urlscan.io logo urlscan.io
SecurityTrails logo

chamberlain.overturestore.com Open in urlscan Pro
216.35.163.171  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.contact.chamberlain.edu/e/er?utm_campaign=3535&utm_medium=email&utm_source=Eloqua&s=125869073&lid=1855&elqTrackId=44281E...
Effective URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Submission: On May 07 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 24 HTTP transactions. The main IP is 216.35.163.171, located in United States and belongs to CENTURYLINK-LEGACY-SAVVIS, US. The main domain is chamberlain.overturestore.com.
TLS certificate: Issued by Thawte RSA CA 2018 on September 7th 2019. Valid for: 2 years.
This is the only time chamberlain.overturestore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.0.160.54 7160 (NETDYNAMICS)
18 216.35.163.171 3561 (CENTURYLI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 23.111.9.35 33438 (HIGHWINDS2)
1 92.123.17.179 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
24 6
1    142.0.160.54 (Ashburn, United States)

ASN7160 (NETDYNAMICS, US)
app.contact.chamberlain.edu
18    216.35.163.171 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
chamberlain.overturestore.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    92.123.17.179 (France)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-17-179.deploy.static.akamaitechnologies.com
i1.cssps.com
2    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
18 chamberlain.overturestore.com chamberlain.overturestore.com
2 www.google-analytics.com chamberlain.overturestore.com
1 i1.cssps.com chamberlain.overturestore.com
1 use.fontawesome.com chamberlain.overturestore.com
1 code.jquery.com chamberlain.overturestore.com
1 ajax.googleapis.com chamberlain.overturestore.com
1 app.contact.chamberlain.edu 1 redirects
24 7

This site contains no links.

Subject Issuer Validity Valid
*.overturestore.com
Thawte RSA CA 2018		 2019-09-07 -
2021-09-06		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
cssps.com
GeoTrust RSA CA 2018		 2019-10-14 -
2021-01-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Frame ID: 0686C9B699F8B23DD1E2858429C247B9
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://app.contact.chamberlain.edu/e/er?utm_campaign=3535&utm_medium=email&utm_source=Eloqua&s=125869073&lid=18... HTTP 302
    https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

24
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1966 kB
Transfer

2699 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.contact.chamberlain.edu/e/er?utm_campaign=3535&utm_medium=email&utm_source=Eloqua&s=125869073&lid=1855&elqTrackId=44281EBD9007B59855CCCA25AA781786&elq=fc56b22872914136b4ca1bb8a1c37a28&elqaid=3535&elqat=1 HTTP 302
    https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
chamberlain.overturestore.com/
Redirect Chain
  • http://app.contact.chamberlain.edu/e/er?utm_campaign=3535&utm_medium=email&utm_source=Eloqua&s=125869073&lid=1855&elqTrackId=44281EBD9007B59855CCCA25AA781786&elq=fc56b22872914136b4ca1bb8a1c37a28&el...
  • https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c2222b6c492a60454df51a68a9c343e79c3006298e3c56430bd8225531844da

Request headers

:method
GET
:authority
chamberlain.overturestore.com
:scheme
https
:path
/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=wzi54v2psz1db3pdf44jefrv; path=/; secure; HttpOnly; SameSite=None EPayUser156=CartGUID=B4D4AE86-4491-48DC-9DF5-C068E2A915E2; expires=Sun, 07-Jun-2020 15:58:58 GMT; path=/; secure
p3p
CP='NOI DSP NID TAIo PSAa OUR IND UNI OTC TST'
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 07 May 2020 15:58:58 GMT
content-length
2851

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Set-Cookie
ELOQUA=GUID=AB306DEC4E924C7B8FF1ABC3469AC035; domain=.chamberlain.edu; expires=Mon, 07-Jun-2021 15:58:57 GMT; path=/ ELQSTATUS=OK; domain=.chamberlain.edu; expires=Mon, 07-Jun-2021 15:58:57 GMT; path=/
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options
nosniff
Date
Thu, 07 May 2020 15:58:57 GMT
Content-Length
216
skeleton.css
chamberlain.overturestore.com/styles/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/skeleton.css
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af5f64d8e7743e7a70d3e368ee52af17d8eb82dde9f642e8e7545361e595a200

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"70ea8c4af5fdd51:0"
last-modified
Thu, 19 Mar 2020 13:50:03 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
3954
styles.css
chamberlain.overturestore.com/styles/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/styles.css
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3eed97e2a3b73e9ddb0284e248c01c4c8978cdd8e4e3607ca781f3aadd58843a

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"9e4785e3723d61:0"
last-modified
Tue, 05 May 2020 23:46:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
12577
formfield.css
chamberlain.overturestore.com/styles/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/formfield.css
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2fc1072428105122d250643fe03b96e818507d35dd994bf7b3e68e93cbf4dfa

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"6815bb8dfffdd51:0"
last-modified
Thu, 19 Mar 2020 15:03:31 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1397
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 10 Apr 2020 00:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2390250
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 00:01:28 GMT
jquery-ui.min.js
code.jquery.com/ui/1.10.4/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.10.4/jquery-ui.min.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 07 May 2020 15:58:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-37cbb"
Vary
Accept-Encoding
X-HW
1588867138.dop151.fr8.shc,1588867138.dop151.fr8.t,1588867138.cds098.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
61269
code.js
chamberlain.overturestore.com/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/scripts/code.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16aa8ee2b497133726faba0dd17cde481c9aa08c9aba0908d59ab3aeb2029cd7

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"e2d246dd58cd41:0"
last-modified
Wed, 05 Dec 2018 20:02:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2542
all.js
use.fontawesome.com/releases/v5.0.9/js/ 		682 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.9/js/all.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Origin
https://chamberlain.overturestore.com

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
last-modified
Tue, 27 Mar 2018 21:11:37 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"bffc6023835e717c0348c41583e56eba"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
sayt-2.3.125.js
chamberlain.overturestore.com/scripts/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/scripts/sayt-2.3.125.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
772d86f339c29cc96dfc49f0d6e08fde55ce77326d657aab372f7f3f656dfd38

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"7d1f46fdc5c9d21:0"
last-modified
Wed, 10 May 2017 19:45:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
19244
autocompleteTemplate.js
chamberlain.overturestore.com/scripts/ 		598 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/scripts/autocompleteTemplate.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
61fc6a049be4f8fa8e6b91f082360ab221ce61919f75e84bef37dc78d2b8ffeb

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"fdc04baa6252d31:0"
last-modified
Tue, 31 Oct 2017 16:09:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
438
productTemplate.js
chamberlain.overturestore.com/scripts/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/scripts/productTemplate.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
da4cc805732f3fba413ab971ce28b82bbfac2a6cebe44f32073b742db941ff3e

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"cc6d19664a16d51:0"
last-modified
Wed, 29 May 2019 18:14:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
638
formfield.js
chamberlain.overturestore.com/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/scripts/formfield.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a97d500d7a9d692d0a4905e682075283c5f211118d9ee2e7cbcd03596751100b

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"60f0df492ed2d51:0"
last-modified
Thu, 23 Jan 2020 20:47:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
1390
jquery.countdown.js
chamberlain.overturestore.com/scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/scripts/jquery.countdown.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d8702cde5c6e252ac0fdb01b1766e0695e79812b97f2f56c8f6a4271662a998e

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
content-encoding
gzip
etag
"0f04cc9cc74d41:0"
last-modified
Mon, 05 Nov 2018 06:00:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3503
cu_logo.svg
chamberlain.overturestore.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chamberlain.overturestore.com/images/cu_logo.svg
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8eab3f8e8ca3a06a9fb9fc912d3523efe7ce5355a2f168271062ed5819b6139

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Mon, 16 Mar 2020 15:25:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"71b6c72da7fbd51:0"
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
16343
523378_112125_THB.jpg
i1.cssps.com/chamberlain/media/Product/THB/8/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.cssps.com/chamberlain/media/Product/THB/8/523378_112125_THB.jpg
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.17.179 , France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-17-179.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
879ee8f2e796fc6c3ab32730e0e65d94175c2c846033f80cf34670382e4ff5f9

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 07 May 2020 15:59:00 GMT
Last-Modified
Tue, 28 Apr 2020 21:16:10 GMT
Server
AkamaiNetStorage
ETag
"9adeac201062e923089996beb39e7211:1588108570"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35513
madewlove.svg
chamberlain.overturestore.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chamberlain.overturestore.com/images/madewlove.svg
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8eb851d7e4007b5ef305c1c999ec38c10164890ffdd9c233732d5db74775de49

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Mon, 16 Mar 2020 16:26:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"26537fa8affbd51:0"
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
4828
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3759
date
Thu, 07 May 2020 14:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18174
expires
Thu, 07 May 2020 16:56:19 GMT
new_hero_nurse.jpg
chamberlain.overturestore.com/images/ 		481 KB
481 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://chamberlain.overturestore.com/images/new_hero_nurse.jpg
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7964c7c88c4a4830ea675f362eb7996b692ab7125dbf9f41da12103e236b1cc1

Request headers

Referer
https://chamberlain.overturestore.com/styles/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Tue, 05 May 2020 21:36:12 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"5260c2322523d61:0"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
492110
Arial-Bold.ttf
chamberlain.overturestore.com/styles/Fonts/ 		733 KB
734 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/Fonts/Arial-Bold.ttf
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d72db21f9242aedd6b917d8549ad5921766b24d5f8d0becfda2ff4c620b3c2e0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://chamberlain.overturestore.com/styles/skeleton.css
Origin
https://chamberlain.overturestore.com

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Mon, 16 Mar 2020 19:08:21 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"3633e42c6fbd51:0"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
750984
MetaOT-Norm.otf
chamberlain.overturestore.com/styles/Fonts/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/Fonts/MetaOT-Norm.otf
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e17d4464e6cfb115c4e5859bed6f33c3df0e4caf7d319532954e071e910e3c63

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://chamberlain.overturestore.com/styles/skeleton.css
Origin
https://chamberlain.overturestore.com

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Fri, 03 Jan 2020 15:27:25 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"46cdf4c4ac2d51:0"
content-type
font/otf
status
200
accept-ranges
bytes
content-length
69140
UniversLTStd-Bold.otf
chamberlain.overturestore.com/styles/Fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/Fonts/UniversLTStd-Bold.otf
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4d4eb76b5fbf537691e5e477cc7c2e3acc5e3259caed0a6069371c5d77ff0a1c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://chamberlain.overturestore.com/styles/skeleton.css
Origin
https://chamberlain.overturestore.com

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Mon, 16 Mar 2020 19:07:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f121a12ec6fbd51:0"
content-type
font/otf
status
200
accept-ranges
bytes
content-length
34720
UniversLTStd.otf
chamberlain.overturestore.com/styles/Fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/Fonts/UniversLTStd.otf
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
81f6a0d3823e11b0b6fa980ef5dd008d76ce53028a83243028784568e75402fb

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://chamberlain.overturestore.com/styles/skeleton.css
Origin
https://chamberlain.overturestore.com

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Mon, 16 Mar 2020 19:08:00 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7e7de635c6fbd51:0"
content-type
font/otf
status
200
accept-ranges
bytes
content-length
33452
Adobe-Garamond-Pro-Regular.ttf
chamberlain.overturestore.com/styles/Fonts/ 		116 KB
116 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://chamberlain.overturestore.com/styles/Fonts/Adobe-Garamond-Pro-Regular.ttf
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.35.163.171 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1d4d14f6aafbd0b57b2f1cd375f8a5e866ddb74c8eb2159206d16cbe12bfeb8f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://chamberlain.overturestore.com/styles/skeleton.css
Origin
https://chamberlain.overturestore.com

Response headers

date
Thu, 07 May 2020 15:58:58 GMT
last-modified
Mon, 16 Mar 2020 19:08:10 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"2cdb23cc6fbd51:0"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
118940
collect
www.google-analytics.com/r/ 		35 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=87314749&t=pageview&_s=1&dl=https%3A%2F%2Fchamberlain.overturestore.com%2F%3Futm_campaign%3D3535%26utm_medium%3Demail%26utm_source%3DEloqua&ul=en-us&de=UTF-8&dt=Promotional%20Products%20-%20Chamberlain&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=122187348&gjid=1608548282&cid=931804573.1588867139&tid=UA-150916801-4&_gid=752660769.1588867139&_r=1&z=209822597
Requested by
Host: chamberlain.overturestore.com
URL: https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://chamberlain.overturestore.com/?utm_campaign=3535&utm_medium=email&utm_source=Eloqua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 May 2020 15:58:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| OpenWindow function| hideshow function| hideitem function| showitem function| hideall function| showall function| Hide function| qty function| checkOpts function| getMinQty function| overAvail function| getQtyBox function| getMaxQty function| removeOne function| submit function| CVV function| selectItem object| dust object| fielding string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.contact.chamberlain.edu
chamberlain.overturestore.com
code.jquery.com
i1.cssps.com
use.fontawesome.com
www.google-analytics.com
142.0.160.54
2001:4de0:ac19::1:b:2a
216.35.163.171
23.111.9.35
2a00:1450:4001:81b::200e
2a00:1450:4001:824::200a
92.123.17.179
16aa8ee2b497133726faba0dd17cde481c9aa08c9aba0908d59ab3aeb2029cd7
1d4d14f6aafbd0b57b2f1cd375f8a5e866ddb74c8eb2159206d16cbe12bfeb8f
2c2222b6c492a60454df51a68a9c343e79c3006298e3c56430bd8225531844da
3eed97e2a3b73e9ddb0284e248c01c4c8978cdd8e4e3607ca781f3aadd58843a
4d4eb76b5fbf537691e5e477cc7c2e3acc5e3259caed0a6069371c5d77ff0a1c
61fc6a049be4f8fa8e6b91f082360ab221ce61919f75e84bef37dc78d2b8ffeb
772d86f339c29cc96dfc49f0d6e08fde55ce77326d657aab372f7f3f656dfd38
7964c7c88c4a4830ea675f362eb7996b692ab7125dbf9f41da12103e236b1cc1
81f6a0d3823e11b0b6fa980ef5dd008d76ce53028a83243028784568e75402fb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879ee8f2e796fc6c3ab32730e0e65d94175c2c846033f80cf34670382e4ff5f9
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8eb851d7e4007b5ef305c1c999ec38c10164890ffdd9c233732d5db74775de49
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
a97d500d7a9d692d0a4905e682075283c5f211118d9ee2e7cbcd03596751100b
af5f64d8e7743e7a70d3e368ee52af17d8eb82dde9f642e8e7545361e595a200
b8eab3f8e8ca3a06a9fb9fc912d3523efe7ce5355a2f168271062ed5819b6139
d2fec0e2942f49dd3cad4650431d550d761f11dded17834d4835768c2ca730c0
d72db21f9242aedd6b917d8549ad5921766b24d5f8d0becfda2ff4c620b3c2e0
d8702cde5c6e252ac0fdb01b1766e0695e79812b97f2f56c8f6a4271662a998e
da4cc805732f3fba413ab971ce28b82bbfac2a6cebe44f32073b742db941ff3e
e17d4464e6cfb115c4e5859bed6f33c3df0e4caf7d319532954e071e910e3c63
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f2fc1072428105122d250643fe03b96e818507d35dd994bf7b3e68e93cbf4dfa