybrismailprd.quiltednorthern.com
Software
Apache /
Resource Hash
9d4c2b37c69bf707cf3ec2716bf29193392556278ee693be2a75f12dd2c446b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
Authorization
contentType
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Jan 2021 05:19:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Type
application/json;charset=UTF-8
Vary
Accept-Encoding
Cache-Control
no-store
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Keep-Alive
timeout=5, max=99
X-XSS-Protection
1; mode=block
Retry-After
5400
gp-logo.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/gp-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbdbc98950e9a154734b109b864881abb4592573c69e76562950ef9989c23cba

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:03:03 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
age
119758
etag
"8fb53163315225ec4010cec5293f3834"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
5945
x-amz-cf-id
FyDjlFGupSgDxTsXZWeGxxYd8FN0Pr5skkRTx26h2kBr3cJgjd86Pg==
product.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		531 KB
531 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/product.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22a78dcd00ce76ffadefe65c7cecd1701257c7e6ce727f75ba861577dcaeaf6b

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:03:03 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
age
119758
etag
"f417b3a0059e1a1031c063e4fd342177"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
543232
x-amz-cf-id
uULKujPJYo5C7f5Gye2tbGP1VQrLcUsaHWljErCPZDYXXB_CWrg6vA==
logo-as.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/logo-as.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16111e297faf337a3de1ab1681bcd763f632b4ced3f975cacf65e57289bd6c67

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:19:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"1b160e1e1d59f0ca132733faa50ce87f"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17925
x-amz-cf-id
IOlBiDr404pzIsj7Pl-t6cy0gLYfp0ZqzMxgvngF3kQGONyOaUrm7g==
logo-br.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/logo-br.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74061522257982a23db87f61102e7599e00ca97cdcda24e62fdeaed77817cb10

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:19:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"69bafeb94f3ca088c1c759a26a7f5405"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
8814
x-amz-cf-id
UYwvs3YXwtc7Qb6J96Wt4er22LEGOp4CBHgkR6eXH-gwJpVjf0UeZw==
logo-dx.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/logo-dx.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
285be02f55682d6f2d20f319af40059272574bd051f55a5c4f042de376b945cc

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:19:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"ce606b151675a403349605dddc2e37ef"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6952
x-amz-cf-id
8dJJ02FcxaEaStkIibfeu4E3TRX0gXrv98byxHLfAIrZBy12h5Ow9w==
logo-qn2.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/logo-qn2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
373e642ebc9ebcb70baaee6ef7c4ddbd98e0d8b428834d62d2ba4ed29dfbee21

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:19:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"cdc682e8c70d6a6485a15517695d5c32"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
12060
x-amz-cf-id
icLzPc9t6ixdZWDmEng5OfbywC-Kq49tSzs9M-jppo03SADjJS3u-g==
logo-sp.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/logo-sp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1d79a1e05e1277493932832fcc34045c0c6d0a32f70017582f133b560d13f4a

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:19:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"36c73639afbf4b4c298afdc4d0639d4f"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14005
x-amz-cf-id
n83IUDmxc6nL0ZWvIQDDmKx5RXSt1vp-1xN_BNEFrVxDpdHdDj18pg==
logo-vf.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/logo-vf.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37751c3ae1bc41810cb4c3f9fcfd886eb9a2d37cf70b61d3e838949812e8b711

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 05:19:01 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"649474ed2bd2c2752bc311dfa8221ce9"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
7027
x-amz-cf-id
--JFkODmd-PQH0F4ueXyDvgRcEyjA8x8rAh-sySz4xHPv0dq9zWRNQ==
gp-logo-black.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/gp-logo-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85aab710edd49927d9fa9d8fad9fdb1e140055ff9f261faaa38dba5635dd138c

Request headers

Referer
https://cpg.gp.com/mystery-coupon/overview?cpuserid=12A28E70-9C8B-4949-9F54-634F3C527A3F&qples_uniqueID=BLANK&qples_couponIDs=BLANK&utm_source=Acoustic&utm_medium=email&utm_content=MainCTA_RevealMyMysteryOffer&utm_campaign=MB_FFMysteryOffer&spMailingID=17807212&spUserID=NDQ5NjM5MjgxNjU0S0&spJobID=1961519143&spReportId=MTk2MTUxOTE0MwS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:03:03 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
age
119758
etag
"0c76795aca9494c7fae859994f1247c8"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
4239
x-amz-cf-id
9v7D5wyTVwfujmTTi7xF4EQNEQRZizwI7QhUeoEFfYsYqN_M-y9m-g==
header-bg.png
d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/assets/images/crossbrand/header-bg.png
Requested by
Host: d2o3o2wreiygww.cloudfront.net
URL: https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/css/marketingpages.styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8600:1b:16e1:800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a63200b0c1c5d5bebd0e09a9b9c83e621810cdb80970b66f7fcf00443086540e

Request headers

Referer
https://d2o3o2wreiygww.cloudfront.net/y/prd/_ui/responsive/common/dist/static/css/marketingpages.styles.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 15 Jan 2021 20:03:03 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
last-modified
Fri, 20 Nov 2020 20:54:39 GMT
server
AmazonS3
age
119758
etag
"9d34c623e268ba055b58995fed061bba"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
57805
x-amz-cf-id
EPN4Ac58jpx23Mf783Me7w0q5jayeHUHfLWZef9IvwFwFKhrVWhQog==

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| mediator object| ACC object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| screenXs string| screenSm string| screenMd string| screenLg string| screenXsMin string| screenSmMin string| screenMdMin string| screenLgMin string| screenXsMax string| screenSmMax string| screenMdMax object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| recaptcha object| Currency function| floatToString object| enquire function| Imager string| smartEditBootstrapGatewayId function| injectJS function| injectCSS object| ASM undefined| sessionSec undefined| counter undefined| carts function| addASMHandlers function| addASMFormHandler function| addCloseBtnHandler function| addHideBtnHandler function| startTimer function| timerFunc function| resetSession function| finishASMagentSession function| isStartEmulateButtonPresent function| enableAsmPanelButtons function| placeholderNotAvailable function| removeAsmHover function| toggleCreateAccount function| toggleActivationState function| checkSignInButton function| checkStartSessionButton function| checkCartIdFieldAndToggleBind function| toggleBind function| toggleStartSessionButton function| formValidate function| validateEmail function| validateName function| isBlank function| getCookie function| callCreateAccount function| validateNewAccount function| revertAutocompleteNormalize function| isErrorDisplayed function| addCustomerListBtnHandler function| openCustomer360Colorbox function| colorboxResize function| addCustomer360Handler function| addGenericCustomer360Handler function| customer360Callback function| loadCustomer360Fragment function| asmAifSectionClickHandler function| aifSelectLastSection function| aifSelectSection function| getCurrentEmulatedCustomerId function| getCustomerListSearchUrl function| customerListModalHandler function| addCustomerListSelect function| appendCustomerListTable function| replaceCustomerListTable function| populateCustomerListModal function| getAifTablePageSize function| copyToClipBoard function| addRatesTableSorterParser function| removeAsmAlert function| $script object| smartedit function| Color function| Chart function| onloadCallback boolean| liveAgentDeployment object| liveagent function| webpackJsonp object| __core-js_shared__ function| _ function| tmp function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| html2pdf function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| JsBarcode boolean| cartExists object| vm

7 Cookies

Domain/Path Name / Value
.cpg.gp.com/ Name: _gat_UA-59705703-1
Value: 1
.cpg.gp.com/ Name: _gid
Value: GA1.3.342349866.1610860739
cpg.gp.com/ Name: profile.consent.given
Value: false
cpg.gp.com/ Name: cookie-notification
Value: NOT_ACCEPTED
cpg.gp.com/ Name: anonymous-consents
Value: %5B%5D
.cpg.gp.com/ Name: _ga
Value: GA1.3.1033520781.1610860739
cpg.gp.com/ Name: JSESSIONID
Value: 6A40C0BAD1AB022859C7B760423ACD6D.app11

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.la1-c2cs-iad.salesforceliveagent.com
cpg.gp.com
d2o3o2wreiygww.cloudfront.net
links.cpg.gp.digital
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
13.108.234.6
157.133.232.108
2600:9000:20eb:8600:1b:16e1:800:21
2a00:1450:4001:802::2004
2a00:1450:4001:809::2003
2a00:1450:4001:815::2008
2a00:1450:4001:815::200e
74.112.69.44
07cdf021e450d065b28a6b08b8418fc8d71eef6812a462139a4325c42d26bb07
0fdabb9611ded2586ffbfd0ae8368879289184373b69c1eda767ba2abb0d3896
16111e297faf337a3de1ab1681bcd763f632b4ced3f975cacf65e57289bd6c67
165794a91db500f39ae01cf055a2d3fac7d30c816f0c4ffbfe8bd4c7949cdfec
182020e5cb831d1bb1d023e2b2e809190e726f93a0942b1cc8796b824435cbbc
22a78dcd00ce76ffadefe65c7cecd1701257c7e6ce727f75ba861577dcaeaf6b
285be02f55682d6f2d20f319af40059272574bd051f55a5c4f042de376b945cc
29c1e112ada89163ea276cc83f533c99ded554852a64ebc397bec2631b0e5efb
2d3e6d17c750f7d82287aa9e25174e922dc1d2e33c628132a2b737bac5ed8248
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
373e642ebc9ebcb70baaee6ef7c4ddbd98e0d8b428834d62d2ba4ed29dfbee21
37751c3ae1bc41810cb4c3f9fcfd886eb9a2d37cf70b61d3e838949812e8b711
41215ffb5de722625793db20bd3d229a1edb99955bca62032b486da5bd35a95a
41538a9a2d52f364d491b098924dc70a5d806e23386c34fc9f079c5ec94099e9
56a92d86219bdd99eea6c0cd1a8ac62d319639a6a02b97114fb3c6a44ac0d391
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74061522257982a23db87f61102e7599e00ca97cdcda24e62fdeaed77817cb10
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
85aab710edd49927d9fa9d8fad9fdb1e140055ff9f261faaa38dba5635dd138c
949a47d52cfdaacade2d496e9502db01ec38e3e6e6375fc1c59537b26a3c59c3
9c6e0819dc9d245ff23be77471d5c99e8625cf9bd720f27f77dac1add28765ee
9d4c2b37c69bf707cf3ec2716bf29193392556278ee693be2a75f12dd2c446b6
a1d79a1e05e1277493932832fcc34045c0c6d0a32f70017582f133b560d13f4a
a63200b0c1c5d5bebd0e09a9b9c83e621810cdb80970b66f7fcf00443086540e
c04cbfe21e23ceb866fae28e981a17dfe9ce6cb178943dda6f11a495255ec137
c0aa63be158beb8b5c0651f6e3628ae73dee6c66ad086e87db062179b03800ba
ce313cdb8b89c481246f465e9220eddd0808de4436beeec2463dd66d9a6f08f4
d389f4fa640672e797a6456b5c0f4107f85facbcd1cd36591ae9c260f81d0bd5
dbdbc98950e9a154734b109b864881abb4592573c69e76562950ef9989c23cba
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e682b9c90570cd1d9ce7b1e07915faafa006e5819ec41a2ce5b1d90c9f394e9d
ee5705a27fcabf1a7d2f4391315fcb3be207c1c4f4e10bff29291644a3a18840
fb3b275e8321c2c87095a4f4f0fd89fbbbdbe07e6fd5191c4c8ccabfc21692fb