urlscan.io logo urlscan.io
SecurityTrails logo

www.mealsafterwheels.com Open in urlscan Pro
2606:4700:3032::6818:7ea6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.theblueyonder.org/s7Q/cu/ykydf/36671/22117367/7/0/29695b261246fe9a9948206c8df861
Effective URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theb...
Submission: On February 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3032::6818:7ea6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mealsafterwheels.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 10th 2020. Valid for: 8 months.
This is the only time www.mealsafterwheels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.240.105.152 204780 (SHOPON)
34 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
43 5
1    185.240.105.152 (Estonia)

ASN204780 (SHOPON, EE)
PTR: mail1531.theblueyonder.org
www.theblueyonder.org
34    2606:4700:3032::6818:7ea6 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mealsafterwheels.com
3    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Domain Requested by
34 www.mealsafterwheels.com www.mealsafterwheels.com
4 fonts.gstatic.com www.mealsafterwheels.com
3 fonts.googleapis.com www.mealsafterwheels.com
2 cdnjs.cloudflare.com www.mealsafterwheels.com
1 www.theblueyonder.org 1 redirects
43 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-10 -
2020-10-09		 8 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Frame ID: 8F309EF447F87E904893878079EB43C8
Requests: 13 HTTP requests in this frame

Frame: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Frame ID: 435D3802CD9A566E29DF4F3F6691B81D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.theblueyonder.org/s7Q/cu/ykydf/36671/22117367/7/0/29695b261246fe9a9948206c8df861 HTTP 302
    https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

43
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1408 kB
Transfer

1834 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.theblueyonder.org/s7Q/cu/ykydf/36671/22117367/7/0/29695b261246fe9a9948206c8df861 HTTP 302
    https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request nrp=vxrus63t8wm9tgmzjg3uo1bxg
www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Non...
Redirect Chain
  • http://www.theblueyonder.org/s7Q/cu/ykydf/36671/22117367/7/0/29695b261246fe9a9948206c8df861
  • https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&first...
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab4e7e7af4b884741604c9898e28ad96b29ec6a321d905c0473cad641d23c0d

Request headers

:method
GET
:authority
www.mealsafterwheels.com
:scheme
https
:path
/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 23 Feb 2020 10:20:34 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0dda0ce2ac12023c82a2a5ac4b2e647e1582453234; expires=Tue, 24-Mar-20 10:20:34 GMT; path=/; domain=.mealsafterwheels.com; HttpOnly; SameSite=Lax laravel_session=eyJpdiI6InNYUERySXJvdkVrZXlMVnlBdWR3NGc9PSIsInZhbHVlIjoiRnQ0VGlKWWJHejV1TjNwMTFiOXJTOGZNMmM4TThmVnhJa1FrVEdNWitYc2lGQ1VoNGttZmh1NDFrazNGd1ZoKzBUWnRETUxCdjVNc21TRHkwaWI2UWc9PSIsIm1hYyI6Ijk3NzYxMmNiY2VjNTM2YmQ2ZDA5YmQ3YjYwMmIzZDYyNTg4M2Q5MjE5YWU0YWVkOWMwNGRiM2NmMzNhOGVlODQifQ%3D%3D; expires=Sun, 01-Mar-2020 08:59:34 GMT; Max-Age=599940; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
569877cd08e797ba-FRA
content-encoding
br

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sun, 23 Feb 2020 10:20:34 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Location
https://www.MealsAfterWheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
backend.css
www.mealsafterwheels.com/css/ 		2 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/css/backend.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 10:13:06 GMT
server
cloudflare
age
1310
etag
W/"59410c32-8ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877ce7b0c97ba-FRA
bootstrap.min.css
www.mealsafterwheels.com/css/bootstrap-4.1.3/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/css/bootstrap-4.1.3/bootstrap.min.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1b923bd321edf1b6d8c70e83fc400818a545d8eb54f5f671fa81b871a9b3f2b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Oct 2018 07:31:34 GMT
server
cloudflare
age
5282
etag
W/"5bc44256-22689"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877ce7b0d97ba-FRA
font-awesome.min.css
www.mealsafterwheels.com/assets/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/assets/font-awesome/css/font-awesome.min.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Oct 2017 10:55:43 GMT
server
cloudflare
age
6512
etag
W/"59e4902f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877ce7b0e97ba-FRA
jquery-3.4.1.min.js
www.mealsafterwheels.com/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/js/jquery-3.4.1.min.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 06 Aug 2019 08:32:45 GMT
server
cloudflare
etag
W/"5d493b2d-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877ce7b0f97ba-FRA
bootstrap.min.js
www.mealsafterwheels.com/js/bootstrap-4.1.3/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/js/bootstrap-4.1.3/bootstrap.min.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
546f22daa21fdc336f4ea6181ca8c4a4dd5282dde72115f0bf3aa69e3b835b41

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Oct 2018 07:31:36 GMT
server
cloudflare
age
5282
etag
W/"5bc44258-c760"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877ce7b1297ba-FRA
jquery.cookie.js
www.mealsafterwheels.com/js/plugins/jqueryCookie/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/js/plugins/jqueryCookie/jquery.cookie.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 09:55:44 GMT
server
cloudflare
age
1310
etag
W/"59410820-c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877ce7b1397ba-FRA
jquery.plugin.js
www.mealsafterwheels.com/js/plugins/jquery_countdown/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/js/plugins/jquery_countdown/jquery.plugin.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdc2f2a7a716655ee0e5604046dec02277fbc59252dbc59067d29582e027e58

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 09:52:55 GMT
server
cloudflare
age
5282
etag
W/"59410777-2ba3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877ce7b1497ba-FRA
currency_cnd2.js
www.mealsafterwheels.com/custom_js/ 		1 KB
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/custom_js/currency_cnd2.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2017 10:12:22 GMT
server
cloudflare
age
5282
etag
W/"59410c06-5f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877ce7b1597ba-FRA
blue_notys3.css
www.mealsafterwheels.com/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/css/blue_notys3.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Nov 2017 11:25:46 GMT
server
cloudflare
age
3604
etag
W/"5a0c243a-2381"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877ce7b1197ba-FRA
css
fonts.googleapis.com/ 		763 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff4610869c48d9eefb45f127331f4203f8624db93d14cb268c69c38cfc77620e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 10:20:34 GMT
server
ESF
date
Sun, 23 Feb 2020 10:20:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Feb 2020 10:20:34 GMT
css
fonts.googleapis.com/ 		7 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 10:20:35 GMT
server
ESF
date
Sun, 23 Feb 2020 10:20:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Feb 2020 10:20:35 GMT
index.html
www.mealsafterwheels.com/prelanders/frsweepstake/ Frame 435D 		22 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74aad1e9cc498604e10356404dc5e9b9e63dfdf8d2cd32bbf6c48793f0118070

Request headers

:method
GET
:authority
www.mealsafterwheels.com
:scheme
https
:path
/prelanders/frsweepstake/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d0dda0ce2ac12023c82a2a5ac4b2e647e1582453234; laravel_session=eyJpdiI6InNYUERySXJvdkVrZXlMVnlBdWR3NGc9PSIsInZhbHVlIjoiRnQ0VGlKWWJHejV1TjNwMTFiOXJTOGZNMmM4TThmVnhJa1FrVEdNWitYc2lGQ1VoNGttZmh1NDFrazNGd1ZoKzBUWnRETUxCdjVNc21TRHkwaWI2UWc9PSIsIm1hYyI6Ijk3NzYxMmNiY2VjNTM2YmQ2ZDA5YmQ3YjYwMmIzZDYyNTg4M2Q5MjE5YWU0YWVkOWMwNGRiM2NmMzNhOGVlODQifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe

Response headers

status
200
date
Sun, 23 Feb 2020 10:20:35 GMT
content-type
text/html
last-modified
Thu, 13 Feb 2020 13:08:08 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
569877cefbca97ba-FRA
content-encoding
br
survey
www.mealsafterwheels.com/survey/ 		14 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/survey/survey
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/js/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930bd3dca9f0581f01df5c4d8e9e14e555eb55a9e1e4344f95927becf7e5b158

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Origin
https://www.mealsafterwheels.com
X-Requested-With
XMLHttpRequest
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.mealsafterwheels.com
cache-control
no-cache
cf-ray
569877cf0be197ba-FRA
normalize.min.css
www.mealsafterwheels.com/prelanders/frsweepstake/css/ Frame 435D 		2 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/css/normalize.min.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Feb 2020 13:08:09 GMT
server
cloudflare
etag
W/"5e454a39-745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877cf3c1497ba-FRA
all.css
www.mealsafterwheels.com/prelanders/frsweepstake/css/ Frame 435D 		69 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/css/all.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Feb 2020 13:08:09 GMT
server
cloudflare
etag
W/"5e454a39-1137b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877cf3c1797ba-FRA
main.min.css
www.mealsafterwheels.com/prelanders/frsweepstake/css/ Frame 435D 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/css/main.min.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aed79f1c03421235575acc74aac65027b0a1394dfb743219fc47b22f00fcb49

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Feb 2020 13:08:09 GMT
server
cloudflare
etag
W/"5e454a39-54e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
569877cf3c1897ba-FRA
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ Frame 435D 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1497529
cf-ray
569877cf3fa93248-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Wed, 05 Feb 2020 14:31:26 GMT
server
cloudflare
etag
W/"5e3ad1be-dff5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 12 Feb 2021 10:20:35 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
pre_survey_iphone.png
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		700 KB
701 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/pre_survey_iphone.png
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6382c645b91a655d06965ccb89b9131e40646cc29df7d60a76ac038bcc55bf5d

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:11 GMT
server
cloudflare
age
235244
etag
"5e454a3b-aeea2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c1997ba-FRA
content-length
716450
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_w.png
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/logo_w.png
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04acdf833d50d399b7626c5ed20aa729c07bd598eb87ab0dadd31245d5ca38ad

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:11 GMT
server
cloudflare
age
93491
etag
"5e454a3b-8dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c1a97ba-FRA
content-length
2269
expires
Thu, 31 Dec 2037 23:55:55 GMT
box_top.png
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/box_top.png
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54fae3f328d5f2eae7d8a187820fae2cb5e886e333a0ed4a8e18743458f402b

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
93491
etag
"5e454a3a-148c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c1e97ba-FRA
content-length
84166
expires
Thu, 31 Dec 2037 23:55:55 GMT
box_bottom_apple.png
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/box_bottom_apple.png
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b48e6feafb20d510db8570dbb2c51e358d6395b49dada85eb1c6078f7af9a64

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
235244
etag
"5e454a3a-b132"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c1f97ba-FRA
content-length
45362
expires
Thu, 31 Dec 2037 23:55:55 GMT
box_back2.png
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/box_back2.png
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2896e53ad2d99f0a416897c68a8f4e63e79853bcd5d84f30c22e8aa97b8760b5

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
436199
etag
"5e454a3a-3bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2197ba-FRA
content-length
15320
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading.svg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		670 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/loading.svg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e56c4f7d93705a8306bd14e187845e0566ea6e34f4024eaa1777ff5ba1a54da7

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:11 GMT
server
cloudflare
age
436199
etag
W/"5e454a3b-29e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
cf-ray
569877cf3c2297ba-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/2.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c07bc9da77932c492f92a7985d710466d68b7ed3cea01739a6a99904084356

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
436199
etag
"5e454a3a-d905"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2397ba-FRA
content-length
55557
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/1.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22fc2649b1af8f03a8b0de71a3634b155cf732eb7fb7e4bb7c5050aeb55d8db

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:09 GMT
server
cloudflare
age
93491
etag
"5e454a39-a601"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2497ba-FRA
content-length
42497
expires
Thu, 31 Dec 2037 23:55:55 GMT
3.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/3.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2c59ae26a5b872c49576bd139df11d29a27f2712bf56fafd3c4b4e2edbd0eef

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
93491
etag
"5e454a3a-2191"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2597ba-FRA
content-length
8593
expires
Thu, 31 Dec 2037 23:55:55 GMT
4.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/4.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90a38d15ecefa1704387dfba523d1c3e78b6344bcee586e0378e6af5e5f7cd0

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
93491
etag
"5e454a3a-1248"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2797ba-FRA
content-length
4680
expires
Thu, 31 Dec 2037 23:55:55 GMT
5.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/5.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e373256bfba2fe65c8ec3fb3d8b486d02224fc60f4c79ec2f0cc3245d7809b59

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
235214
etag
"5e454a3a-12f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2a97ba-FRA
content-length
4857
expires
Thu, 31 Dec 2037 23:55:55 GMT
6.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/6.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e4cba475397d47387acf7b321326649c41be045e5240bf6567e1ef95661980

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
436198
etag
"5e454a3a-5512"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c2d97ba-FRA
content-length
21778
expires
Thu, 31 Dec 2037 23:55:55 GMT
7.png
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/7.png
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a960f2c9be07fc661bea230eff831478c13c57583454226395336cc353fc556

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
93491
etag
"5e454a3a-1c810"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c3097ba-FRA
content-length
116752
expires
Thu, 31 Dec 2037 23:55:55 GMT
8.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/8.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab66e57378f3c7c0d2bf7da0a1bce299b579312e52b5387e158d7780e9d0169a

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
183853
etag
"5e454a3a-49db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c3297ba-FRA
content-length
18907
expires
Thu, 31 Dec 2037 23:55:55 GMT
9.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/9.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce012e1ff648d3133abf073d0402a3b11b4f0802b40e1bc12cb594fb163c9712

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:10 GMT
server
cloudflare
age
93491
etag
"5e454a3a-33b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c3497ba-FRA
content-length
13240
expires
Thu, 31 Dec 2037 23:55:55 GMT
10.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/10.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc06897d0b6cb3845d670a11f8c1fd80d1f0ab3d0c1e9270bbbf9a1ae6256493

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:09 GMT
server
cloudflare
age
436198
etag
"5e454a39-801c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c3797ba-FRA
content-length
32796
expires
Thu, 31 Dec 2037 23:55:55 GMT
11.jpg
www.mealsafterwheels.com/prelanders/frsweepstake/images/ Frame 435D 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/images/11.jpg
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
469531c65f86109dc8f5906630810eea35571f92d924dd30abeb05956be144eb

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 13:08:09 GMT
server
cloudflare
age
93491
etag
"5e454a39-1166"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
569877cf3c3a97ba-FRA
content-length
4454
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.js
www.mealsafterwheels.com/prelanders/frsweepstake/js/ Frame 435D 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/prelanders/frsweepstake/js/script.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec168b1574e88ad4f61ec103359e80afc50d0896a8909faeafa0165a0330b28b

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Feb 2020 13:08:11 GMT
server
cloudflare
etag
W/"5e454a3b-26c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877cf3c1d97ba-FRA
css
fonts.googleapis.com/ Frame 435D 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a697a36a13c509e039b155b682cf41fff3676e45f11f1a86f18ea1880a6dc6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 23 Feb 2020 10:20:35 GMT
server
ESF
date
Sun, 23 Feb 2020 10:20:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Feb 2020 10:20:35 GMT
prelander.js
www.mealsafterwheels.com/prelanders/ Frame 435D 		3 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mealsafterwheels.com/prelanders/prelander.js
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6818:7ea6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43f6bb9637c5d91057dabfaf7e296330476ee8b4574c0bf11688e2381082f53

Request headers

Referer
https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jan 2020 10:47:09 GMT
server
cloudflare
etag
W/"5e3162ad-ab0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
569877cfacdb97ba-FRA
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ Frame 435D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
Origin
https://www.mealsafterwheels.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 19 Feb 2020 10:32:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
344864
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13612
x-xss-protection
0
expires
Thu, 18 Feb 2021 10:32:51 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ Frame 435D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
Origin
https://www.mealsafterwheels.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 00:48:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:41 GMT
server
sffe
age
1675925
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13640
x-xss-protection
0
expires
Wed, 03 Feb 2021 00:48:30 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ Frame 435D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
Origin
https://www.mealsafterwheels.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 23:17:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
1681394
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13708
x-xss-protection
0
expires
Tue, 02 Feb 2021 23:17:21 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ Frame 435D 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap
Origin
https://www.mealsafterwheels.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 22:51:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:50 GMT
server
sffe
age
1942148
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13464
x-xss-protection
0
expires
Sat, 30 Jan 2021 22:51:27 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ Frame 435D 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2
Requested by
Host: www.mealsafterwheels.com
URL: https://www.mealsafterwheels.com/prelanders/frsweepstake/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin
https://www.mealsafterwheels.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 23 Feb 2020 10:20:35 GMT
cf-cache-status
HIT
age
1387087
cf-ray
569877cfdd579ab0-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
76120
last-modified
Wed, 05 Feb 2020 14:31:26 GMT
server
cloudflare
etag
"5e3ad1be-12958"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Fri, 12 Feb 2021 10:20:35 GMT
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
served-in-seconds
0.000

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap function| JQClass function| countdown object| productUrl string| path_prefix number| total_products object| productId number| survey_id function| exitClickHandler function| trackAnswer function| setConversion function| setProductImpression function| setServerPixel function| trackProductClick function| loadSurveyQuestions

4 Cookies

Domain/Path Name / Value
www.mealsafterwheels.com/ Name: survey_id_22095
Value: true
www.mealsafterwheels.com/ Name: b2ZmZXJXYWxs
Value: %7B%22campaign%22%3A%2219113%22%2C%22survey%22%3A22095%2C%22source%22%3A%2212202%22%2C%22subid%22%3A%22subid%3De%3AQsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I%26subid2%3Dtheblueyonder.org%26subid3%3De%3ASUw4z_mzR9SPKv9l0C6aQA%26subid4%3Dskynet.be%26firstname%3DNonnweiler%26email%3Dedith.nonnweiler%40skynet.be%22%2C%22firstSession%22%3A%22pKqqOPW9x9EzTdLIyMqEBg7dl68A9kTc6tfvc213_19113%22%7D
www.mealsafterwheels.com/ Name: laravel_session
Value: eyJpdiI6IkNieDM3NitXYUk1a1JHVkZ2Rml4OUE9PSIsInZhbHVlIjoiUjVJbDZrZ1d6RElIS1dDT3lUUmFHWEYwK1NRWjdLb2lJRDN0Ync2Q1IrVTFUWGtJWGp4UCtDYnJ0TzNha2U1QjdvSzhucjNVWHo5SFhMVDZwc2dBanc9PSIsIm1hYyI6ImJlMTUxZDg3NzFkNDkzM2JlYTYxZTcxNmQ0Y2Y1OGQ1Mjk5Zjk1ZjUyYzEyNTRlZWNkYmIxYWVjNmQyNWMyYTIifQ%3D%3D
.mealsafterwheels.com/ Name: __cfduid
Value: d0dda0ce2ac12023c82a2a5ac4b2e647e1582453234

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg(Line 43)
Message:
processed: 2-theblueyonder.org 3-e:SUw4z_mzR9SPKv9l0C6aQA 4-skynet.be firstname-Nonnweiler email-edith.nonnweiler@skynet.be
console-api info URL: https://www.mealsafterwheels.com/survey/87451d4w5s11/source=12202/subid=e:QsgpsZ74u6AlQ9jj5jnHD9qr8WSKdFILdhixqA52x_I&subid2=theblueyonder.org&subid3=e:SUw4z_mzR9SPKv9l0C6aQA&subid4=skynet.be&firstname=Nonnweiler&email=edith.nonnweiler%40skynet.be/pid=19/nrp=vxrus63t8wm9tgmzjg3uo1bxg(Line 43)
Message:
TP init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
www.mealsafterwheels.com
www.theblueyonder.org
185.240.105.152
2606:4700:3032::6818:7ea6
2606:4700::6811:4004
2606:4700::6811:4104
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
04acdf833d50d399b7626c5ed20aa729c07bd598eb87ab0dadd31245d5ca38ad
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
2896e53ad2d99f0a416897c68a8f4e63e79853bcd5d84f30c22e8aa97b8760b5
2ab4e7e7af4b884741604c9898e28ad96b29ec6a321d905c0473cad641d23c0d
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
469531c65f86109dc8f5906630810eea35571f92d924dd30abeb05956be144eb
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
546f22daa21fdc336f4ea6181ca8c4a4dd5282dde72115f0bf3aa69e3b835b41
6382c645b91a655d06965ccb89b9131e40646cc29df7d60a76ac038bcc55bf5d
6a697a36a13c509e039b155b682cf41fff3676e45f11f1a86f18ea1880a6dc6a
74aad1e9cc498604e10356404dc5e9b9e63dfdf8d2cd32bbf6c48793f0118070
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aed79f1c03421235575acc74aac65027b0a1394dfb743219fc47b22f00fcb49
89e4cba475397d47387acf7b321326649c41be045e5240bf6567e1ef95661980
8a960f2c9be07fc661bea230eff831478c13c57583454226395336cc353fc556
930bd3dca9f0581f01df5c4d8e9e14e555eb55a9e1e4344f95927becf7e5b158
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9b48e6feafb20d510db8570dbb2c51e358d6395b49dada85eb1c6078f7af9a64
a54fae3f328d5f2eae7d8a187820fae2cb5e886e333a0ed4a8e18743458f402b
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
ab66e57378f3c7c0d2bf7da0a1bce299b579312e52b5387e158d7780e9d0169a
ae88db06df66fada6bd19661950611c6a69796df07f7a97991ec8db92c124af7
b24eb9638260837328cb57cc88a42c7472eebcef0d23ad953073901d3bf41c6d
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bc06897d0b6cb3845d670a11f8c1fd80d1f0ab3d0c1e9270bbbf9a1ae6256493
c1c07bc9da77932c492f92a7985d710466d68b7ed3cea01739a6a99904084356
c22fc2649b1af8f03a8b0de71a3634b155cf732eb7fb7e4bb7c5050aeb55d8db
c2c59ae26a5b872c49576bd139df11d29a27f2712bf56fafd3c4b4e2edbd0eef
ccdc2f2a7a716655ee0e5604046dec02277fbc59252dbc59067d29582e027e58
ce012e1ff648d3133abf073d0402a3b11b4f0802b40e1bc12cb594fb163c9712
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
d1b923bd321edf1b6d8c70e83fc400818a545d8eb54f5f671fa81b871a9b3f2b
d7793635b3a67ad46bb0f738f17326d1d4de4ef3e9a2a2ee4ac4e318a77dabd0
e373256bfba2fe65c8ec3fb3d8b486d02224fc60f4c79ec2f0cc3245d7809b59
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e56c4f7d93705a8306bd14e187845e0566ea6e34f4024eaa1777ff5ba1a54da7
ec168b1574e88ad4f61ec103359e80afc50d0896a8909faeafa0165a0330b28b
f43f6bb9637c5d91057dabfaf7e296330476ee8b4574c0bf11688e2381082f53
f90a38d15ecefa1704387dfba523d1c3e78b6344bcee586e0378e6af5e5f7cd0
ff4610869c48d9eefb45f127331f4203f8624db93d14cb268c69c38cfc77620e