urlscan.io logo urlscan.io
SecurityTrails logo

www.overturepromotions.com Open in urlscan Pro
54.91.59.199  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://overturepromo.com/
Effective URL: https://www.overturepromotions.com/
Submission: On December 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 39 HTTP transactions. The main IP is 54.91.59.199, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.overturepromotions.com.
TLS certificate: Issued by R3 on November 21st 2022. Valid for: 3 months.
This is the only time www.overturepromotions.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 96.45.82.8 16552 (TIGGEE)
31 54.91.59.199 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:e2:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
39 6
1    96.45.82.8 (United States)

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com
overturepromo.com
31    54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com
www.overturepromotions.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
31 overturepromotions.com
www.overturepromotions.com
3 MB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 849
88 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
43 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 750
20 KB
1 overturepromo.com
overturepromo.com
187 B
39 6
Domain Requested by
31 www.overturepromotions.com www.overturepromotions.com
4 use.fontawesome.com www.overturepromotions.com
use.fontawesome.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com www.overturepromotions.com
1 maxcdn.bootstrapcdn.com www.overturepromotions.com
1 overturepromo.com 1 redirects
39 6

This site contains links to these domains. Also see Links.

Domain
overturemarket.espwebsite.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
Subject Issuer Validity Valid
www.overturepromotions.com
R3		 2022-11-21 -
2023-02-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.overturepromotions.com/
Frame ID: 40F89576C15006588F4374F03C680778
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Overture Promotions | Swag & Promotional Merchandise Experts

Page URL History Show full URLs

  1. http://overturepromo.com/ HTTP 301
    https://www.overturepromotions.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

39
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

2839 kB
Transfer

13110 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://overturepromo.com/ HTTP 301
    https://www.overturepromotions.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.overturepromotions.com/
Redirect Chain
  • http://overturepromo.com/
  • https://www.overturepromotions.com/
987 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
d44947a26eb7074b34901d1521689b97ec5593e672f6e5cacce12cd066c6f905

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Length
987
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Dec 2022 16:01:52 GMT
Etag
W/"3db-184cc0c0290"
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
Via
1.1 vegur
X-Powered-By
Express

Redirect headers

Connection
close
Content-Length
0
Date
Tue, 13 Dec 2022 16:01:52 GMT
Location
https://www.overturepromotions.com
Server
DNSME HTTP Redirection
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.overturepromotions.com/
Origin
https://www.overturepromotions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:01:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
863
age
120079
cdn-cachedat
11/18/2022 06:18:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d20ed4563d8c3812ac6d5ef4b4c6b1d8
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
778febc2482b926d-FRA
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21936657-1
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccad795cc33474dff059fbacae7056cf32f463b18f9c3d93225afa51064b5b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:01:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43592
x-xss-protection
0
last-modified
Tue, 13 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Dec 2022 16:01:53 GMT
main.33b12dd0.css
www.overturepromotions.com/static/css/ 		90 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.overturepromotions.com/static/css/main.33b12dd0.css
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
41fc4063289cd4e74bc8b958e12d4dc0ae9e3ebb106b3becd245dddb7971c7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:53 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"1699c-184cc0c0290"
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92572
8bd183f9aa.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/8bd183f9aa.js
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3bc889aec8453e50a4fd05f6fb317ce0e0b30ef3e1256cbb6e1971292ef67b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 30 Jun 2021 21:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
7AD4R7PCRY1QMGZ9
etag
W/"6b2e5ac57867d2e9c561464eecf9755a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKOFIp5gYOEuugzRuvkg22VoYnwDaSPfa%2Bg1Ghlo%2B1jWB2uCwBAIMTs5CKelq%2FEITOyMKxXXm5mGFOoYzU7qkLKpqE1lPcNchi8RpzQL5OTGJHTtPNRfsrv4Lb%2FWPabkoGsgQGRTQEQphZ7oUFEYFiew"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
778febc25e957181-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
98MfuHrTqvIg6i0QC4jg/hCbaJ8iyhFYaNg04OIgh5EMWtJy8/dw9cg6lgDT/9MtfmERmuYOyIw=
main.2aee1467.js
www.overturepromotions.com/static/js/ 		819 KB
819 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.overturepromotions.com/static/js/main.2aee1467.js
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
ea57beac9bfc42d0ca3bf378782284f8c6edbbfe682fd8b14c3614eb8653b9d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:53 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"ccb23-184cc0c0290"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
838435
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21936657-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Dec 2022 15:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2767
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 13 Dec 2022 17:15:46 GMT
collect
www.google-analytics.com/j/ 		1 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=950547029&t=pageview&_s=1&dl=https%3A%2F%2Fwww.overturepromotions.com%2F&ul=en-us&de=UTF-8&dt=Overture&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=252416299&gjid=537521711&cid=1045218278.1670947313&tid=UA-21936657-1&_gid=742363983.1670947313&_r=1&gtm=2oubu0&z=357086017
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.overturepromotions.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Dec 2022 16:01:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.overturepromotions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
8bd183f9aa.css
use.fontawesome.com/ 		1 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/8bd183f9aa.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/8bd183f9aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c2daf4c7d1a3205c9229bfa6d449fd13a715b9aef2109781292b0183d36c57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:01:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 30 Jun 2021 21:44:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
NTGE09ZG6WP4785T
etag
W/"7ee479d8cd1d557157992570cc5be9ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rfqZK%2Fw7asRt%2FCQIANI3Z44sdzRm1up7ekvnowsdIHx0xsM6bitak2lO3nu7CV%2BE9Iscwf%2FrqizUozV85VGodVhIrAFQNKgFJtoXWqvJsSlAJB73KQfp%2BAY0vQtWQeZlo5Girs4FSq4AUTpK3%2BNTusQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
778febc5bca9faf6-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
kXsCFFzH218P3GsvXQtO/rvPcPpJh49pR65yf3irzpU6Wm8PNmUl28KdybLLW7qqwcxrzjJDN3kJViEXwA2ppw==
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/8bd183f9aa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/8bd183f9aa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:01:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KQNEW3GB8XSZ7MZK
age
790497
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pbTfY0AHfa+mWPuh9CBq4JfI5whYw8+jgThzmxDI13z7vDpAVGY5wB+yy4bD6bclw9iX/LAv6j8=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4GtOztD1wdjMRKev3K%2BeqBVDCZgBrVpWh39P6mjj6EARBPTOnJUL2r89SZgjhmrPvvWGjfe8ytLY2XSLKtW8ZOYuRcYMGEIqty4bKofnCF9%2Be5wfHo07Hfm0DVqZXSwvarq7tqZ8IOhyfEqdBA1NLw5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
778febc73eabfaf6-DUS
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/8bd183f9aa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/8bd183f9aa.css
Origin
https://www.overturepromotions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 16:01:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
ZA74NBS9J5PT0YDX
age
8605
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
x-amz-id-2
LXGAnet4PuEdsmsY5uPyQzgKRxtA3PH5g3922s30U5LlsDXRr4oxL3M81ARnilCqm7UaxTivl1w=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wQI%2FRqAC%2F0diyO0TyrYQQtZvY5gZoH32wK9wttHyQYKkpINQUzEN6DtjC2Cp%2F2hdAr%2FjpMX028utVqWctmL9%2FPK%2FRk5bVrXOlrIRjsM8JdATfDqnnANINn4Pgx3c1fBy5rxRYwU4tzh2ginxl16qmYr"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
778febc76ae1995a-FRA
overture_logo.be858579.svg
www.overturepromotions.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/overture_logo.be858579.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
cad434f961f8031ff82c1713675330146152ede212d09010ae31050a80d32f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"593-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1427
herotext.7af4fc45.svg
www.overturepromotions.com/static/media/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/herotext.7af4fc45.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
657d4be4909e1f4f155f9d964c82f1fa638d6c72d280ea7f20f4de56189ab6ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"5b7c-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23420
up_arrow.42b8d3d0.svg
www.overturepromotions.com/static/media/ 		1000 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/up_arrow.42b8d3d0.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
f3814dbd4d36b9472266c00d7cfd9fe32e321f6b332ffdbee37304dcc2f98071

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"3e8-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1000
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd8880129a027269ddd57d2e6398b0649fa1581d19bd1d21680a316fb11108ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
fiji.56f29ac4.jpg
www.overturepromotions.com/static/media/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/fiji.56f29ac4.jpg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
edf5fec15737b0142e16f55e8f67956bc95f48002b84305a0cbf1b32951e8b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"18b35-184cc0c0290"
Content-Type
image/jpeg
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101173
google.2657fede.jpg
www.overturepromotions.com/static/media/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/google.2657fede.jpg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
301a190505447d8c73f6005ad3cb8ecba39c58faecc28718b2918f5b3aaf9ec5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"123a6-184cc0c0290"
Content-Type
image/jpeg
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74662
jimmyfallon.5b02ec9a.jpg
www.overturepromotions.com/static/media/ 		246 KB
246 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/jimmyfallon.5b02ec9a.jpg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
de4b8bde64d6b886be230d1870c2a8d7b51d073fa4bf411572df58c5fb530acb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"3d737-184cc0c0290"
Content-Type
image/jpeg
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
251703
facebook_socks.86575957.jpg
www.overturepromotions.com/static/media/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/facebook_socks.86575957.jpg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
d3e05a29a9e03a164673022858f2f84be3c1c9af77dff758a1957f387745221f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"14b59-184cc0c0290"
Content-Type
image/jpeg
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84825
ecommerce.4861be62.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/ecommerce.4861be62.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
1b69405339809a80d119ba95a8d5e383dec9a4da07cde49fdcd7af1e4bf2e5cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"714-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1812
screenprinting.1c15e235.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/screenprinting.1c15e235.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
66ba919f7a4a804071cebc6e94a2623dfc0530739a704cf895f6e841a6804b78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"67c-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1660
assembly.bea434b9.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/assembly.bea434b9.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
00c8b64dd8cf95498faee7568bec4c787e5e4d7aba1ca1177da024662f9d6b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"818-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2072
fulfillment.fc009a99.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/fulfillment.fc009a99.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
70e9f4bba31e0cd55567b509ac68bfb17e5e5f6caf045f7b1cf759978c7281dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"7b2-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1970
inventorymanagement.132a7cfd.svg
www.overturepromotions.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/inventorymanagement.132a7cfd.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
5fbac0a1f77324009a4cccbc3a11e0543df8d8390325f7435f16de4fc3cebc5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"57a-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1402
international.d015fa83.svg
www.overturepromotions.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/international.d015fa83.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
105427cc9db3fa7e862589682b039b27c2fb35774f9c0ad2b72f95e55c61a6c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"57d-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1405
graphicdesign.86b85bf6.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/graphicdesign.86b85bf6.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
fe10cc56460b0da10b2fa3fe14953dc5027899de624eff19ed1faf8a75f32141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"8b3-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2227
embroidery.7f46db29.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/embroidery.7f46db29.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
1a6bde5e616b16786b1b78e7d64376c931b869ba10b113efb355818bf197b687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"71f-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1823
packaging.3dd3a219.svg
www.overturepromotions.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/packaging.3dd3a219.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
cc97bbad9ce338d485ff1e120ee49d97451067527823c22b2d8f46c2610beb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"5c2-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1474
warehouse.3d25461c.svg
www.overturepromotions.com/static/media/ 		973 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/warehouse.3d25461c.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
faff746f1d1593c868ca25724f2dd42fb691cafe72b84929fc04491bb7b93066

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"3cd-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
973
reportinganalytics.912ad9fc.svg
www.overturepromotions.com/static/media/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/reportinganalytics.912ad9fc.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
ecb50175b5aec7c26923f882c8330c43bfb01cee4b8fdf4160a42c5f49998bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"5d5-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1493
domestic.7da677d0.svg
www.overturepromotions.com/static/media/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/domestic.7da677d0.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
5919b34d5aca6923a647442834c0e9e01a5af8f9cf8daccc6689df3d4556a460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"653-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1619
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bedf33887fe58a607a3f036096444a727dc0db4d0b06474edde6b60a543f6fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type
image/png
play.252e18ec.svg
www.overturepromotions.com/static/media/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/play.252e18ec.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
8e5874185adce636ad9288972ae5bdccdab335101745228c9df6f1410e6fbcfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"1b536-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
111926
Imagegrid.c9e337d9.jpg
www.overturepromotions.com/static/media/ 		739 KB
739 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/Imagegrid.c9e337d9.jpg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
e5df4afdccfe4392e32cc8d43f0f34a90250f406e347d07ca29fe80c360b1f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"b8a4b-184cc0c0290"
Content-Type
image/jpeg
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
756299
map.bd87ecf3.svg
www.overturepromotions.com/static/media/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/map.bd87ecf3.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
4072aee580819a0afc5ba701ffae519031c5c03babb8defb5653a60589f2f0e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"cc01-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52225
love-dallas.538d03bc.svg
www.overturepromotions.com/static/media/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/love-dallas.538d03bc.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
ed82497da8a3bff1e94bd4ebb19691fc84e6a11cb6efdd6d74e51a9dd9e920a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"25ac-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9644
logo_core.5ce73d9f.svg
www.overturepromotions.com/static/media/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/logo_core.5ce73d9f.svg
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
6cfbba052eb1d565d759e89a289eca2430b5bd377cd574c7ace97c7f8311ca81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"1fc4-184cc0c0290"
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8132
blue_bg.67267a12.png
www.overturepromotions.com/static/media/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.overturepromotions.com/static/media/blue_bg.67267a12.png
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/static/css/main.33b12dd0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
7a6ca4e88de22aebc5470b808ff474a1fcb62db2e7181698ebeb0e877f22357d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.overturepromotions.com/static/css/main.33b12dd0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"289e3-184cc0c0290"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
166371
ProximaNova-Regular.bf9f5d50.otf
www.overturepromotions.com/static/media/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.overturepromotions.com/static/media/ProximaNova-Regular.bf9f5d50.otf
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/static/css/main.33b12dd0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9

Request headers

Referer
https://www.overturepromotions.com/static/css/main.33b12dd0.css
Origin
https://www.overturepromotions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"f5ac-184cc0c0290"
Content-Type
font/otf
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62892
ProximaNova-Bold.72b6f2c9.otf
www.overturepromotions.com/static/media/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.overturepromotions.com/static/media/ProximaNova-Bold.72b6f2c9.otf
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/static/css/main.33b12dd0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec

Request headers

Referer
https://www.overturepromotions.com/static/css/main.33b12dd0.css
Origin
https://www.overturepromotions.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 13 Dec 2022 16:01:56 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"f940-184cc0c0290"
Content-Type
font/otf
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63808
Video.ff3fb420.mp4
www.overturepromotions.com/static/media/ 		10 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.overturepromotions.com/static/media/Video.ff3fb420.mp4
Requested by
Host: www.overturepromotions.com
URL: https://www.overturepromotions.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash

Request headers

Referer
https://www.overturepromotions.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 13 Dec 2022 16:01:57 GMT
Via
1.1 vegur
Last-Modified
Thu, 01 Dec 2022 04:57:30 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"2130049-184cc0c0290"
Content-Type
video/mp4
Content-Range
bytes 0-34799688/34799689
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34799689

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| FontAwesomeCdnConfig string| cssUrl object| __consolidated_events_handlers__

3 Cookies

Domain/Path Name / Value
.overturepromotions.com/ Name: _ga
Value: GA1.2.1045218278.1670947313
.overturepromotions.com/ Name: _gid
Value: GA1.2.742363983.1670947313
.overturepromotions.com/ Name: _gat_gtag_UA_21936657_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

maxcdn.bootstrapcdn.com
overturepromo.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
www.overturepromotions.com
2606:4700::6812:bcf
2606:4700:e2::ac40:840f
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2008
54.91.59.199
96.45.82.8
00c8b64dd8cf95498faee7568bec4c787e5e4d7aba1ca1177da024662f9d6b96
105427cc9db3fa7e862589682b039b27c2fb35774f9c0ad2b72f95e55c61a6c9
15c2daf4c7d1a3205c9229bfa6d449fd13a715b9aef2109781292b0183d36c57
1a6bde5e616b16786b1b78e7d64376c931b869ba10b113efb355818bf197b687
1b69405339809a80d119ba95a8d5e383dec9a4da07cde49fdcd7af1e4bf2e5cf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
301a190505447d8c73f6005ad3cb8ecba39c58faecc28718b2918f5b3aaf9ec5
4072aee580819a0afc5ba701ffae519031c5c03babb8defb5653a60589f2f0e1
41fc4063289cd4e74bc8b958e12d4dc0ae9e3ebb106b3becd245dddb7971c7d8
5919b34d5aca6923a647442834c0e9e01a5af8f9cf8daccc6689df3d4556a460
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5fbac0a1f77324009a4cccbc3a11e0543df8d8390325f7435f16de4fc3cebc5d
657d4be4909e1f4f155f9d964c82f1fa638d6c72d280ea7f20f4de56189ab6ff
66ba919f7a4a804071cebc6e94a2623dfc0530739a704cf895f6e841a6804b78
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfbba052eb1d565d759e89a289eca2430b5bd377cd574c7ace97c7f8311ca81
70e9f4bba31e0cd55567b509ac68bfb17e5e5f6caf045f7b1cf759978c7281dd
7a6ca4e88de22aebc5470b808ff474a1fcb62db2e7181698ebeb0e877f22357d
8e5874185adce636ad9288972ae5bdccdab335101745228c9df6f1410e6fbcfd
b3bc889aec8453e50a4fd05f6fb317ce0e0b30ef3e1256cbb6e1971292ef67b6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
bedf33887fe58a607a3f036096444a727dc0db4d0b06474edde6b60a543f6fb3
cad434f961f8031ff82c1713675330146152ede212d09010ae31050a80d32f48
cc97bbad9ce338d485ff1e120ee49d97451067527823c22b2d8f46c2610beb9e
ccad795cc33474dff059fbacae7056cf32f463b18f9c3d93225afa51064b5b26
d3e05a29a9e03a164673022858f2f84be3c1c9af77dff758a1957f387745221f
d44947a26eb7074b34901d1521689b97ec5593e672f6e5cacce12cd066c6f905
dd8880129a027269ddd57d2e6398b0649fa1581d19bd1d21680a316fb11108ef
de4b8bde64d6b886be230d1870c2a8d7b51d073fa4bf411572df58c5fb530acb
e5df4afdccfe4392e32cc8d43f0f34a90250f406e347d07ca29fe80c360b1f3f
ea57beac9bfc42d0ca3bf378782284f8c6edbbfe682fd8b14c3614eb8653b9d8
ecb50175b5aec7c26923f882c8330c43bfb01cee4b8fdf4160a42c5f49998bfa
ed82497da8a3bff1e94bd4ebb19691fc84e6a11cb6efdd6d74e51a9dd9e920a9
edf5fec15737b0142e16f55e8f67956bc95f48002b84305a0cbf1b32951e8b75
f3814dbd4d36b9472266c00d7cfd9fe32e321f6b332ffdbee37304dcc2f98071
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
faff746f1d1593c868ca25724f2dd42fb691cafe72b84929fc04491bb7b93066
fe10cc56460b0da10b2fa3fe14953dc5027899de624eff19ed1faf8a75f32141