www.natgeowine.com
Open in
urlscan Pro
104.108.52.216
Public Scan
Effective URL: https://www.natgeowine.com/jsp/offer/recr/us/law/offer_temp6.jsp?offerId=91100368&promoCode=0354011&utm_campaign=rc_0354011...
Submission: On November 30 via api from US
Summary
TLS certificate: Issued by GeoTrust RSA CA 2018 on April 10th 2018. Valid for: a year.
This is the only time www.natgeowine.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 208.216.217.147 208.216.217.147 | 701 (UUNET) (UUNET - MCI Communications Services) | |
1 44 | 104.108.52.216 104.108.52.216 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 104.111.226.25 104.111.226.25 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 104.109.56.73 104.109.56.73 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 104.108.32.230 104.108.32.230 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 3 | 104.108.53.201 104.108.53.201 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 104.108.55.167 104.108.55.167 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 139.71.0.83 139.71.0.83 | 6307 (AMERICAN-...) (AMERICAN-EXPRESS - American Express Company) | |
2 | 204.79.197.200 204.79.197.200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 4 | 2a00:1450:400... 2a00:1450:4001:820::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 13.32.223.19 13.32.223.19 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c0c::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:820::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 151.101.2.110 151.101.2.110 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 | 52.0.221.2 52.0.221.2 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 52.39.15.245 52.39.15.245 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 67.217.81.37 67.217.81.37 | 16815 (CITRIX-ON...) (CITRIX-ONLINE-PRIMARY-AS - Mobility Apps division) | |
1 | 162.247.242.20 162.247.242.20 | 23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic) | |
1 | 34.218.196.198 34.218.196.198 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
69 | 20 |
ASN701 (UUNET - MCI Communications Services, Inc. d/b/a Verizon Business, US)
PTR: pentondirect.com
pentondirect.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-52-216.deploy.static.akamaitechnologies.com
www.natgeowine.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-226-25.deploy.static.akamaitechnologies.com
cloud.typography.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-56-73.deploy.static.akamaitechnologies.com
cdn.optimizely.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-32-230.deploy.static.akamaitechnologies.com
icm.aexp-static.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-53-201.deploy.static.akamaitechnologies.com
www.masterpass.com | |
masterpass.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-55-167.deploy.static.akamaitechnologies.com
www.mastercard.com |
ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
PTR: echeckout22.americanexpress.com
echeckout.americanexpress.com |
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-19.fra56.r.cloudfront.net
intljs.rmtag.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-221-2.compute-1.amazonaws.com
errors.client.optimizely.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-39-15-245.us-west-2.compute.amazonaws.com
d20b1f1a666e6c4d2f7d9ab5cfae096466d93759.cloudapp-enterprise.appcelerator.com |
ASN16815 (CITRIX-ONLINE-PRIMARY-AS - Mobility Apps division, US)
PTR: b-app12-13.boldchat.com
vmss.boldchat.com | |
vms.boldchat.com |
ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net
bam.nr-data.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-218-196-198.us-west-2.compute.amazonaws.com
d20b1f1a666e6c4d2f7d9ab5cfae096466d93759.cloudapp-enterprise.appcelerator.com |
Domain | Requested by | |
---|---|---|
44 | www.natgeowine.com |
1 redirects
pentondirect.com
www.natgeowine.com |
4 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
www.google-analytics.com |
2 | d20b1f1a666e6c4d2f7d9ab5cfae096466d93759.cloudapp-enterprise.appcelerator.com |
www.natgeowine.com
|
2 | errors.client.optimizely.com |
www.natgeowine.com
|
2 | bat.bing.com |
www.googletagmanager.com
www.natgeowine.com |
2 | echeckout.americanexpress.com |
icm.aexp-static.com
|
2 | masterpass.com |
www.natgeowine.com
masterpass.com |
2 | icm.aexp-static.com |
www.natgeowine.com
|
1 | vms.boldchat.com |
vmss.boldchat.com
|
1 | bam.nr-data.net |
js-agent.newrelic.com
|
1 | vmss.boldchat.com |
pentondirect.com
|
1 | js-agent.newrelic.com |
www.natgeowine.com
|
1 | www.google.de |
www.natgeowine.com
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | intljs.rmtag.com |
pentondirect.com
|
1 | www.googletagmanager.com |
www.natgeowine.com
|
1 | www.mastercard.com |
www.natgeowine.com
|
1 | www.masterpass.com | 1 redirects |
1 | cdn.optimizely.com |
www.natgeowine.com
|
1 | cloud.typography.com | 1 redirects |
1 | fonts.googleapis.com |
www.natgeowine.com
|
1 | pentondirect.com | |
69 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.p65warnings.ca.gov |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.directwines.com GeoTrust RSA CA 2018 |
2018-04-10 - 2019-04-10 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-11-07 - 2019-01-30 |
3 months | crt.sh |
cdn.optimizely.com DigiCert ECC Secure Server CA |
2018-01-23 - 2019-01-23 |
a year | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2018-08-08 - 2020-07-23 |
2 years | crt.sh |
www.masterpass.com Entrust Certification Authority - L1K |
2018-01-12 - 2020-01-11 |
2 years | crt.sh |
www.mastercard.com Entrust Certification Authority - L1K |
2018-06-06 - 2020-09-05 |
2 years | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-11-07 - 2019-01-30 |
3 months | crt.sh |
echeckout2.americanexpress.com DigiCert SHA2 Secure Server CA |
2017-03-14 - 2019-03-19 |
2 years | crt.sh |
www.bing.com Microsoft IT TLS CA 5 |
2017-07-20 - 2019-07-10 |
2 years | crt.sh |
*.rmtag.com Thawte RSA CA 2018 |
2018-03-01 - 2019-03-01 |
a year | crt.sh |
www.google.de Google Internet Authority G3 |
2018-10-30 - 2019-01-22 |
3 months | crt.sh |
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2018-11-22 - 2019-04-14 |
5 months | crt.sh |
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA |
2018-09-24 - 2020-09-28 |
2 years | crt.sh |
*.cloudapp-enterprise.appcelerator.com GeoTrust RSA CA 2018 |
2018-03-26 - 2019-05-25 |
a year | crt.sh |
*.boldchat.com GlobalSign Organization Validation CA - SHA256 - G2 |
2017-03-03 - 2019-03-04 |
2 years | crt.sh |
*.nr-data.net GeoTrust RSA CA 2018 |
2018-01-11 - 2020-03-17 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.natgeowine.com/jsp/offer/recr/us/law/offer_temp6.jsp?offerId=91100368&promoCode=0354011&utm_campaign=rc_0354011&utm_medium=email&utm_source=penton&offer=fy18_2/q4/ngo/fy18_q4_Top12_italianreds/3Saracosa_bonus/69/160/spt
Frame ID: 242CA5E4A58F7E22E5BBE72952482DA3
Requests: 69 HTTP requests in this frame
Frame:
https://echeckout.americanexpress.com/expresscheckout/blank
Frame ID: D243FCB693D676D852A0D7CFBF5A5D90
Requests: 1 HTTP requests in this frame
Frame:
https://masterpass.com/switchui/warm-cache.html
Frame ID: 3B1E6A05C848F308F6C878135CCA0D01
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://pentondirect.com/c/1555177/7cbc49117f305451/8 Page URL
-
https://www.natgeowine.com/0354011
HTTP 301
https://www.natgeowine.com/jsp/offer/recr/us/law/offer_temp6.jsp?offerId=91100368&promoCode=0354011&utm... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Bold Chat (Live Chat) Expand
Detected patterns
- script /^https?:\/\/vmss\.boldchat\.com\/aid\/\d{18}\/bc\.vms4\/vms\.js/i
Handlebars (JavaScript Frameworks) Expand
Detected patterns
- env /^Handlebars$/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
PayPal (Payment Processors) Expand
Detected patterns
- env /^PAYPAL$/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
New Relic (Analytics) Expand
Detected patterns
- env /^NREUM/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: www.P65Warnings.ca.gov/alcohol
Search URL Search Domain Scan URL
Title: www.P65Warnings.ca.gov/food
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://pentondirect.com/c/1555177/7cbc49117f305451/8 Page URL
-
https://www.natgeowine.com/0354011
HTTP 301
https://www.natgeowine.com/jsp/offer/recr/us/law/offer_temp6.jsp?offerId=91100368&promoCode=0354011&utm_campaign=rc_0354011&utm_medium=email&utm_source=penton&offer=fy18_2/q4/ngo/fy18_q4_Top12_italianreds/3Saracosa_bonus/69/160/spt Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://cloud.typography.com/6575976/6628172/css/fonts.css HTTP 302
- https://www.natgeowine.com/assets/css/fonts/618296/055487B64C1C9D9E9.css
- https://www.masterpass.com/lightbox/Switch/integration/MasterPass.client.js HTTP 301
- https://masterpass.com/dyn/js/switch/integration/lightbox/MasterPass.client.js
- https://www.google-analytics.com/r/collect?v=1&_v=j72&a=197427332&t=pageview&_s=1&dl=https%3A%2F%2Fwww.natgeowine.com%2Fjsp%2Foffer%2Frecr%2Fus%2Flaw%2Foffer_temp6.jsp%3FofferId%3D91100368%26promoCode%3D0354011%26utm_campaign%3Drc_0354011%26utm_medium%3Demail%26utm_source%3Dpenton%26offer%3Dfy18_2%2Fq4%2Fngo%2Ffy18_q4_Top12_italianreds%2F3Saracosa_bonus%2F69%2F160%2Fspt&dr=http%3A%2F%2Fpentondirect.com%2Fc%2F1555177%2F7cbc49117f305451%2F8&ul=en-us&de=UTF-8&dt=National%20Geographic%20Wines%20of%20the%20World%20%7C%20A%20Journey%20of%20Wine%20Discovery&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAAAL~&jid=1492967483&gjid=1155070190&cid=1341016896.1543582319&tid=UA-88858470-1&_gid=527397232.1543582319&_r=1>m=2wgbc0TQZQ325&z=702164639 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-88858470-1&cid=1341016896.1543582319&jid=1492967483&_gid=527397232.1543582319&gjid=1155070190&_v=j72&z=702164639 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88858470-1&cid=1341016896.1543582319&jid=1492967483&_v=j72&z=702164639 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88858470-1&cid=1341016896.1543582319&jid=1492967483&_v=j72&z=702164639&slf_rd=1&random=1662675911
69 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
8
pentondirect.com/c/1555177/7cbc49117f305451/ |
783 B 805 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
offer_temp6.jsp
www.natgeowine.com/jsp/offer/recr/us/law/ Redirect Chain
|
287 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.1.min.js
www.natgeowine.com/include/js/lib/jquery/ |
92 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
7 KB 881 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
law_lp6_all.min.css
www.natgeowine.com/assets/css/us/law/ |
192 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
055487B64C1C9D9E9.css
www.natgeowine.com/assets/css/fonts/618296/ Redirect Chain
|
86 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
267612982.js
cdn.optimizely.com/js/ |
267 KB 82 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Loading_Icon.gif
www.natgeowine.com/images/us/common/animation/loading_icon/ |
42 KB 43 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
law_logo.png
www.natgeowine.com/images/us/en/brands/lw/common/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
southwest_logo.png
www.natgeowine.com/images/us/common/partners/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
15145UL_T.jpg
www.natgeowine.com/images/us/en/product/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lp_ajax_loader.gif
www.natgeowine.com/images/us/common/checkout/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nat_logo.png
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/header/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nat_logo_tablet.png
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/header/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nat_logo_mobile.png
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/header/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
italyTop12_q4_hero_mobile.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy18_2/q4/ngo/header/ |
143 KB 143 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tasting_notes_2H.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy17_q4/ngo/content/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3_saracosa_rebrand_premium.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy18_1/q2/ngo/content/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
AmexExpressCheckout.js
icm.aexp-static.com/Internet/IMDC/US_en/RegisteredCard/AmexExpressCheckout/js/ |
75 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AMEXService.js
www.natgeowine.com/include/js/us/common/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
MasterPass.client.js
masterpass.com/dyn/js/switch/integration/lightbox/ Redirect Chain
|
55 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mcpp_wllt_btn_chk_147x034px.png
www.mastercard.com/mc_us/wallet/img/en/US/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
checkout_logo_large.png
www.natgeowine.com/images/us/common/checkout/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
credit_card_logos.png
www.natgeowine.com/images/us/common/checkout/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GeoTrust_secured_logo.gif
www.natgeowine.com/images/us/en/common/ |
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cvv_visa_card.gif
www.natgeowine.com/images/us/common/checkout/ |
10 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cvv_amex_card.gif
www.natgeowine.com/images/us/common/checkout/ |
19 KB 19 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3_saracosa_rebrand_sidebar.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy18_1/q2/ngo/sidebar/ |
75 KB 76 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3_saracosa_rebrand_sidebar_tablet.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy18_1/q2/ngo/sidebar/ |
61 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
guarantee_desktop.gif
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/sidebar/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security_tablet.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/sidebar/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
security_desktop.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/sidebar/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
compliance_co.png
www.natgeowine.com/images/us/common/compliance/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lionstone_Intl_logo_black.png
www.natgeowine.com/images/us/common/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in-partnership-with.svg
www.natgeowine.com/images/us/law/offers/temp6/common/ |
6 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us_lp6_all.min.js
www.natgeowine.com/assets/js/us/com/ |
337 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
us_global.min.js
www.natgeowine.com/assets/js/us/com/ |
66 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gtm.js
www.googletagmanager.com/ |
110 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_desktop.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/ngo/content/ |
217 KB 217 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NWF_step2_desktop.gif
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/nwf/content/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NWF_step1_desktop.gif
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/nwf/content/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
italyTop12_q4_hero_desktop.jpg
www.natgeowine.com/images/us/law/offers/temp6/fy18_2/q4/ngo/header/ |
327 KB 328 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
profile_data_layer.jsp
www.natgeowine.com/jsp/thirdparty/us/common/ |
1011 B 838 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NWF_checkmark.gif
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/nwf/content/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NWF_step4_desktop.gif
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/nwf/content/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc-icon.png
www.natgeowine.com/images/us/common/recr/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NWF_step3_desktop.gif
www.natgeowine.com/images/us/law/offers/temp6/fy17_1/nwf/content/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amex_preferred.jpg
www.natgeowine.com/images/us/common/recr/ |
24 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff2
www.natgeowine.com/assets/css/us/fonts/ |
63 KB 64 KB |
Font
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Font
application/x-font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax-loader.gif
www.natgeowine.com/images/us/en/common/ |
8 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
blank
echeckout.americanexpress.com/expresscheckout/ Frame D243 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
maintenancecheck
echeckout.americanexpress.com/expresscheckout/ |
38 B 2 KB |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
bat.js
bat.bing.com/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
114765.ct.js
intljs.rmtag.com/ |
53 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warm-cache.html
masterpass.com/switchui/ Frame 3B1E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ec.js
www.google-analytics.com/plugins/ua/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
express-checkout-desktop-dark.png
icm.aexp-static.com/Internet/IMDC/US_en/RegisteredCard/AmexExpressCheckout/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nr-1099.min.js
js-agent.newrelic.com/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
log
errors.client.optimizely.com/ |
13 B 410 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
query
d20b1f1a666e6c4d2f7d9ab5cfae096466d93759.cloudapp-enterprise.appcelerator.com/api/legal/ |
0 375 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vms.js
vmss.boldchat.com/aid/374571599525837329/bc.vms4/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8b3a149d4e
bam.nr-data.net/1/ |
57 B 261 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
collect
www.google-analytics.com/ |
35 B 100 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
errors.client.optimizely.com/ |
0 244 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bc.pv
vms.boldchat.com/aid/374571599525837329/ |
583 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
query
d20b1f1a666e6c4d2f7d9ab5cfae096466d93759.cloudapp-enterprise.appcelerator.com/api/legal/ |
95 B 422 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
238 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| dataLayer object| wineryDirectCodes object| searchCodes object| affiliateCodes object| southwestCodes object| alaskaCodes object| wdExemptCodes object| setupDataLayer object| pageLayer function| _ object| statesHash function| ToolTipWithLink function| ToolTip function| getParam function| trim function| copyDetailsLW object| $jscomp object| evt function| enableLogging object| getCurrentYear object| stateModal object| complianceRedirect object| toolsUI object| formatPhone object| dwHost object| bvConfig object| api object| caseContents object| nonCompliantStateModal object| logicalOperators object| zipModule undefined| currentId undefined| parentId undefined| formSubmitId boolean| submitForm object| companyName object| brandUtility object| offerLayout object| brandMessages object| checkoutValidation object| checkoutUI object| termsPrivacy object| checkoutGuest object| checkoutRegistered object| checkoutForm object| TWOPAGE object| checkoutUtility object| checkoutUpgrade object| checkoutCompliance object| checkoutSpinner object| stateSuppression object| globalData object| prefCapture object| upgradeModal object| consolidateForm object| amexExpress object| paypal object| voucherOffer object| printContent object| stateCompliance object| storage boolean| fail object| uid boolean| isStorageSupported function| getBom object| heroToggle object| checkoutDob object| chatBox object| UI object| caseTabs object| wineContents undefined| mySwipe object| promoBanner object| resetAutoFill object| upliftLp object| offerData object| setupProfileLayer object| masterPass object| Handlebars object| jQuery17106030609973853549 function| markUserTime object| wineryDirectConfig object| wineryDirectBrands function| getUnlimitedOffer object| profileLayer function| fnCheckIntegerKey function| fnCheckSpaceKey function| checkZipCodeCompliance function| fnCheckItemQty function| empty function| fnTrimEmail function| containsElement function| copyShippingFinal function| updateQueryStringParameter function| fnShowShipForm function| fnSaveSkuId function| isEmpty function| copyCreditCardFinal function| fnValidate function| goToDesiredPage function| redirect function| fnCheckCardType function| fnCheckCvvLength function| fnCheckCvvLengthRC function| populateCityState function| populateMGMStateCity function| fnComplianceMsg function| fnConfirmAge function| populateLPMultiCityState function| fnGiftMsgDisplay function| fnSelectCreditCard function| copyDetails function| copyDetailsToShipping function| fnDisplayGiftMsg function| fnValidateGiftMessage function| setWPID function| handleNextDispatch function| handleSubmit function| recEmailValidation function| successrecEmailValidation function| emailValidation function| fnONLoadGiftMsg function| fnDisplayGiftMsg_Reg function| fnValidateGiftMessage_Reg function| fnDisplayGiftMsgOnload function| fnDisplayLabelMsg function| fnDisplayData function| fnDisplayDataForEdit function| getFirstCharUpper function| fnCopySalutation function| fnCopyBillingShippingSalutation function| fnSubmitCheckout function| fnSubmitRemove function| fnSubmitCoupon function| fnSubmitUpdate function| fnSubmitQuickAddtoCart function| fnEnable function| fnOnClickToPopulate function| fnOnClickToPopulateShipping function| populateBillingAddress function| getCityState function| successgetCityState function| getLPCityState function| successgetLPCityState function| validateEmail function| successvalidateEmail function| getCityStatehttp function| successgetCityStatehttp function| validateEmailhttp function| successvalidateEmailhttp function| getBillingAddress function| clearValues function| onClickYes function| onClickNo function| getProductViewDetails function| successgetProductViewDetails function| parseMessages function| fnNewRegAlert function| checkBilling function| fnDisplayCreditCardSelected function| updateOptIn function| successupdateOptIn function| checkButton function| fnResetBillAddr function| fnCheckBrandOnLoad function| fnSetChkboxValues function| fnReset function| fnResetRadio function| fnSetQty function| showCompMessage function| fnCheckCompliance function| successUpdateOptIn function| validateSubject function| fnValidateEmailOnLoad function| fnDisplayComplianceMsg function| showRelated function| successshowRelated function| showMixedTab function| successshowMixedTab function| showMixedStraightRelated function| replaceToASCII function| successshowMixedStraightRelated function| showMixedRelated function| successshowMixedRelated function| fnSkuValue function| fnSetProductId function| validatenum function| fnDisableButton function| validateatlantic function| validateAtlanticAlgorithForElevenDigit function| validateAtlanticAlgorithForTenDigit function| validateJetBlue function| fnSetOptIn function| fnSetCheckOptIn function| fnSetPreference function| addValuetoSelect function| copyFieldDetails function| fnSetShippingId function| ajaxService object| triggerOverlay object| toolTipCfg boolean| amexIsGlobalClientId boolean| amexIsEpaasClientId boolean| amexAecEncodeFlag boolean| encodeFlag string| aecVersion function| AmexExcludeFromEncodingCheck function| maintenanceStatus function| closeServerPopupSelf object| $amex object| google_tag_manager object| uetq string| GoogleAnalyticsObject function| ga object| DataLayer function| bcLoad object| _bcvma object| MasterPass object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| UET object| ct_cl function| finalCB boolean| bcLoaded object| _bcvmw object| _bcvmf object| _bcvmb object| _bcvmt object| _bcvm object| pageViewer object| _bcct11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
masterpass.com/ | Name: LBSESSION-masterpass Value: !ZfvRLMP7jOse17J+TfDdJzxeb4NWkMrglDM5S9EDf/1MtCTvX1hpGKlZ8j/sFALjB9GMPylf2Wz4qQ== |
|
masterpass.com/ | Name: LBSESSION Value: !BoupO80ZxQVou8vZDiHzALs/ubeaiC13v7o5viTJruRbovs8TGu5C69XJ7SmtrKKg1EbgMsqRT5NL08= |
|
echeckout.americanexpress.com/expresscheckout/ | Name: SESSION Value: 61d76b39-beda-4363-bf78-ab666ccd7f47 |
|
echeckout.americanexpress.com/expresscheckout/ | Name: TS01255100 Value: 018378d52aa0b3d29cc3d79ebbf179db82c694e1f28594b65bae76a0aa7fd36eecf347a5dd554b12fee1c28c81324bf1c5a8c143b0 |
|
.natgeowine.com/ | Name: _gid Value: GA1.2.527397232.1543582319 |
|
.natgeowine.com/ | Name: _gat_UA-88858470-1 Value: 1 |
|
masterpass.com/ | Name: TS01dde6b0 Value: 01b18b28be0dabde4657afc2b067cf7a9ff9da9fc030edd1be21cd7925b822857fdd3b184671615c345708771dda11bf2cb0554e2db83d54e49f96aa2e19cf25643fc7436d |
|
www.natgeowine.com/ | Name: v_status Value: 10000 |
|
.natgeowine.com/ | Name: _ga Value: GA1.2.1341016896.1543582319 |
|
echeckout.americanexpress.com/ | Name: TS0139a03f Value: 018378d52afa40672baaebd21a75f408914aab41664c5ef7c163a56daa490a4f894a73ba0c |
|
www.natgeowine.com/ | Name: JSESSIONID Value: C3C63546BF63C8E42B86F0F13AEEF142.node5 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam.nr-data.net
bat.bing.com
cdn.optimizely.com
cloud.typography.com
d20b1f1a666e6c4d2f7d9ab5cfae096466d93759.cloudapp-enterprise.appcelerator.com
echeckout.americanexpress.com
errors.client.optimizely.com
fonts.googleapis.com
icm.aexp-static.com
intljs.rmtag.com
js-agent.newrelic.com
masterpass.com
pentondirect.com
stats.g.doubleclick.net
vms.boldchat.com
vmss.boldchat.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mastercard.com
www.masterpass.com
www.natgeowine.com
104.108.32.230
104.108.52.216
104.108.53.201
104.108.55.167
104.109.56.73
104.111.226.25
13.32.223.19
139.71.0.83
151.101.2.110
162.247.242.20
204.79.197.200
208.216.217.147
2a00:1450:4001:820::2004
2a00:1450:4001:820::2008
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9d
34.218.196.198
52.0.221.2
52.39.15.245
67.217.81.37
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09230b029b990311bcb689ad152b905ef81d7754fed8de9aa445358031a7a287
0c65e4421809228879ef1ff5e6db33730773eb7d109e897dce70888ed6f3f206
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
0ff9905758350c8bc45e0838748d0790dbcf6cb06c18986412f1032f2161881e
11a28b7995187aac455adcfc6f822d413fa291fff95318932a3865e46af491f2
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
179fa2c0d276d65f49805d1b1af5b2e91862207550b93863f81a35ce6573672a
17fa5556ca4ad9d545ae649c3e875f1d4b91efd6677973a76443d404b5663870
1ccba062b7fd8ca62ef7bec73110b710c49e2b260523eba2be881a387ad1d4c6
1da741548d4e4c0ce51fb7c6fbdfb8506a55093cb379d1a0068bc5d98be80760
21e222161bee053da4cfddf8abe4d9fef95c5c3ccd0bb31007db80a2dbaadd77
221fcac9a72551d500d96778061be1dea91e7b160e61e6b9d30ac75cf9ffb151
2d430f3fa7d4402e670e5da581e04bc1c3ef55702eb6ac9df3740398a56c704b
2deff606748419bb78ff14db8e6a1c75e0d979948abc7dbb3f22d81d775c3f95
3347473e9a7edba033c1ee9717bb08bfe68d2d9efb5b640706d6a39c1cdbdc24
33c5b7da1cbd86a3ad805b589b0573e5540610b578203604ce9186fa9166305e
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
3b83ca65d5bdc3550a1e7be080336fe6f263dca4e7c0b3b680b0ee0665070ce3
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4574f885410f1dc32953e0b0ede842c2ceee15d40c62f615225d92a439f98124
49ae2e035eb2102f3def6be2858ea7cc0345d57f223c386ddd5650e7d7e82c89
4a47f12f8ac0ab307a2463757d9ce6771561e1b24d5ae60917f2565183f6d2f6
52ec6bd87d21b5c5a52be1ffdd477c0c53dda749d608c560000608b0a56c2610
553405f6647070824f92f0812b7d9f0b8d5e15367b28e16fe086c09ba484dfac
56628bea21396515158cd633c4d76a0ad12da075102c7a19413ff10ecf982ef2
5a1da79bcf73b99b946ced92e05700ff00d83e910a0f001990f6ca74fff0ccfe
5a22ff122f0dc1730b36f12029dec91c7d616195eacc89e5c674126a86ab7a5b
5ad9e3d97124c253ee01ae8056283dae4c386e74b854881765424a775031c1d5
6226202c1ea75ec89c213d14f9d1b6944e6ba6beec3eac721232a8e66e6d3a95
666516338c9b3455398eeadd863e4b07163cbbe48a376475ea0338589435227a
685e511070d7d36ad071ea39c387547c95bf064727890a3e9abf1d0283184794
6884463542cb439f3b4dee6890ec176412dd58a7ad8289b9a52d724c530ba503
6be323a39fab5153f4b7855f70c79ec49daa648f8c1dfabbc90368f14f1072bd
6fdbbaeb56b1ca50fa70abd9e9f16b2e4ff0a8361eb75892203e614f7e1da6fe
7019a084c0f16d2e66aa1f1174ccbed9529c8fbf3923bc662e9ae00cecdebc5b
72a71f258147957b0f9720dec36e2a8cd749a5dba0eae9919f2742d2cadc9313
785442949b1ce19ad9a36390a64c473f093d239ff17e70671707910764f422fa
7aeac40006f572a74a14872ba52412dde66226764e4b900b09c5cf3333893a33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a5defa3fda63b90e9ec79e8f370902206d280391108aebea996c507d9a90726
9533a2c39a3cc883c9aaa29133b7dd64739d9cf80a384d43eac273c672232469
9c554948fc164a64d7ec22a1b403b92b048d369bd744e2801994cd515cc26790
9df4e38e05d0ce7d87eb77ca15887cf2c9ce9e9b786f5fed8a5970c388e55205
9e8177fd1a283972e34e384b8c053df7f62872d96ed69d0109a96641ba822cc1
9e8cc6ba284fad20d5fa6f0f4dc3c5424bbf5429e2743e062a46f05ce49ce49f
ac87229a9d77ed14f5e6af8315ab265b7f3a1a5bc2262e7d291fcd18004b89e4
acbf7caa12d008c483e2f2dc8ec33958288433255a44ff4990d74cc31ab37625
b566f51081e9026e4852d9b6439cefa41d650619b7c94ecda4e0dc3ed23243df
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
ba6b504efa2496494bcba3f8687d87c626fab9dbd07a26825013414d3aef4054
c14e6c1e3e40adf5d08ae8f1c1293212a0ac4c9bae98dba08fc1a5ca0aa0aec8
c199a10d312c84996b7e75fce889da17e3833057b6398d1803c50846b0b0eb9c
c455a092dd416d75ffa6de09eeb3a218a2e8d57da54706d7d7da5da955b179b0
d24ed4b6de5961b10047d35b72947bb3f3b363fb9da28e46948723ee8b2d29f6
de0e55d0558a4b5847e1da516c1a4bbfc3447992c4be0dfe9dd372bebe8a3f60
e0237c0bcf4838f71accfa73808c5b0f81d78f18a15f1bce545fd6d6e6af0abd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e877571b22770e529c4b67b2984db750df89b213e5e16564117a5830ee1f0e62
ecb2c40516a746fe3215c03cd7405314152819954f4c943626d8834b789877bb
ee0c0a03b19f1a0bec489bdccce04329a1540f109434d7146c087ff3c41450ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f081e074ad7b0b107e68bcb93a1f42e418d934d3c997902e618f30204a6274b8
f2b5a6b9be74d9282e5b003305d4951a8612723904ef0e7765b0f0d1085657ee
f347088dfd916fdba2dcafe930540ce8db952f11d9913769121114505e8708b6
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fe43178cc763c4d8a188b8743fcb663ff67b6783b3639a622a8b053df03989d0