urlscan.io logo urlscan.io
SecurityTrails logo

ramadadmabangkok.carmen.blue Open in urlscan Pro
103.29.189.141  Public Scan

Go To Rescan Add Verdict Report
URL: https://ramadadmabangkok.carmen.blue/
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 103.29.189.141, located in Thailand and belongs to NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH. The main domain is ramadadmabangkok.carmen.blue.
TLS certificate: Issued by R3 on April 29th 2024. Valid for: 3 months.
This is the only time ramadadmabangkok.carmen.blue was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 103.29.189.141 132300 (NIPA-AS-T...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 136.143.191.67 2639 (ZOHO-AS)
1 136.143.190.97 2639 (ZOHO-AS)
3 89.36.170.147 41913 (COMPUTERL...)
18 6
8    103.29.189.141 (Thailand)

ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH)
PTR: rev-pool-189-dr-nonthaburi-th.ispio.com
ramadadmabangkok.carmen.blue
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    136.143.191.67 (United States)

ASN2639 (ZOHO-AS, US)
salesiq.zoho.com
1    136.143.190.97 (United States)

ASN2639 (ZOHO-AS, US)
salesiq.zohopublic.com
3    89.36.170.147 (Schlierbach, Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)
PTR: zoho-170-147.dub3.computerline.net
css.zohocdn.com
js.zohocdn.com
Apex Domain
Subdomains		 Transfer
8 carmen.blue
ramadadmabangkok.carmen.blue
47 KB
3 zohocdn.com
css.zohocdn.com — Cisco Umbrella Rank: 14032
js.zohocdn.com — Cisco Umbrella Rank: 13500
37 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
272 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
53 KB
1 zohopublic.com
salesiq.zohopublic.com — Cisco Umbrella Rank: 15795
14 KB
1 zoho.com
salesiq.zoho.com — Cisco Umbrella Rank: 15441
47 KB
18 6
Domain Requested by
8 ramadadmabangkok.carmen.blue ramadadmabangkok.carmen.blue
3 cdnjs.cloudflare.com ramadadmabangkok.carmen.blue
cdnjs.cloudflare.com
2 css.zohocdn.com salesiq.zoho.com
css.zohocdn.com
2 cdn.jsdelivr.net ramadadmabangkok.carmen.blue
1 js.zohocdn.com salesiq.zoho.com
1 salesiq.zohopublic.com salesiq.zoho.com
1 salesiq.zoho.com ramadadmabangkok.carmen.blue
18 7

This site contains links to these domains. Also see Links.

Domain
www.carmensoftware.com
www.facebook.com
Subject Issuer Validity Valid
ramadadmabangkok.carmen.blue
R3		 2024-04-29 -
2024-07-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-29 -
2025-03-29		 a year crt.sh
zohopublic.com
R3		 2024-03-14 -
2024-06-12		 3 months crt.sh
*.zohocdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-10 -
2024-10-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ramadadmabangkok.carmen.blue/
Frame ID: 55CC7E20DF8E1A3A0A2EAB0D90E6FDF8
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ramada D' MA Bangkok - carmen.blue

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

471 kB
Transfer

962 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ramadadmabangkok.carmen.blue/ 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92c878b8404b881001e0cf0577ef9f88e9d4842c92429c6aa158a9ec3ad41e4c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
5544
content-type
text/html
date
Mon, 29 Apr 2024 11:44:27 GMT
etag
"4893263437edd91:0"
last-modified
Fri, 22 Sep 2023 09:28:53 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 		190 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4047091
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230122-FRA, cache-lga21962-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIJdnURur0RRWNQcoYAxYa1X0Oj7Kz00YqNahaKNWDxBzZgreP0vf2KWz6YpMjKLuqyJYPZWosyAlG55F3pB%2BP4D4SAdXvtOJ0Rqe7k9AgrArbaJtgD168KZO8KlsZ%2BWugoNTrW7QyPrdBdegxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
87bf0a4ffdb19731-FRA
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://ramadadmabangkok.carmen.blue
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
930533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18716
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-491c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alWF%2F895HahQYmhq%2BQLCDT9IICzjUxkov%2BsPtLU8O35wgK39rCoR5GORowOgZ8s1MPtqRckjlGNFwxjuZGTMzodwuRKGNYv%2FdpNYayOa53c5bzSaR8NQPakHA8R3FmjQHrwbYdE%2BjuruuyHjww%2BjlAN7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87bf0a4ffb052be9-FRA
expires
Sat, 19 Apr 2025 11:44:28 GMT
style.css
ramadadmabangkok.carmen.blue/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ramadadmabangkok.carmen.blue/style.css
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47706b4bfd921616099110db9008b7fd90c27b146f8745af30363258df9855be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:27 GMT
last-modified
Fri, 13 Jan 2023 07:39:13 GMT
server
Microsoft-IIS/10.0
etag
"ca46fa212227d91:0"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
2446
blueledgers.png
ramadadmabangkok.carmen.blue/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ramadadmabangkok.carmen.blue/blueledgers.png
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
25a7ff927a5eedca3a3ab3c6ed6743111f0c45828e09054baa3407bc3510d003

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:27 GMT
last-modified
Tue, 07 Jun 2022 04:15:49 GMT
server
Microsoft-IIS/10.0
etag
"1da844257ad81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
16298
carmen.png
ramadadmabangkok.carmen.blue/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ramadadmabangkok.carmen.blue/carmen.png
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b9600b50b39423ef6c40429ed0d5efa4702234090263db236df20a235aad204f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:27 GMT
last-modified
Tue, 07 Jun 2022 04:18:31 GMT
server
Microsoft-IIS/10.0
etag
"3a3447a5257ad81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
9526
asset.png
ramadadmabangkok.carmen.blue/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ramadadmabangkok.carmen.blue/asset.png
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
24442d1244b7d8b6e4b41073ab11ce8063662acfd06f75ef4846cfb5466f81dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:27 GMT
last-modified
Fri, 11 Nov 2022 10:46:24 GMT
server
Microsoft-IIS/10.0
etag
"dc6d8d7baf5d81:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
12532
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3300387
x-jsd-version
5.2.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220135-FRA, cache-lga21972-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"13a24-kNFQNu9I/LM2oTW66BK0VmnxkEQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2F9%2FeqHfzKIyGyWYMebfQndybAAgvBYBjRK3oPcUfdVJGuz9VV5HFdLYScVC0CAXX4sqxvX9BUMB6XSxP95yuJtlvt%2BybWYhS0ObQ5amXubVt0BH1AInCYaL11QpZea6ku27vP%2F5q2iHLcobhtA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
87bf0a4ffdb69731-FRA
profile.js
ramadadmabangkok.carmen.blue/ 		128 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ramadadmabangkok.carmen.blue/profile.js
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2808e6b009484043f33d9b1651dbb772ce5d4581cc96c4a76e821774af331464

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:27 GMT
last-modified
Mon, 29 Apr 2024 06:57:03 GMT
server
Microsoft-IIS/10.0
etag
"cf82af7029ada1:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
128
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 		147 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin
https://ramadadmabangkok.carmen.blue
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:28 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2122722
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150516
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-24bf4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u3bd0N%2B6R1%2ByUgh%2BbQMnAJSZozn677Uy5IsGid80dJ21cB07zGuppYoyNsZQBKmJj7ClUTC8eySfeIE%2FUyxMhwsOnmMF6gmWEZkP1bOgqcxQrqoVvlBZAqhKGtf4IbVshwnQOidGcKKABgspP4LGa38F"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87bf0a51fd792be9-FRA
expires
Sat, 19 Apr 2025 11:44:28 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 		105 KB
106 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin
https://ramadadmabangkok.carmen.blue
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:28 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
209662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
107656
last-modified
Tue, 15 Nov 2022 18:04:22 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6373d4a6-1a488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MypraygYrLbGdySNuRDL%2FO2FJe7DfJQgxz59ff1GcEOwel%2FJVRXo8y8RV3F2P%2FcltYN0rWo4bpokicqvQphquHkn4um%2FOIbMopBS8rm9jsRk%2BeKaLgwr4tpGOe1ROjp3UkcfjBvjEmbRzFpIOMJwcjcO"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87bf0a51fd7a2be9-FRA
expires
Sat, 19 Apr 2025 11:44:28 GMT
wallpaper.jpg
ramadadmabangkok.carmen.blue/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ramadadmabangkok.carmen.blue/wallpaper.jpg
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:27 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1245
content-type
text/html
widget
salesiq.zoho.com/ 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salesiq.zoho.com/widget
Requested by
Host: ramadadmabangkok.carmen.blue
URL: https://ramadadmabangkok.carmen.blue/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.191.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
44cd5130d2e764319b7293b4b6ed71e03988bd6fa12734a8592c2499010a62f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
Date
Mon, 29 Apr 2024 11:44:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000
Server
ZGS
ETag
W/f123c188d7219cc40677213924832de228687315e4dd5ac8e444e3157c08fd98
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Connection
keep-alive
Expires
Mon, 29 Apr 2024 11:49:29 GMT
website
salesiq.zohopublic.com/visitor/v2/channels/ 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salesiq.zohopublic.com/visitor/v2/channels/website?widgetcode=bb036bbbc0b76993498e317b47a24066e84f8b12503b2ed35389aaff97d9666bbf2341d7694395a95bdee6c3a472246e&internal_channel_req=true&language_api=true&browser_language=de&current_domain=https%3A%2F%2Framadadmabangkok.carmen.blue&pagetitle=Ramada%20D%27%20MA%20Bangkok%20-%20carmen.blue&include_fields=avuid
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.143.190.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
55cb997f087c53bb49cdfe78e69efb644e1801eb9616b41d3fac5454b8ca4b31
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 29 Apr 2024 11:44:30 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
Server
ZGS
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://ramadadmabangkok.carmen.blue
Content-Language
de-DE
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Encoding
UTF-8
Access-Control-Allow-Headers
Content-Type,x-siq-internal-channel
favicon.ico
ramadadmabangkok.carmen.blue/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ramadadmabangkok.carmen.blue/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.29.189.141 , Thailand, ASN132300 (NIPA-AS-TH NIPA TECHNOLOGY CO., LTD, TH),
Reverse DNS
rev-pool-189-dr-nonthaburi-th.ispio.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1245
content-type
text/html
floatbutton11_12etw67KwhtF0PryKBAbC3fN2aO4mbQtTU72Ow-sC5zR_j0NZPfSL-f8jkuVYue__.css
css.zohocdn.com/salesiq/styles/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/styles/floatbutton11_12etw67KwhtF0PryKBAbC3fN2aO4mbQtTU72Ow-sC5zR_j0NZPfSL-f8jkuVYue__.css
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
zoho-170-147.dub3.computerline.net
Software
ZGS /
Resource Hash
9c6e0b81cc1d1c371355ee427f6648a1c895f18a33b96583aa378a1113dc8243
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Origin
https://ramadadmabangkok.carmen.blue
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:30 GMT
strict-transport-security
max-age=15768000, max-age=63072000
x-content-type-options
nosniff
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13552
last-modified
Thu, 04 Apr 2024 08:42:43 GMT
server
ZGS
nb-request-id
ab82f9a58b615b9ad406b6a9f6640e71
etag
"5da67ced10dc786bd1e2e4b5ed8dfd6b"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
content-language
en-US
z-origin-id
ex1-4258356cc32948e7af249a4652460aee
accept-ranges
bytes
timing-allow-origin
*
floatbutton11_plI39nPS4Y07wT_tpCn_FO2TdzAegAhyTVxJSFX6DiBAAAP0Idg3RlDN5J4rV4_F_.js
js.zohocdn.com/salesiq/js/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohocdn.com/salesiq/js/floatbutton11_plI39nPS4Y07wT_tpCn_FO2TdzAegAhyTVxJSFX6DiBAAAP0Idg3RlDN5J4rV4_F_.js
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
zoho-170-147.dub3.computerline.net
Software
ZGS /
Resource Hash
f2f6e35caf3d670c3c284cd32fcafd327a3e469f03f794fe215eed536b8a06a8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ramadadmabangkok.carmen.blue/
Origin
https://ramadadmabangkok.carmen.blue
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:30 GMT
strict-transport-security
max-age=15768000, max-age=63072000
x-content-type-options
nosniff
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13580
last-modified
Thu, 18 Apr 2024 08:08:06 GMT
server
ZGS
nb-request-id
ff2630fa19270d05809c2822fbff3489
etag
"df22bc338c74e19af924d2b96d2121fc"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
content-language
en-US
z-origin-id
ex1-81f9033d8f994f14a37158b2fe7b926b
accept-ranges
bytes
timing-allow-origin
*
siq_mpWsf52LIPg9mU40fjRdjF6WMUs-Q0VNu4KH07GkhNZGQTRxW2eRyFJLAq9VKCYB_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 		14 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.zohocdn.com/salesiq/styles/fonts/float/siq_mpWsf52LIPg9mU40fjRdjF6WMUs-Q0VNu4KH07GkhNZGQTRxW2eRyFJLAq9VKCYB_.ttf
Requested by
Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton11_12etw67KwhtF0PryKBAbC3fN2aO4mbQtTU72Ow-sC5zR_j0NZPfSL-f8jkuVYue__.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.36.170.147 Schlierbach, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),
Reverse DNS
zoho-170-147.dub3.computerline.net
Software
ZGS /
Resource Hash
cf1f73b76f318b2d7b59319d22f03d9f40ae8ab9ed942d338aeca9d03860fc15
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://css.zohocdn.com/salesiq/styles/floatbutton11_12etw67KwhtF0PryKBAbC3fN2aO4mbQtTU72Ow-sC5zR_j0NZPfSL-f8jkuVYue__.css
Origin
https://ramadadmabangkok.carmen.blue
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 11:44:30 GMT
strict-transport-security
max-age=15768000, max-age=63072000
x-content-type-options
nosniff
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
9343
last-modified
Thu, 04 Apr 2024 08:42:57 GMT
server
ZGS
nb-request-id
8a67bdb4e8b5b79c56facf6e483fe703
etag
"20f374e9afc772f2ce62f64c5b3b772f"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
content-language
en-US
z-origin-id
ex1-f8efb06413b24343932cd0ce22317d4d
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap object| $zoho object| d object| s object| t object| $ZSIQLSDB object| $ZSIQCookie object| IframeHandler object| $zsalobj object| $zsalobjrestricted object| UDHandler object| ZSIQJWTVerify object| $ZSIQUtil object| $ZSIQLicence function| handleIframeFunction object| $UTSHandler object| $ZSIQUTS object| $ZSIQUTSAction object| ResponseFormatter object| $ZSIQNotifyCookie object| $ZSIQChat boolean| isdomloadhandled object| NEW_STATIC_URLS string| _STATIC_URL object| _NEW_MEDIARTC_URLS object| _ZSIQ object| $ZSIQAnalytics object| $ZSIQAutopick object| $zohosq object| $zcb object| $zv object| $zlm object| $zlch string| $zla boolean| $ZSIQ_UTSinitialized function| $ZSisThresholdExceeded function| $ZDestroyFloatData function| $ZNotifyTracking function| $ZShandleEvent number| SIQ_FLOAT number| SIQ_BUTTON number| SIQ_PERSONALIZE boolean| _WINDOW_REPOPULATE string| api_lang object| _WEBSITEAPIRESPONSE boolean| _IS_REVAMP boolean| iscdnenabled object| cssjslist string| actualcssfile string| actualjsfile object| $ZSIQChatWindow function| zsiqdrag object| $ZSIQTemplate object| $ZSIQWidgetUI object| $ZSIQWidget

4 Cookies

Domain/Path Name / Value
salesiq.zohopublic.com/ Name: LS_CSRF_TOKEN
Value: 29d9b54b-732c-4680-883c-c83eb453bad5
salesiq.zohopublic.com/ Name: uesign
Value: 526256cbfd469dc6683bd7cbcb766f381390910a984e167093d54f3ab5336b544344880d5eb5b21c04980d163f8c1012
.ramadadmabangkok.carmen.blue/ Name: carmensoftware-_zldp
Value: B2%2Bh1YffOd3yvM%2FXz0F7i7qVdUZi%2BdYi%2FKGUnba8RQ%2B076dwv127MWcwe9N8vnJzodoRkLyJC2Y%3D
.ramadadmabangkok.carmen.blue/ Name: carmensoftware-_zldt
Value: 7dfbf6db-f1b5-4b7e-ad8b-7f8b64120d60-1

4 Console Messages

Source Level URL
Text
network error URL: https://ramadadmabangkok.carmen.blue/(Line 111)
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ramadadmabangkok.carmen.blue/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ramadadmabangkok.carmen.blue/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ramadadmabangkok.carmen.blue/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
css.zohocdn.com
js.zohocdn.com
ramadadmabangkok.carmen.blue
salesiq.zoho.com
salesiq.zohopublic.com
103.29.189.141
136.143.190.97
136.143.191.67
2606:4700::6810:5814
2606:4700::6811:190e
89.36.170.147
24442d1244b7d8b6e4b41073ab11ce8063662acfd06f75ef4846cfb5466f81dd
25a7ff927a5eedca3a3ab3c6ed6743111f0c45828e09054baa3407bc3510d003
2808e6b009484043f33d9b1651dbb772ce5d4581cc96c4a76e821774af331464
44cd5130d2e764319b7293b4b6ed71e03988bd6fa12734a8592c2499010a62f2
47706b4bfd921616099110db9008b7fd90c27b146f8745af30363258df9855be
55cb997f087c53bb49cdfe78e69efb644e1801eb9616b41d3fac5454b8ca4b31
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2
92c878b8404b881001e0cf0577ef9f88e9d4842c92429c6aa158a9ec3ad41e4c
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
9c6e0b81cc1d1c371355ee427f6648a1c895f18a33b96583aa378a1113dc8243
b9600b50b39423ef6c40429ed0d5efa4702234090263db236df20a235aad204f
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c61287c2fa9863b5fb5844c683a168ac6520c94d822bb43d5eae35c3a2a82166
cf1f73b76f318b2d7b59319d22f03d9f40ae8ab9ed942d338aeca9d03860fc15
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2f6e35caf3d670c3c284cd32fcafd327a3e469f03f794fe215eed536b8a06a8