urlscan.io logo urlscan.io
SecurityTrails logo

meals.freewarecn.com Open in urlscan Pro
66.29.144.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://meals.freewarecn.com/
Submission Tags: phishing
Submission: On December 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 7 domains to perform 47 HTTP transactions. The main IP is 66.29.144.75, located in United States and belongs to NAMECHEAP-NET, US. The main domain is meals.freewarecn.com.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.
This is the only time meals.freewarecn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

22    66.29.144.75 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-3585.usmccam.com
meals.freewarecn.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
3    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
22 freewarecn.com
meals.freewarecn.com
515 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
676 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
247 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
69 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15174
s4.histats.com — Cisco Umbrella Rank: 14862
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
683 B
47 7
Domain Requested by
22 meals.freewarecn.com meals.freewarecn.com
6 pagead2.googlesyndication.com meals.freewarecn.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net meals.freewarecn.com
securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com meals.freewarecn.com
1 fonts.googleapis.com meals.freewarecn.com
47 12

This site contains links to these domains. Also see Links.

Domain
faloob.com
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
Subject Issuer Validity Valid
www.meals.freewarecn.com
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://meals.freewarecn.com/
Frame ID: 4673F61394A711E67BCC03B70CCBCA87
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup.html
Frame ID: AAB7F201E3A05A93E43FCD26D663958F
Requests: 1 HTTP requests in this frame

Frame: https://520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAEE3D40B24D146165932208AB52BC90
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 858CD27296675C0B2C4DDEECABF0E9DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 206166A42E93A0EA92DC8D3036C5DE51
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Delicious – …

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

83 %
IPv6

7
Domains

12
Subdomains

13
IPs

3
Countries

1558 kB
Transfer

2455 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
meals.freewarecn.com/ 		143 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
e453451f7790605f838a826cbec90d968188c2dd58eecce11dc42e31dd3aef17

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
39207
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Dec 2023 15:24:20 GMT
Keep-Alive
timeout=5, max=100
Link
<https://meals.freewarecn.com/wp-json/>; rel="https://api.w.org/"
Server
Apache
Vary
Accept-Encoding,User-Agent
X-LiteSpeed-Tag
5b3_HTTP.200
style.min.css
meals.freewarecn.com/wp-includes/css/dist/block-library/ 		107 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 06:45:29 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14499
style.css
meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/ 		65 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/style.css?ver=1.0.1-03-02
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
b6aaf28e0b78ee4e16adc259dda12e4137d96b58f29f1917244fdb23913a5314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 19:23:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11314
fontawesome-all.min.css
meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/css/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/css/fontawesome-all.min.css?ver=5.0.10
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 19:23:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8083
css
fonts.googleapis.com/ 		2 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b9f9eb75925ce18d8eca1b0717a3ed53dccaa54f83c7efcfe6d97416fd413ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 05 Dec 2023 15:24:21 GMT
jquery.min.js
meals.freewarecn.com/wp-includes/js/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 06:45:29 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30368
jquery-migrate.min.js
meals.freewarecn.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2023 05:49:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4872
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		176 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1568400387755538
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60c7322fe7bf4aad3d66e21e359302b41c3a1b564510c8a8fc1c8b2cb06f267a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://meals.freewarecn.com/
Origin
https://meals.freewarecn.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:21 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180447
x-xss-protection
0
server
cafe
etag
535640620496349213
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 15:24:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02cb8742500570881d7ae29311c4e6e71f329bce42a3162c2ef86175641e7ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:21 GMT
x-content-type-options
nosniff
server
cafe
etag
594 / 19696 / m202311290101 / config-hash: 17949421528483783907
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93563
x-xss-protection
0
expires
Tue, 05 Dec 2023 15:24:21 GMT
logo_2_90x90.png
meals.freewarecn.com/wp-content/uploads/2023/09/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/09/logo_2_90x90.png
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
3ad5f303984e5b0753da496349e4350825f9e023c46a854da87b841936c7dd72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Tue, 05 Sep 2023 20:09:16 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
15026
logo_2_90x90_1_40x40.png
meals.freewarecn.com/wp-content/uploads/2023/09/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/09/logo_2_90x90_1_40x40.png
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
754e21fbe76d025d3ab38a58044b093973a35ada32fda9f6a44d778dee4c4761

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Tue, 05 Sep 2023 20:09:29 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
10817
407849133_391450129888249_2440726259256431366_n-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/12/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/12/407849133_391450129888249_2440726259256431366_n-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
75c20df8ca008599b97e3e07ba5890f5401c9ef57193ed71ae5bca2f43c6c790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Mon, 04 Dec 2023 18:03:49 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30309
w1-480x270.jpeg
meals.freewarecn.com/wp-content/uploads/2023/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/12/w1-480x270.jpeg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
ca03bce00fc6e23e09ec9f4e783b72b1a0eb0e941193a67e314ac2f6dfa8168d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Mon, 04 Dec 2023 17:59:18 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26284
image-50-960x562-1-480x270.jpeg
meals.freewarecn.com/wp-content/uploads/2023/12/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/12/image-50-960x562-1-480x270.jpeg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
9cc7850e7bca28c55769a05769a35716c7de2fc54962e5a8862202ff86a78efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Mon, 04 Dec 2023 17:55:08 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
27742
dda85b5b-f111-465d-af9a-fb9738e2f728
https://meals.freewarecn.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://meals.freewarecn.com/dda85b5b-f111-465d-af9a-fb9738e2f728
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
1245
Content-Type
text/javascript
scripts.js
meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/js/scripts.js?ver=1.0.0.1
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
d55cc3fa10f5907f6a4f102426968424ffa50ee92f1c6379ff1d86df1dbeed9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 19:23:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
892
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
37075
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
830d4bab6941902e-FRA
content-length
4547
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
fonts.gstatic.com/s/opensans/v36/ 		34 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ff3c3ba8fecdb51cafe881c98e462d2585deaba61f9fa4e56ea23f16719b26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://meals.freewarecn.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22979
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:07:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 15:14:24 GMT
fa-brands-400.woff2
meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/webfonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/css/fontawesome-all.min.css?ver=5.0.10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6

Request headers

Referer
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/css/fontawesome-all.min.css?ver=5.0.10
Origin
https://meals.freewarecn.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 19:23:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
55172
fa-solid-900.woff2
meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/webfonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/css/fontawesome-all.min.css?ver=5.0.10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a

Request headers

Referer
https://meals.freewarecn.com/wp-content/themes/Arbitrage%20Theme/assets/fonts/font-awesome/css/fontawesome-all.min.css?ver=5.0.10
Origin
https://meals.freewarecn.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Sep 2023 19:23:03 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
44081
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
fonts.gstatic.com/s/opensans/v36/ 		35 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18cd6bd9984586eda0f10ddcd353a2b4362200aad4bb6f1ee23134a62e7c7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://meals.freewarecn.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 10:04:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23588
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 10:04:07 GMT
407462675_122127707240080624_947914064069275822_n-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/12/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/12/407462675_122127707240080624_947914064069275822_n-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
f88d39e3e18deed5c4ccbc220238d5c6ceaa25ef7b76509cf45cfaf1169f43be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Mon, 04 Dec 2023 16:34:55 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30104
275305867_1586670925035317_5131712519783532481_n-480x270.jpeg
meals.freewarecn.com/wp-content/uploads/2023/12/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/12/275305867_1586670925035317_5131712519783532481_n-480x270.jpeg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
4afe3f8438d9ac420aeacce8d7f573c120d7233272eb0b4a1a4034ee3beba76b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Mon, 04 Dec 2023 16:19:30 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25517
6-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/12/6-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
6891d421748a50295f3c776c357aa79e6ccb4682b3cc2f9e23978436ba68de54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Fri, 01 Dec 2023 16:46:49 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
13464
406063905_661959646147492_4703410696872896057_n-1-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/11/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/11/406063905_661959646147492_4703410696872896057_n-1-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
fb4f57d5ae142d9f1b0497cff7e4667bc01067e6b932b1600465e11751d0aff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Wed, 29 Nov 2023 19:42:39 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
37314
406063905_661959646147492_4703410696872896057_n-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/11/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/11/406063905_661959646147492_4703410696872896057_n-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
fb4f57d5ae142d9f1b0497cff7e4667bc01067e6b932b1600465e11751d0aff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Wed, 29 Nov 2023 19:24:57 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
37314
405761744_720110460005802_6912357366132396336_n-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/11/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/11/405761744_720110460005802_6912357366132396336_n-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
06fca71f02b9d467ce153bd27a019faf52c97f66b16195df46e1d70ac278380e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Wed, 29 Nov 2023 19:21:38 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
25466
26188169bd247cb32d790c374f1b64cb-480x270.jpg
meals.freewarecn.com/wp-content/uploads/2023/11/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meals.freewarecn.com/wp-content/uploads/2023/11/26188169bd247cb32d790c374f1b64cb-480x270.jpg
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
eb5b8668961874f4afe2687c693a44ceefbc2e9d2c7358603ed674b0d9705047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Last-Modified
Wed, 29 Nov 2023 19:12:55 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
28111
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4827385&@f16&@g1&@h1&@i1&@j1701789861692&@k0&@l1&@mDelicious%20%E2%80%93%20%E2%80%A6&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-183267223&@b3:1701789862&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fmeals.freewarecn.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
ebf1d75093007d06b4effc55ac4f026f5d8c58ace2f3fa7ecae036fc286170c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:21 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
wp-emoji-release.min.js
meals.freewarecn.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meals.freewarecn.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: meals.freewarecn.com
URL: https://meals.freewarecn.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.29.144.75 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
nc-ph-3585.usmccam.com
Software
Apache /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Date
Tue, 05 Dec 2023 15:24:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Feb 2023 00:53:25 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5039
show_ads_impl_with_ama.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		458 KB
458 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama.js?client=ca-pub-1568400387755538&plah=meals.freewarecn.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1568400387755538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16de5b3fab5e9ba7fc1bb2eab5ae89150429f8d3f91fec4f4524e78db2fc2c7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:21 GMT
x-content-type-options
nosniff
server
cafe
etag
6619556078683011602
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
468999
x-xss-protection
0
expires
Tue, 05 Dec 2023 15:24:21 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame AAB7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1568400387755538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://meals.freewarecn.com/
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

age
58052
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4505
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 23:16:49 GMT
etag
1201167979857287204
expires
Mon, 18 Dec 2023 23:16:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 04 Dec 2023 22:38:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
60362
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:38:19 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1348237471030814&correlator=1617044721450244&eid=31079829%2C44807746%2C44777900%2C31079527&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&iu_parts=22998264514%2Cca-pub-3892517083646544-tag%2CS3%2CS2%2CS1%2CBox-2%2CBox-1%2CB-Post%2CA-Post%2CAnchor-Ad&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9&prev_iu_szs=300x600%7C320x50%2C300x600%7C320x50%2C300x600%7C320x50%2C320x50%7C300x250%2C300x250%7C320x50%2C728x90%7C320x50%2C320x50%7C728x90%2C1x1&ifi=2&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C1&sc=1&cookie_enabled=1&abxe=1&dt=1701789861904&lmt=1701789861&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmeals.freewarecn.com%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ea=0&ga_vid=1007295519.1701789862&ga_sid=1701789862&ga_hid=929567143&ga_fc=false&dlt=1701789860974&idt=903&adks=3447460106%2C3353158474%2C3897986322%2C647665997%2C2799317281%2C2357164019%2C4033455925%2C2942361253&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07cbf899a18e35130bc6e1c5a62a51c7d361303232e309fe62f1e2bf027176ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
538
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://meals.freewarecn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1348237471030814&correlator=1617044721450244&eid=31079829%2C44807746%2C44777900%2C31079527&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&iu_parts=22998264514%2Cca-pub-3892517083646544-tag%2CInstertital&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&fas=8&eri=4&sc=1&cookie_enabled=1&cdm=meals.freewarecn.com&abxe=1&dt=1701789861912&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Flookfordelicious.cialisipr.online&loc=https%3A%2F%2Fmeals.freewarecn.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ea=0&ga_vid=1007295519.1701789862&ga_sid=1701789862&ga_hid=929567143&ga_fc=false&dlt=1701789860974&idt=903&adks=1450515816&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
411ab620fe75cf77506ce660a13eba0bf4c81b2c9d93d57fda3b31054643d384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
613
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://meals.freewarecn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAEE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://meals.freewarecn.com/
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 15:24:22 GMT
expires
Wed, 04 Dec 2024 15:24:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b868a280d96941aab08a3afb8cb249906160ca8536f41df961058a9e292bb81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 04 Dec 2023 16:23:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
82825
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13838
x-xss-protection
0
server
cafe
etag
11308270236509144836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 03 Dec 2024 16:23:56 GMT
ca-pub-1568400387755538
fundingchoicesmessages.google.com/i/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1568400387755538?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama.js?client=ca-pub-1568400387755538&plah=meals.freewarecn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
74ab8a29bf382680679235a5233c3965bdc9bd1e9b3467cefefc576aa1383798
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-FNVzMJA2VTNePSn_rII32g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-FNVzMJA2VTNePSn_rII32g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_5Aj0XZ4E7-CR0k9iMIV6EWGNXPvNxA0AAn-MsDNngRBQk_61CY_gzCpstWWYsUsKwNmUb-UR4mUGOr6Q9dpfA7vADjJrfv-dhRwVUdC-bGMAV_CAOnyw89z0osWi_EK8BAOHnA==
fundingchoicesmessages.google.com/f/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX_5Aj0XZ4E7-CR0k9iMIV6EWGNXPvNxA0AAn-MsDNngRBQk_61CY_gzCpstWWYsUsKwNmUb-UR4mUGOr6Q9dpfA7vADjJrfv-dhRwVUdC-bGMAV_CAOnyw89z0osWi_EK8BAOHnA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNzg5ODYyLDI0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tZWFscy5mcmVld2FyZWNuLmNvbS8iLG51bGwsW1s4LCJwN3RfbTJvR3A4USJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.p7t_m2oGp8Q.es5.O/am=AAM/d=1/rs=AJlcJMysrlPDx9ciiHy-YjfGSJSq1JOS2g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33d731c65b73dd2e2e9babe7fe0264f04e78cf7849140616b5037cff4a36cd03
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-OdiQ8nxQKq52SRfiBT42ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'nonce-OdiQ8nxQKq52SRfiBT42ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self'
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6c359993780e83748a6ede07cf0becc435cbefd3bbcfd0c447c853d047e2831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11981
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 15:24:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 858C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://meals.freewarecn.com/
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
62633
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 22:00:29 GMT
expires
Tue, 03 Dec 2024 22:00:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2061 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
afdaa93c01993748c5f3f91b86a94b06e94ce112f4c09aac745ae986003f365e
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-TfSEUnrKPD3m8p3AW1vFbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://meals.freewarecn.com/
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-TfSEUnrKPD3m8p3AW1vFbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 15:24:22 GMT
expires
Tue, 05 Dec 2023 15:24:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 858C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:11:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 15:11:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2061 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=1348237471030814&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers
generate_204
tpc.googlesyndication.com/ Frame 858C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pnAEfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Tue, 05 Dec 2023 15:24:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=1348237471030814&bg=!3t2l3ZLNAAY3kmNgF5I7ADQBe5WfOIDfsTGSlgVB6QKQFLy7rHrpQw3-bsMAK5KWfUz261eTaP-yLWliO24wYs0ya68xAgAAAD5SAAAAAmgBB5kCoD90UE6liQP2r6fe69xEyGeM0DMeLL4RxAVF8Hp_s_oHwK_4IQ9Zzi1yOGZr5g_slE6N43_JClyvfDJTk58KZ122MMEzqGK7gYBfHA96_yvHYtZPk3vis0_BbXkUNq4UI-_1U50dG_0PAv9-I9MsaG4GogIkedElARibRt9nJmCpaf7Ko9ska89QLl2YA2czVp_hXTAqSEKaqCOfSAAu8p2ury5Uko5Yid4hPwlQpsAAsEPRYuJP12NZWEDO5R3nmId56FNgnzESAMCi0at0mqnZp56dV3pHjQsSO6GyrPV5guQ77uuK6Aa2OIr0UgCA1WzjvdSO5Qm333fVbY8LaaaHNmhZrIsjc-HYAtlsVIbIowbwAuRheKeRz8AuCIu_IdLnDVSbyFrU8GojbojeRRh820alJGCFAqVoc5jIJ3efwW-58CWNE9B6FksfaarjRmkI6ojhjNbWfFXyFTksP4zA0zKenvi98Vc4hb73WeuTVo1FNml3jVbGrq1kCeEWpl9dPgaF8zA7YStG5nFUQIQ_vLxlQKgXJZQHuyMHEGWfVmfltYqtoC7S98AbDxfi0VCjHWMAtVYQZUt2n82BYN0fH0narS3kPZmWMbwQcn3HJE1myXWzs1C0Y94D1xCObPymQWJ_iR6N0I2gDFVAlGo4Mmbmjkz7dJE7SsfSN7_8vR-vJnzNhPcIPxxKOHO83GmXHF-n9wMZ2w2d_dfHkyIthEcmYxs3Qn3ggnW6Qanq1QJmUrqGtySCqJ1akQFCHbu9slKGxjaFnnxzNJ-2LlIEVBF7XfkZQGwV39RvMi0N7SIT5nbpIF8dV5E0tbjiteZw1pWVHtwI4prHfBEhr1MwXKdsbmyrLPE6KOXKZn7AQKUumzSIKbdmvjUzU44vpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://meals.freewarecn.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| googletag object| anchorSlot_2 object| interstitialSlot object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats function| b2a function| a2b boolean| ai_cookie_js string| ai_block_class_def boolean| ai_insertion_js object| Arrive object| ai_rotation_triggers boolean| ai_lists object| host_regexp function| z function| B function| D function| V function| ea function| fa function| P function| W function| X function| da function| la function| m function| ca function| ha function| b64e function| b64d object| ai_front undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_process_rotation function| ai_process_single_rotation function| ai_process_rotations function| ai_process_rotations_in_element function| MobileDetect function| ai_process_lists boolean| ai_js_code object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| gaGlobal object| _HistatsCounterGraphics_0_setValues function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| twemoji object| wp object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OTNlN2U3MjYzMTY2YWNlYmxvYWRlcl9qcw== string| OTNlN2U3MjYzMTY2YWNlYmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| __an6na521li18__ object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

10 Cookies

Domain/Path Name / Value
meals.freewarecn.com/ Name: HstCfa4827385
Value: 1701789861692
meals.freewarecn.com/ Name: HstCla4827385
Value: 1701789861692
meals.freewarecn.com/ Name: HstCmu4827385
Value: 1701789861692
meals.freewarecn.com/ Name: HstPn4827385
Value: 1
meals.freewarecn.com/ Name: HstPt4827385
Value: 1
meals.freewarecn.com/ Name: HstCnv4827385
Value: 1
meals.freewarecn.com/ Name: HstCns4827385
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.freewarecn.com/ Name: __gads
Value: ID=c8f93ac3bce28b39:T=1701789861:RT=1701789861:S=ALNI_MYBN5ETxu0_Q8TPB0UelI8Wn-v-Yw
.freewarecn.com/ Name: __gpi
Value: UID=00000d0b25eac7b9:T=1701789861:RT=1701789861:S=ALNI_MbSFtSNjAP1N7_lpz8ecouZbekW0w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

520503f8a751444c8959c4bfc6543aa8.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
meals.freewarecn.com
pagead2.googlesyndication.com
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
149.56.240.127
2606:4700:10::6814:5063
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200a
66.29.144.75
02cb8742500570881d7ae29311c4e6e71f329bce42a3162c2ef86175641e7ce3
06fca71f02b9d467ce153bd27a019faf52c97f66b16195df46e1d70ac278380e
07cbf899a18e35130bc6e1c5a62a51c7d361303232e309fe62f1e2bf027176ff
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
16de5b3fab5e9ba7fc1bb2eab5ae89150429f8d3f91fec4f4524e78db2fc2c7c
2b9f9eb75925ce18d8eca1b0717a3ed53dccaa54f83c7efcfe6d97416fd413ac
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ff3c3ba8fecdb51cafe881c98e462d2585deaba61f9fa4e56ea23f16719b26a
33d731c65b73dd2e2e9babe7fe0264f04e78cf7849140616b5037cff4a36cd03
3ad5f303984e5b0753da496349e4350825f9e023c46a854da87b841936c7dd72
411ab620fe75cf77506ce660a13eba0bf4c81b2c9d93d57fda3b31054643d384
424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4afe3f8438d9ac420aeacce8d7f573c120d7233272eb0b4a1a4034ee3beba76b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b868a280d96941aab08a3afb8cb249906160ca8536f41df961058a9e292bb81
60c7322fe7bf4aad3d66e21e359302b41c3a1b564510c8a8fc1c8b2cb06f267a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6891d421748a50295f3c776c357aa79e6ccb4682b3cc2f9e23978436ba68de54
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
74ab8a29bf382680679235a5233c3965bdc9bd1e9b3467cefefc576aa1383798
754e21fbe76d025d3ab38a58044b093973a35ada32fda9f6a44d778dee4c4761
75c20df8ca008599b97e3e07ba5890f5401c9ef57193ed71ae5bca2f43c6c790
9cc7850e7bca28c55769a05769a35716c7de2fc54962e5a8862202ff86a78efa
afdaa93c01993748c5f3f91b86a94b06e94ce112f4c09aac745ae986003f365e
b18cd6bd9984586eda0f10ddcd353a2b4362200aad4bb6f1ee23134a62e7c7a5
b6aaf28e0b78ee4e16adc259dda12e4137d96b58f29f1917244fdb23913a5314
b6c359993780e83748a6ede07cf0becc435cbefd3bbcfd0c447c853d047e2831
ca03bce00fc6e23e09ec9f4e783b72b1a0eb0e941193a67e314ac2f6dfa8168d
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb7aa6b06aa5a8eea3670662c4b0c37104041c14575fc170dc48677a0506a33a
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d55cc3fa10f5907f6a4f102426968424ffa50ee92f1c6379ff1d86df1dbeed9a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e453451f7790605f838a826cbec90d968188c2dd58eecce11dc42e31dd3aef17
e8562087317b34c4b2ac60e28e272b7b33e37523aacd5f2adba7a4f108e415c6
eb5b8668961874f4afe2687c693a44ceefbc2e9d2c7358603ed674b0d9705047
ebf1d75093007d06b4effc55ac4f026f5d8c58ace2f3fa7ecae036fc286170c5
f88d39e3e18deed5c4ccbc220238d5c6ceaa25ef7b76509cf45cfaf1169f43be
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fb4f57d5ae142d9f1b0497cff7e4667bc01067e6b932b1600465e11751d0aff6