URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Submission: On August 10 via manual from US — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 23 HTTP transactions. The main IP is 3.134.141.92, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is microsoftoffice.offerredemption.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 9th 2023. Valid for: a year.
This is the only time microsoftoffice.offerredemption.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 3.134.141.92 16509 (AMAZON-02)
13 151.101.66.137 54113 (FASTLY)
2 162.247.243.29 54113 (FASTLY)
23 3
Apex Domain
Subdomains
Transfer
13 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 475
49 KB
8 offerredemption.com
microsoftoffice.offerredemption.com
615 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 295
789 B
23 3
Domain Requested by
13 js-agent.newrelic.com microsoftoffice.offerredemption.com
8 microsoftoffice.offerredemption.com microsoftoffice.offerredemption.com
2 bam.nr-data.net microsoftoffice.offerredemption.com
23 3

This site contains links to these domains. Also see Links.

Domain
www.majorrocket.com
Subject Issuer Validity Valid
offerredemption.com
Amazon RSA 2048 M02
2023-05-09 -
2024-06-06
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-04-13 -
2024-05-14
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-11-18 -
2023-12-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Frame ID: 29F11663E5E79BAB85B43194C0FD9043
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Redeem Microsoft Office Lifetime Access

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

664 kB
Transfer

722 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
microsoftoffice.offerredemption.com/
67 KB
68 KB
Document
General
Full URL
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
593d3356a569655e640640ea6e04a3368ed7516b08a2c5acb873167b2b4c0db8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 10 Aug 2023 13:38:50 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
spin.umd.js
microsoftoffice.offerredemption.com/js/
7 KB
8 KB
Script
General
Full URL
https://microsoftoffice.offerredemption.com/js/spin.umd.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5eb8c992bba396fb0ff24f58e875199e1fc8974679334f3043580449f4419a8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 13:38:50 GMT
Last-Modified
Fri, 04 Nov 2022 19:27:40 GMT
Server
Apache
ETag
"1c75-5ecaa113650db"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7285
launching-deals.png
microsoftoffice.offerredemption.com/images/
38 KB
39 KB
Image
General
Full URL
https://microsoftoffice.offerredemption.com/images/launching-deals.png
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f71f841873ffd34176a3a14c01de85cf8ea3ee86f588916d24f0c0cb0798820e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 13:38:51 GMT
Last-Modified
Thu, 23 Sep 2021 20:50:49 GMT
Server
Apache
ETag
"9941-5ccafc9281d24"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39233
inbox.png
microsoftoffice.offerredemption.com/base/images/
1 KB
2 KB
Image
General
Full URL
https://microsoftoffice.offerredemption.com/base/images/inbox.png
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
3220b1029d79dc516eb84d14f90f6360e27b999d087beb8c44ccde91f7ffeada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 13:38:51 GMT
Last-Modified
Fri, 16 Oct 2020 20:06:33 GMT
Server
Apache
ETag
"5a6-5b1cf4d1b5017"
Upgrade
h2,h2c
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1446
msoffice.png
microsoftoffice.offerredemption.com/images/products/
111 KB
111 KB
Image
General
Full URL
https://microsoftoffice.offerredemption.com/images/products/msoffice.png
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cf8568a5366cf1dc6c11d13d790f402817c27fa61201b4216f618f5b4d8fa6a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 13:38:51 GMT
Last-Modified
Wed, 10 May 2023 16:07:51 GMT
Server
Apache
ETag
"1ba10-5fb5912e257f4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113168
msoffice-mso1.jpg
microsoftoffice.offerredemption.com/images/products/
250 KB
250 KB
Image
General
Full URL
https://microsoftoffice.offerredemption.com/images/products/msoffice-mso1.jpg
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
dd4596e0d88f223cec4778a47938020f157ecedf3a71d997866b23d5d2092628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 13:38:51 GMT
Last-Modified
Thu, 11 May 2023 16:27:42 GMT
Server
Apache
ETag
"3e676-5fb6d77c285f7"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
255606
msoffice-mso2.jpg
microsoftoffice.offerredemption.com/images/products/
135 KB
136 KB
Image
General
Full URL
https://microsoftoffice.offerredemption.com/images/products/msoffice-mso2.jpg
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
b69dfb603fc2b06104bc1af19bbbe9d7b7b47a945e1a5dd3c96d0d6eba02fab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 10 Aug 2023 13:38:51 GMT
Last-Modified
Thu, 11 May 2023 16:27:42 GMT
Server
Apache
ETag
"21d69-5fb6d77c285f7"
Upgrade
h2,h2c
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
138601
/
microsoftoffice.offerredemption.com/
67 B
1 KB
Fetch
General
Full URL
https://microsoftoffice.offerredemption.com/
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.134.141.92 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-134-141-92.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c4f6391f9792c0f1e96b59f28f30fc002e4269a1b0355e57d4f286dc6a8d77bb

Request headers

Referer
https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
tracestate
4085994@nr=0-1-4085994-1134358366-3ae2d7f60de205cb----1691674731050
traceparent
00-4263d254dc40c4a650dfceb08290bf00-3ae2d7f60de205cb-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQwODU5OTQiLCJhcCI6IjExMzQzNTgzNjYiLCJpZCI6IjNhZTJkN2Y2MGRlMjA1Y2IiLCJ0ciI6IjQyNjNkMjU0ZGM0MGM0YTY1MGRmY2ViMDgyOTBiZjAwIiwidGkiOjE2OTE2NzQ3MzEwNTB9fQ==
content-type
application/json

Response headers

Pragma
no-cache
Date
Thu, 10 Aug 2023 13:38:51 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://microsoftoffice.offerredemption.com
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
Content-Length
67
Expires
Thu, 19 Nov 1981 08:52:00 GMT
async-api.e9f77430-1.237.1.min.js
js-agent.newrelic.com/
3 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/async-api.e9f77430-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
370a9e517ef0694db38a18b53a46711e1461912f0074f024db5373ff946fc894
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
Nnzi3DxfGlFxxxaHTHoVoaEtXaaSwSj1
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
FGM44G2H3T95M0RG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1384
x-amz-id-2
pYMoGKzxpzTDzhmdjTgFG5JFai/unv5XW+Eo4tyfxeb6QhVr+NUuCnGsSPtGwjMZeEidI8tMaCw=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691674732.028733,VS0,VE0
etag
"193a6d6f02af9cfb9888de413246e90b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3688
860.95a91211-1.237.1.min.js
js-agent.newrelic.com/
14 KB
5 KB
Script
General
Full URL
https://js-agent.newrelic.com/860.95a91211-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0aee72df00de1dcfe4d631dd2a72979cee0e756ef7e243b2799856582c44557
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
EoQgbqtiNktUFHe2XcVVByjJaUw3xjmB
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
FGME0EFST6A5NB5B
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5422
x-amz-id-2
Th5W14ONfFa1hPkjGXdAwsnAcmTWbhXtOnkYTgyxzqjdHoN5/7oAlCp3nkLVz675UvH0slqFSN0=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.028737,VS0,VE0
etag
"b550851fb79f7d61442ca34a6120ac44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3729
session-manager.d080e4cc-1.237.1.min.js
js-agent.newrelic.com/
1 KB
1 KB
Script
General
Full URL
https://js-agent.newrelic.com/session-manager.d080e4cc-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
oaOpBoY_R0Emmn1D4qOBGa8Bli_CwZsc
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
FGM1T0AT17NVAZ13
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
686
x-amz-id-2
O6L3Ip1/4vY5L1/soaX8sXkNC/gXPkvDfaja4IcpjlxbDAWhaXoBV8SjiDx7hZYgttdDgTYrt4U=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.028729,VS0,VE0
etag
"a097cb2068fb2d63e521cacf139c921d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3325
lazy-feature-loader.c1052c27-1.237.1.min.js
js-agent.newrelic.com/
1 KB
844 B
Script
General
Full URL
https://js-agent.newrelic.com/lazy-feature-loader.c1052c27-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f51d7bb4a7314fbd42bd5a2cec23adcfd23441c6539c3437cac22bc10c285a5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
4gplzRtxWsISTBSfvxcHM2iQ7IWskafp
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
FGMFHKA8BCZDAHJD
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
422
x-amz-id-2
b1C6Hx7FixjbCwFIc+5ICMs9iLzGLUJtTJaIbhcfAT1kfqQ6k4sioRXp5G7/iX9xorqroX6uKSI=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691674732.077237,VS0,VE0
etag
"e2a4dffecb3f725ca685cfc37cc223f8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3455
646.9e7a6b8d-1.237.1.min.js
js-agent.newrelic.com/
8 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/646.9e7a6b8d-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de72c7056110de6c12aefd6fedb26a0e323d4cfab62d84c64db52e168af372e5
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
J93EXw1eqMtGdXxiO91RJ8N7Vb2Flihy
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VJ869YA1CC3394
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3460
x-amz-id-2
7fIhRwbqln0AFC4AK5A665eA4jDD4mVUfLc87VlErCNtrPMQrbVJjBEkcCgJ8km/2QVNwyxyw+E=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691674732.118316,VS0,VE0
etag
"ec83dba32689d4a796844e10a31121ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2882
page_view_event-aggregate.4988d952-1.237.1.min.js
js-agent.newrelic.com/
11 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.4988d952-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7662a5a8640648c39b824f101e232d34b73499503492d05394988f00ab79f1b4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
97KO3uF7bK0xbSFbyTLOB.IfHKJDnJRG
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VRE94K7XRRMEKF
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4294
x-amz-id-2
Yz1zUSno2wNxfKe4XnAb95sfluvgftG6IT0ySvYWfSXH/AG7aUpLcOpFzZakSBkiNwYvHyaC5gk=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.118554,VS0,VE0
etag
"82daa027f82e87cd1c2fdffd51598981"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3454
page_view_timing-aggregate.7b2a53ee-1.237.1.min.js
js-agent.newrelic.com/
15 KB
6 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.7b2a53ee-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1c8bf8b428570336332bf63dd4efaf9e41b95dd4d83e324592d87d3042f747e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
9V3_HBwcuGR4s0SRIPY4jJi2AWvILXpO
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VYTC65XAS3WA5V
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5638
x-amz-id-2
2WR1q1UWLCH5CBEXlilo1jPYP4cR1ZF8dL5IU8GOnsi9ZlRtZC6OgyISGCycUyId7zIRsJp8hpc=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.119393,VS0,VE0
etag
"be733f239fd67b0efd24d572dfe8263c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3448
metrics-aggregate.b86cefcf-1.237.1.min.js
js-agent.newrelic.com/
9 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/metrics-aggregate.b86cefcf-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
141c410edab90686e098d4a827e8b79d8c8e295694508ddb4e3003f955127b65
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
dqbxt2r61x_OSAHoWthSPNHI9j_y3Vhk
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VZ3551HKA05NVV
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3060
x-amz-id-2
mwGokb8xilNe2NDwDN/oGsjr0G6h0rybiuYfofj8129iB+pgsDGxKsFVv3svieqzkZFXUjpUfk4=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.119204,VS0,VE0
etag
"41c470a0065b8af87ec8b24a5a1862ca"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3449
jserrors-aggregate.319b8300-1.237.1.min.js
js-agent.newrelic.com/
9 KB
4 KB
Script
General
Full URL
https://js-agent.newrelic.com/jserrors-aggregate.319b8300-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54139966e109c68735a44b35b95246e11cdd5650953f83ddcc313918c1781f1c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
Wqoe0vEV1sR_CfPyr.jdfBzQfelSdNcp
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VMWWZCE4MFB5JP
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3788
x-amz-id-2
up+jUAFj4zLP+of2eTkdvmauhPiKbn9V8CJ2oAOk4hKxq7jFFhrzB+VvzNX2fKgPVwEQ3D0n6f4=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691674732.119849,VS0,VE0
etag
"35a3ce136e1282f16781b827a37a89f7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2489
ajax-aggregate.d95c640e-1.237.1.min.js
js-agent.newrelic.com/
7 KB
3 KB
Script
General
Full URL
https://js-agent.newrelic.com/ajax-aggregate.d95c640e-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd5e7c7720684f36bf690799e993f4596a528ddad2d2b0776a44b54f351a346a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
5_bUHwPFgsylfRZgZg9LU_MxHwk2thZV
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VQY4G3XQSMJYF3
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3180
x-amz-id-2
gZkKjU1CwwXSIV0FoCP6NMdIG7v3dgxRy3BYRq1FpoUd84Hoe2pcgjeMPUoNYE1+7h9yo+p4ziI=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:07 GMT
server
AmazonS3
x-timer
S1691674732.120849,VS0,VE0
etag
"d560f610f09ecacfa4f67f360dc3de45"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2494
session_trace-aggregate.ac30a1f3-1.237.1.min.js
js-agent.newrelic.com/
12 KB
5 KB
Script
General
Full URL
https://js-agent.newrelic.com/session_trace-aggregate.ac30a1f3-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3311fa9ef47f454f5320d40bcd3f91242131a623ed05fdc413ef3be5c04c99b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
a..pyNDlrB77mwaqeUK7hJqVgFTMus.l
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VY1WTDQM4P56M0
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4723
x-amz-id-2
DxeotEqCmAhFuT4c+imdVjKpUEomTgOvka4uVVqqXSymSQml8uWe9LurQVts8jsT+gPY9kU1gUY=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.120826,VS0,VE0
etag
"8363afb49dbbbf0e3cead025aa695785"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2487
page_action-aggregate.467f8594-1.237.1.min.js
js-agent.newrelic.com/
5 KB
2 KB
Script
General
Full URL
https://js-agent.newrelic.com/page_action-aggregate.467f8594-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c4c64480a62d4461b33a7b3b890215112602eb40ba0c9237f20acda99313da6
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
poxkzUMPnKJ.fArM4f0sbBjh6siyXLRa
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VZ4B5BJF9N7M7F
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1947
x-amz-id-2
eZTsI7uuiEeD9A6gU/g/PuS4oF9ocdVaNldnnaw7vyuI9GpWCq3CDWNTXQbt7qoEztQW5jOulwY=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.122001,VS0,VE0
etag
"33a909348b29a0c055bef58833261435"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2477
spa-aggregate.550eec7b-1.237.1.min.js
js-agent.newrelic.com/
20 KB
8 KB
Script
General
Full URL
https://js-agent.newrelic.com/spa-aggregate.550eec7b-1.237.1.min.js
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78b18cfd9628f122a101ef693f21138d554ca7d55ff3c595c4d69c9b420714b4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://microsoftoffice.offerredemption.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
yyO9gZPZh3EXOIuKtrznWz3VbTeouUgJ
content-encoding
br
via
1.1 varnish
date
Thu, 10 Aug 2023 13:38:52 GMT
strict-transport-security
max-age=300
x-amz-request-id
M1VZ4Q908HVWHEF5
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
7763
x-amz-id-2
FPb2G83kvp9Guvab+vZETdM4vaWeQqCvnWUZyPVJUmDk/Oo4UyuZBq/4O4xzVai7Zsv3Pa8Rjss=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 02 Aug 2023 19:59:08 GMT
server
AmazonS3
x-timer
S1691674732.122546,VS0,VE0
etag
"22f63f3005d466203719daf86f994001"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1912
NRJS-fafc06a56aaa65a0d9a
bam.nr-data.net/1/
40 B
425 B
XHR
General
Full URL
https://bam.nr-data.net/1/NRJS-fafc06a56aaa65a0d9a?a=1041362499&v=1.237.1&to=MQdSZRAHDxZYVERRXQhNcVIWDw4LFg%3D%3D&rst=2202&ck=0&s=4ab4d08bb7f662dd&ref=https://microsoftoffice.offerredemption.com/&af=err,xhr,stn,ins,spa&ap=37&be=789&fe=1187&dc=386&at=HUBRE1gdHBg%3D&perf=%7B%22timing%22:%7B%22of%22:1691674729947,%22n%22:0,%22dn%22:1,%22dne%22:111,%22c%22:111,%22s%22:239,%22ce%22:496,%22rq%22:496,%22rp%22:789,%22rpe%22:917,%22di%22:1175,%22ds%22:1175,%22de%22:1175,%22dc%22:1973,%22l%22:1973,%22le%22:1976%7D,%22navigation%22:%7B%7D%7D&fp=1184&fcp=1184
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://microsoftoffice.offerredemption.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 10 Aug 2023 13:38:52 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://microsoftoffice.offerredemption.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-fra-eddf8230022-FRA
NRJS-fafc06a56aaa65a0d9a
bam.nr-data.net/events/1/
24 B
364 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/NRJS-fafc06a56aaa65a0d9a?a=1041362499&v=1.237.1&to=MQdSZRAHDxZYVERRXQhNcVIWDw4LFg%3D%3D&rst=2853&ck=0&s=4ab4d08bb7f662dd&ref=https://microsoftoffice.offerredemption.com/
Requested by
Host: microsoftoffice.offerredemption.com
URL: https://microsoftoffice.offerredemption.com/?code=GR6VG5Y9R3HV36
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://microsoftoffice.offerredemption.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 10 Aug 2023 13:38:53 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://microsoftoffice.offerredemption.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230022-FRA

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA object| Spin function| onValidateCode

3 Cookies

Domain/Path Name / Value
microsoftoffice.offerredemption.com/ Name: PHPSESSID
Value: l6fk15i94e0520ar1d07thhd0p
microsoftoffice.offerredemption.com/ Name: AWSALB
Value: bpPSddE3668IljqDEFYmX+ZglJrEj6kMUWyGr4uLkf8p8yqYqHk2mpJRtON5uTzUYkHEabCT2/J7kQ2niRpoGy7X8LOOFoFVg3+MpXEGTWwQRiUaM3XfJJu4Ip1x
microsoftoffice.offerredemption.com/ Name: AWSALBCORS
Value: bpPSddE3668IljqDEFYmX+ZglJrEj6kMUWyGr4uLkf8p8yqYqHk2mpJRtON5uTzUYkHEabCT2/J7kQ2niRpoGy7X8LOOFoFVg3+MpXEGTWwQRiUaM3XfJJu4Ip1x

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
microsoftoffice.offerredemption.com
151.101.66.137
162.247.243.29
3.134.141.92
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
141c410edab90686e098d4a827e8b79d8c8e295694508ddb4e3003f955127b65
3220b1029d79dc516eb84d14f90f6360e27b999d087beb8c44ccde91f7ffeada
370a9e517ef0694db38a18b53a46711e1461912f0074f024db5373ff946fc894
54139966e109c68735a44b35b95246e11cdd5650953f83ddcc313918c1781f1c
593d3356a569655e640640ea6e04a3368ed7516b08a2c5acb873167b2b4c0db8
5c4c64480a62d4461b33a7b3b890215112602eb40ba0c9237f20acda99313da6
5eb8c992bba396fb0ff24f58e875199e1fc8974679334f3043580449f4419a8c
7662a5a8640648c39b824f101e232d34b73499503492d05394988f00ab79f1b4
78b18cfd9628f122a101ef693f21138d554ca7d55ff3c595c4d69c9b420714b4
8f51d7bb4a7314fbd42bd5a2cec23adcfd23441c6539c3437cac22bc10c285a5
a1c8bf8b428570336332bf63dd4efaf9e41b95dd4d83e324592d87d3042f747e
b69dfb603fc2b06104bc1af19bbbe9d7b7b47a945e1a5dd3c96d0d6eba02fab0
c0aee72df00de1dcfe4d631dd2a72979cee0e756ef7e243b2799856582c44557
c4f6391f9792c0f1e96b59f28f30fc002e4269a1b0355e57d4f286dc6a8d77bb
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
cf8568a5366cf1dc6c11d13d790f402817c27fa61201b4216f618f5b4d8fa6a1
dd4596e0d88f223cec4778a47938020f157ecedf3a71d997866b23d5d2092628
de72c7056110de6c12aefd6fedb26a0e323d4cfab62d84c64db52e168af372e5
e3311fa9ef47f454f5320d40bcd3f91242131a623ed05fdc413ef3be5c04c99b
f71f841873ffd34176a3a14c01de85cf8ea3ee86f588916d24f0c0cb0798820e
fd5e7c7720684f36bf690799e993f4596a528ddad2d2b0776a44b54f351a346a