combohappymeal.mcdonaldsvn.click Open in urlscan Pro
54.179.173.60  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response combohappymeal.mcdonaldsvn.click/	121 KB 26 KB	250ms 6ms	Document text/html	54.179.173.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.179.173.60 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-179-173-60.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 99def0cd1cfe4605866181377c8d6108a3ae209b916204b17199a736e2b3cd26 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Thu, 06 Jun 2024 02:21:20 GMT server openresty statuscode 200 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	15 KB 2 KB	26ms 9ms	Stylesheet text/css	2404:6800:4003:c00::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Montserrat:wght@400;700&display=swap Requested by Host: combohappymeal.mcdonaldsvn.click URL: https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 609f25b99f408e8b6114ac3b855a336e29104f384ac938aa02d3f97fd23ee278 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 06 Jun 2024 02:21:20 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 06 Jun 2024 02:21:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 06 Jun 2024 02:21:20 GMT
GET H2	200	ladipagev3.min.js Show response w.ladicdn.com/v4/source/	395 KB 94 KB	43ms 5ms	Script text/javascript	2600:9000:223b:9800:11:52e1:b680:93a1
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1716608323333 Requested by Host: combohappymeal.mcdonaldsvn.click URL: https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:9800:11:52e1:b680:93a1 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 13eb343745087837fa6d29caa239952566eadd439e05e349d5a038a39a8b645d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 06:50:36 GMT content-encoding gzip via 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 70244 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id Jn19XJnkauYLidG3GRap0cNm-TRbRGhQQgjWTfbBjZ0To9Z3qoM0sg== expires Thu, 05 Jun 2025 06:50:36 GMT
GET H2	200	dcb217873ab5da300e312cb8b602b4c2-20240416084336-a6lvk.jpg w.ladicdn.com/s400x400/65fcf7be6449400012667ce5/	15 KB 14 KB	91ms 89ms	Image image/jpeg	2600:9000:223b:9800:11:52e1:b680:93a1
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s400x400/65fcf7be6449400012667ce5/dcb217873ab5da300e312cb8b602b4c2-20240416084336-a6lvk.jpg Requested by Host: combohappymeal.mcdonaldsvn.click URL: https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:9800:11:52e1:b680:93a1 , United States, ASN (), Reverse DNS Software nginx / Resource Hash bd25b462ed9b01b516a39a71546c13cdb81adb3208afd1ca1b9cddf32d565ba9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 02:21:20 GMT content-encoding gzip via 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 x-cache Miss from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id EOjW1xJRLKvZm5qCJlc4QjVscZ9S5MvXxKGpAktgs4noXdQqu03s_Q== expires Fri, 06 Jun 2025 02:21:20 GMT
GET H2	200	26066do-choi-hambuger-20240418071913-sz9ds.png w.ladicdn.com/s1800x1450/65fcf7be6449400012667ce5/	934 KB 937 KB	100ms 98ms	Image image/png	2600:9000:223b:9800:11:52e1:b680:93a1
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1800x1450/65fcf7be6449400012667ce5/26066do-choi-hambuger-20240418071913-sz9ds.png Requested by Host: combohappymeal.mcdonaldsvn.click URL: https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:9800:11:52e1:b680:93a1 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 3bedd1b40bf59839790c7447b01a82323687e11a1e614ec5c8fa53a18c3c131e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 02:21:20 GMT content-encoding gzip via 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 x-cache Miss from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id UTa1LmIgtHWXf8kfD89jMmEBlLN2rlZP2Bntt6sTLqg5HPI2PcKJYg== expires Fri, 06 Jun 2025 02:21:20 GMT
GET H2	200	retro-happy-meal-backpack-20240422132712-igg6k.jpg w.ladicdn.com/s850x1050/65fcf7be6449400012667ce5/	151 KB 150 KB	85ms 83ms	Image image/jpeg	2600:9000:223b:9800:11:52e1:b680:93a1
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s850x1050/65fcf7be6449400012667ce5/retro-happy-meal-backpack-20240422132712-igg6k.jpg Requested by Host: combohappymeal.mcdonaldsvn.click URL: https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:9800:11:52e1:b680:93a1 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 71bb6270b84ffe7c18026970cbdae8fb47c07aeae27a6656b6f6a46ec91e5436 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 02:21:20 GMT content-encoding gzip via 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 x-cache Miss from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id BsBoQ9_mgimcOdOV0TlomBivYz8CnAdbPC__-jDxrHvubIA-XH8xbA== expires Fri, 06 Jun 2025 02:21:20 GMT
GET H2	200	hambuger-20240416122443-dbqkw.jpg w.ladicdn.com/s960x573/65fcf7be6449400012667ce5/	15 KB 7 KB	92ms 90ms	Image image/jpeg	2600:9000:223b:9800:11:52e1:b680:93a1
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s960x573/65fcf7be6449400012667ce5/hambuger-20240416122443-dbqkw.jpg Requested by Host: combohappymeal.mcdonaldsvn.click URL: https://combohappymeal.mcdonaldsvn.click/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:9800:11:52e1:b680:93a1 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 57745a0a2239d36a1cebb679fcfd2a73e448704791c425bcae48d98daff614e0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 02:21:20 GMT content-encoding gzip via 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 x-cache Miss from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id 1fpE0qkxqDbFV9Nh_-jLsfAbwW_aCPdjW-LOYabmbyIzvfWL2iCC9w== expires Fri, 06 Jun 2025 02:21:20 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	85ms 47ms	Font font/woff2	2404:6800:4003:c02::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Montserrat:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://combohappymeal.mcdonaldsvn.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 21:52:30 GMT x-content-type-options nosniff age 16130 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48236 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Jun 2025 21:52:30 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	16 KB 16 KB	82ms 45ms	Font font/woff2	2404:6800:4003:c02::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Montserrat:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://combohappymeal.mcdonaldsvn.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 22:02:17 GMT x-content-type-options nosniff age 15543 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16552 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:08:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Jun 2025 22:02:17 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v40/	35 KB 35 KB	58ms 21ms	Font font/woff2	2404:6800:4003:c02::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Montserrat:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://combohappymeal.mcdonaldsvn.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 19:08:20 GMT x-content-type-options nosniff age 25980 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35328 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Jun 2025 19:08:20 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v26/	32 KB 32 KB	117ms 83ms	Font font/woff2	2404:6800:4003:c02::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Montserrat:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://combohappymeal.mcdonaldsvn.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 22:04:36 GMT x-content-type-options nosniff age 15404 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33092 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:51:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Jun 2025 22:04:36 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 fonts.gstatic.com/s/montserrat/v26/	27 KB 27 KB	105ms 70ms	Font font/woff2	2404:6800:4003:c02::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&family=Montserrat:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::5e Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://combohappymeal.mcdonaldsvn.click Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 16:34:25 GMT x-content-type-options nosniff age 35215 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27812 x-xss-protection 0 last-modified Wed, 13 Sep 2023 22:37:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 05 Jun 2025 16:34:25 GMT
OPTIONS H2	200	event a.ladipage.com/ Frame	0 0	90ms 24ms	Preflight application/json	18.139.76.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.139.76.68 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-139-76-68.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Access-Control-Request-Method POST Origin https://combohappymeal.mcdonaldsvn.click Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Thu, 06 Jun 2024 02:21:20 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	ladipage.formdata.min.js Show response w.ladicdn.com/v4/source/	59 KB 16 KB	7ms 6ms	Script text/javascript	2600:9000:223b:9800:11:52e1:b680:93a1
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v4/source/ladipage.formdata.min.js?v=1716608323333 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1716608323333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223b:9800:11:52e1:b680:93a1 , United States, ASN (), Reverse DNS Software nginx / Resource Hash 4d3c47b4ec644279885705abd974a871894bad75fde6ce990e6b27310f7251a1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 05 Jun 2024 06:50:35 GMT content-encoding gzip via 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P2 age 70245 x-cache Hit from cloudfront server nginx access-control-max-age 2592000 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials x-amz-cf-id iMRcwE4Z0gJj32fsp44pok-O8duf_jJ7cOegBtt5MPZoLNAcx-pF6w== expires Thu, 05 Jun 2025 06:50:35 GMT
POST H2	200	event Show response a.ladipage.com/	125 B 651 B	14ms 13ms	XHR text/plain	18.139.76.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1716608323333 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.139.76.68 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-139-76-68.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" LADI_CLIENT_ID 0a45b4e8-2bb4-4a35-5c9a-87e54f9a6c72 LADI_CAMP_ORIGIN_URL LADI_FORM_SUBMIT 0 LADI_CAMP_ID LADI_CAMP_FORM_SUBMIT 0 Accept-Language en-SG,en;q=0.9;q=0.9 LADI_CAMP_TYPE sec-ch-ua-platform "Win32" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 LADI_CAMP_NAME Content-Type application/json Referer https://combohappymeal.mcdonaldsvn.click/ LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 LADI_PAGE_VIEW 1 Response headers date Thu, 06 Jun 2024 02:21:20 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	84ms 23ms	Script text/javascript	2404:6800:4003:c04::88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v4/source/ladipagev3.min.js?v=1716608323333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c04::88 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8d3e2321f6291c79830f86d5e84eda3d40c9568f574b54a159c350f7b300aaa5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 02:21:20 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Thu, 06 Jun 2024 02:21:20 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/	37 KB 13 KB	5ms 4ms	Script text/javascript	2404:6800:4003:c04::88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c04::88 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47b29d787e8c5413c10ab04c5bb44ba272b76f725cc5c680593cd8c52f1c7c95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 07:29:03 GMT content-encoding br x-content-type-options nosniff age 154337 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12603 x-xss-protection 0 last-modified Tue, 04 Jun 2024 05:00:05 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 04 Jun 2025 07:29:03 GMT
GET H2	200	KfA_SFpgQG0 www.youtube.com/embed/ Frame 4815	0 0	96ms 89ms	Document text/html	2404:6800:4003:c04::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/KfA_SFpgQG0?rel=0&modestbranding=0&playsinline=1&controls=0&enablejsapi=1&origin=https%3A%2F%2Fcombohappymeal.mcdonaldsvn.click&widgetid=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c04::5d Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-SG,en;q=0.9;q=0.9 Referer https://combohappymeal.mcdonaldsvn.click/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Thu, 06 Jun 2024 02:21:20 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	favicon.ico combohappymeal.mcdonaldsvn.click/	15 KB 15 KB	5ms 4ms	Other image/x-icon	54.179.173.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://combohappymeal.mcdonaldsvn.click/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.179.173.60 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-179-173-60.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash 17322c2580cc44463b9df06184f8005bd15af3e0ef9237db4371ba1eba55f6e3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://combohappymeal.mcdonaldsvn.click/ Accept-Language en-SG,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jun 2024 02:21:21 GMT last-modified Sun, 09 Apr 2023 11:31:27 GMT server openresty accept-ranges bytes content-length 15406 content-type image/x-icon

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| ladi_ttq function| lazyload_run function| equalsLadiPage function| isObjectLadiPage function| isArrayLadiPage function| isFunctionLadiPage function| isBooleanLadiPage function| isStringLadiPage function| isEmptyLadiPage function| isNullLadiPage function| parseFloatLadiPage function| decodeURIComponentLadiPage function| formatNumber function| textToNumber function| formatNumberComma function| textToNumberComma function| formatNumberDot function| textToNumberDot object| Base64 function| LadiPageScriptV2 object| LadiPageScript object| LadiFormulaData object| LadiFormApi object| LadiPageCommand object| LadiPageLocation object| LadiPageShopping object| LadiPageFormData object| LadiPageQueueCommandList object| LadiPageQueueCommand function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| language_set function| LadiPageLibraryV2 function| ladi function| ladi_api_fbq function| ladi_api_ttq function| LadiPageAppV2 function| sha256 function| sha224 object| LadiPageApp function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			combohappymeal.mcdonaldsvn.click/	1970-01-21 06:43:20	Name: LADI_DNS_CHECK Value: "2024-06-06 02:21:20.171441635 +0000 UTC m=+2052270.680852409"
			combohappymeal.mcdonaldsvn.click/	1970-01-21 06:43:20	Name: LADI_CLIENT_ID Value: 0a45b4e8-2bb4-4a35-5c9a-87e54f9a6c72
			combohappymeal.mcdonaldsvn.click/	1970-01-21 06:43:20	Name: LADI_FORM_SUBMIT Value: 0
			combohappymeal.mcdonaldsvn.click/	1970-01-21 06:43:20	Name: LADI_PAGE_VIEW Value: 1
			combohappymeal.mcdonaldsvn.click/	1970-01-20 21:08:46	Name: _timenow Value: 1717640480349
			combohappymeal.mcdonaldsvn.click/	1970-01-21 05:52:56	Name: LADI_UNIQUE_ID Value: 307199ed-b26f-4979-afef-8a915d245ebf
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: D9i_rAaeS4s
			.youtube.com/	1970-01-21 01:26:32	Name: VISITOR_INFO1_LIVE Value: 9DSgsA_Mn2s
			.youtube.com/	1970-01-21 01:26:32	Name: VISITOR_PRIVACY_METADATA Value: CgJTRxIEGgAgJA%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/e056da8e/www-widgetapi.vflset/www-widgetapi.js(Line 243) Message: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
combohappymeal.mcdonaldsvn.click
fonts.googleapis.com
fonts.gstatic.com
w.ladicdn.com
www.youtube.com
18.139.76.68
2404:6800:4003:c00::5f
2404:6800:4003:c02::5e
2404:6800:4003:c04::5d
2404:6800:4003:c04::88
2600:9000:223b:9800:11:52e1:b680:93a1
54.179.173.60
0e8766356e7b8f563df27d4e7928077709065f892850c9089cb42d922530fc7f
13eb343745087837fa6d29caa239952566eadd439e05e349d5a038a39a8b645d
17322c2580cc44463b9df06184f8005bd15af3e0ef9237db4371ba1eba55f6e3
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
3bedd1b40bf59839790c7447b01a82323687e11a1e614ec5c8fa53a18c3c131e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
47b29d787e8c5413c10ab04c5bb44ba272b76f725cc5c680593cd8c52f1c7c95
4d3c47b4ec644279885705abd974a871894bad75fde6ce990e6b27310f7251a1
57745a0a2239d36a1cebb679fcfd2a73e448704791c425bcae48d98daff614e0
609f25b99f408e8b6114ac3b855a336e29104f384ac938aa02d3f97fd23ee278
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
71bb6270b84ffe7c18026970cbdae8fb47c07aeae27a6656b6f6a46ec91e5436
8d3e2321f6291c79830f86d5e84eda3d40c9568f574b54a159c350f7b300aaa5
99def0cd1cfe4605866181377c8d6108a3ae209b916204b17199a736e2b3cd26
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd25b462ed9b01b516a39a71546c13cdb81adb3208afd1ca1b9cddf32d565ba9