contact.kbi.vn Open in urlscan Pro
18.140.6.45  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response contact.kbi.vn/	54 KB 13 KB	32ms 6ms	Document text/html	18.140.6.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://contact.kbi.vn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.140.6.45 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-140-6-45.ap-southeast-1.compute.amazonaws.com Software openresty / Resource Hash b9f74131306f59a5d684a03111c8b9053db65ec040d4a126c421b54243a0f562 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Mon, 03 Apr 2023 03:37:31 GMT server openresty statuscode 200 vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	13 KB 1 KB	21ms 9ms	Stylesheet text/css	2404:6800:4003:c05::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Requested by Host: contact.kbi.vn URL: https://contact.kbi.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e10b94ce84d5d84ed731a7112acffca5d87ddcd60ed31c8e7253bb4a8acba864 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://contact.kbi.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 03 Apr 2023 03:37:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 03 Apr 2023 03:37:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 03 Apr 2023 03:37:31 GMT
GET H2	200	ladipagev3.min.js Show response w.ladicdn.com/v2/source/	312 KB 79 KB	28ms 3ms	Script text/javascript	2400:52e0:1500::955:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1680248793291 Requested by Host: contact.kbi.vn URL: https://contact.kbi.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1500::955:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-SG1-955 / Resource Hash 1f4ac1b03d93203cd2975f508065d93100d89e7c5394c7edb81b945dbd3fa72c Request headers accept-language zh-SG,zh;q=0.9 Referer https://contact.kbi.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 03:37:31 GMT content-encoding br cdn-edgestorageid 858 perma-cache HIT cdn-storageserver SG-76 cdn-cachedat 03/31/2023 07:50:42 cdn-pullzone 575124 last-modified Fri, 31 Mar 2023 07:50:03 GMT server BunnyCDN-SG1-955 cdn-fileserver 560 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"642690ab-4e125" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid 3917ab18a09ba57f2800d1a9af3e8894 cdn-requestcountrycode SG cdn-status 200 cdn-requestpullsuccess True
GET H2	200	deep-sky-astrophoto-20230330020513-unrpu.jpg w.ladicdn.com/s1440x701/59eab3d2fad86747bdf5b3a9/	2 MB 2 MB	6ms 5ms	Image image/jpeg	2400:52e0:1500::955:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1440x701/59eab3d2fad86747bdf5b3a9/deep-sky-astrophoto-20230330020513-unrpu.jpg Requested by Host: contact.kbi.vn URL: https://contact.kbi.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1500::955:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-SG1-955 / Resource Hash f3f99ee9e22dd0a7181f70fbe81f87ed2f4d0fea1590a97894a9d7e5825f86ce Request headers accept-language zh-SG,zh;q=0.9 Referer https://contact.kbi.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 03:37:31 GMT cdn-edgestorageid 869 perma-cache MISS cdn-cachedat 04/03/2023 01:25:49 cdn-pullzone 575124 server BunnyCDN-SG1-955 cdn-proxyver 1.03 cdn-requestpullcode 200 access-control-max-age 2592000 access-control-allow-methods GET content-type image/jpeg access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-allow-credentials true cache-control public, max-age=31919000 cdn-requestid 6e0aaa5290b2e019c18e774966b50425 cdn-requestcountrycode SG access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	314 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e511f2bdef2303b6c17dce82f00f45e446554ea5f96a4f32897a717b98400d7 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	jfprrozr20230403033025.png w.ladicdn.com/s1100x900/59eab3d2fad86747bdf5b3a9/rbg/	480 KB 481 KB	11ms 11ms	Image image/png	2400:52e0:1500::955:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://w.ladicdn.com/s1100x900/59eab3d2fad86747bdf5b3a9/rbg/jfprrozr20230403033025.png Requested by Host: contact.kbi.vn URL: https://contact.kbi.vn/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1500::955:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-SG1-955 / Resource Hash b7d7395bc54e7ed64bfc0df20ccfb00afc196f6f5c08bcd05082290938e392bd Request headers accept-language zh-SG,zh;q=0.9 Referer https://contact.kbi.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 03:37:31 GMT cdn-edgestorageid 869 perma-cache MISS cdn-cachedat 04/03/2023 03:36:25 cdn-pullzone 575124 server BunnyCDN-SG1-955 cdn-proxyver 1.03 cdn-requestpullcode 200 access-control-max-age 2592000 access-control-allow-methods GET content-type image/png access-control-allow-origin * cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match access-control-allow-credentials true cache-control public, max-age=31919000 cdn-requestid 149ca164ea5bc3366f181b04917de182 cdn-requestcountrycode SG access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	44ms 16ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 23:21:24 GMT x-content-type-options nosniff age 15367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 01 Apr 2024 23:21:24 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	54ms 27ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:37:31 GMT x-content-type-options nosniff age 493200 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:37:31 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	31 KB 31 KB	64ms 37ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 07:36:51 GMT x-content-type-options nosniff age 158440 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31320 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:11:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Mar 2024 07:36:51 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	26 KB 26 KB	62ms 35ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:51:34 GMT x-content-type-options nosniff age 492357 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26240 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:37 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:51:34 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 fonts.gstatic.com/s/oswald/v49/	17 KB 18 KB	63ms 38ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 01 Apr 2023 05:12:40 GMT x-content-type-options nosniff age 167091 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17908 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:23:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 31 Mar 2024 05:12:40 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 fonts.gstatic.com/s/oswald/v49/	14 KB 14 KB	68ms 44ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 09:06:47 GMT x-content-type-options nosniff age 325844 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14156 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:38:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Mar 2024 09:06:47 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7GxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	69ms 44ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Wed, 29 Mar 2023 18:56:43 GMT x-content-type-options nosniff age 376848 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 28 Mar 2024 18:56:43 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	37ms 13ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:33:51 GMT x-content-type-options nosniff age 493420 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:33:51 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	12 KB 12 KB	69ms 46ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:38:03 GMT x-content-type-options nosniff age 493168 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11824 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:38:03 GMT
OPTIONS H2	200	event a.ladipage.com/	0 0	43ms 6ms	Preflight application/json	52.74.99.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.74.99.40 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-74-99-40.ap-southeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view Access-Control-Request-Method POST Origin https://contact.kbi.vn Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily access-control-allow-methods POST, OPTIONS access-control-allow-origin * access-control-max-age 2592000 content-encoding gzip content-type application/json; charset=utf-8 date Mon, 03 Apr 2023 03:37:31 GMT vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 0
GET H2	200	ladipage.formdata.min.js Show response w.ladicdn.com/v2/source/	51 KB 15 KB	15ms 14ms	Script text/javascript	2400:52e0:1500::955:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1680248793291 Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1680248793291 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1500::955:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-SG1-955 / Resource Hash a09dcfd89dd73417262bf648fb85e6c1485bc40a3704a3ad1e5588793a5160e2 Request headers accept-language zh-SG,zh;q=0.9 Referer https://contact.kbi.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 03 Apr 2023 03:37:31 GMT content-encoding br cdn-edgestorageid 980 perma-cache HIT cdn-storageserver SG-515 cdn-cachedat 03/31/2023 07:50:43 cdn-pullzone 575124 last-modified Fri, 31 Mar 2023 07:50:04 GMT server BunnyCDN-SG1-955 cdn-fileserver 561 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"642690ac-ca37" vary Accept-Encoding, Accept-Encoding content-type text/javascript cdn-cache HIT cdn-uid 595f2f5d-bafe-46b1-9efc-ee9b65944aba cache-control public, max-age=31919000 cdn-requestid 6ee8741a69cf47b1fc714305a0e31129 cdn-requestcountrycode SG cdn-status 200 cdn-requestpullsuccess True
POST H2	200	event Show response a.ladipage.com/	106 B 632 B	11ms 10ms	XHR text/plain	52.74.99.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a.ladipage.com/event Requested by Host: w.ladicdn.com URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1680248793291 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.74.99.40 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-74-99-40.ap-southeast-1.compute.amazonaws.com Software / Resource Hash 4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers LADI_CLIENT_ID a4114b16-4641-4932-77e3-fa23aaa12fe3 LADI_CAMP_ORIGIN_URL LADI_FORM_SUBMIT 0 LADI_CAMP_ID LADI_CAMP_FORM_SUBMIT 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 LADI_CAMP_NAME Content-Type application/json accept-language zh-SG,zh;q=0.9 LADI_CAMP_TARGET_URL LADI_CAMP_PAGE_VIEW 0 Referer https://contact.kbi.vn/ LADI_PAGE_VIEW 1 LADI_CAMP_TYPE Response headers date Mon, 03 Apr 2023 03:37:31 GMT x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN access-control-allow-methods POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-max-age 2592000 access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily x-xss-protection 0
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 fonts.gstatic.com/s/opensans/v34/	14 KB 14 KB	8ms 7ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 21:42:07 GMT x-content-type-options nosniff age 21324 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14040 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:14:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 01 Apr 2024 21:42:07 GMT
GET H2	200	TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2 fonts.gstatic.com/s/oswald/v49/	4 KB 5 KB	6ms 5ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sun, 02 Apr 2023 13:02:12 GMT x-content-type-options nosniff age 52519 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4552 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:46:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 01 Apr 2024 13:02:12 GMT
GET H2	200	KFOmCnqEu92Fr1Mu7WxKOzY.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	4ms 4ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 09:13:26 GMT x-content-type-options nosniff age 325445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5560 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:41 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Mar 2024 09:13:26 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 fonts.gstatic.com/s/roboto/v30/	5 KB 6 KB	6ms 5ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:bold,regular|Open%20Sans:bold,regular|Oswald:bold,regular&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://contact.kbi.vn accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Tue, 28 Mar 2023 10:44:29 GMT x-content-type-options nosniff age 492782 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5548 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Mar 2024 10:44:29 GMT

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| ladi_viewport boolean| ladi_is_desktop function| ladi_fbq function| lazyload_run function| LadiPageScriptV2 object| Base64 function| equalsLadiPage function| isObjectLadiPage function| isArrayLadiPage function| isFunctionLadiPage function| isBooleanLadiPage function| isStringLadiPage function| isEmptyLadiPage function| isNullLadiPage function| parseFloatLadiPage function| decodeURIComponentLadiPage object| LadiPageScript object| LadiFormApi object| LadiPageCommand object| LadiPageLocation object| LadiPageShopping object| LadiPageFormData object| LadiPageQueueCommandList object| LadiPageQueueCommand function| lightbox_run function| lightbox_iframe function| lightbox_image function| lightbox_video function| LadiPageLibraryV2 function| LadiPageAppV2 function| ladi object| LadiPageApp

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			contact.kbi.vn/	1970-01-20 20:24:13	Name: LADI_DNS_CHECK Value: "2023-04-03 03:37:31.129182645 +0000 UTC m=+2329082.627838923"
			contact.kbi.vn/	1970-01-20 20:24:13	Name: LADI_CLIENT_ID Value: a4114b16-4641-4932-77e3-fa23aaa12fe3
			contact.kbi.vn/	1970-01-20 20:24:13	Name: LADI_FORM_SUBMIT Value: 0
			contact.kbi.vn/	1970-01-20 20:24:13	Name: LADI_PAGE_VIEW Value: 1
			contact.kbi.vn/	1970-01-20 10:49:39	Name: _timenow Value: 1680493051199

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
contact.kbi.vn
fonts.googleapis.com
fonts.gstatic.com
w.ladicdn.com
18.140.6.45
2400:52e0:1500::955:1
2404:6800:4003:c00::5e
2404:6800:4003:c05::5f
52.74.99.40
1f4ac1b03d93203cd2975f508065d93100d89e7c5394c7edb81b945dbd3fa72c
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5e511f2bdef2303b6c17dce82f00f45e446554ea5f96a4f32897a717b98400d7
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
84197a92671b7b7c8715220cea35354699c6221113c0ff531ff087ab8a8aa9e6
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2
a09dcfd89dd73417262bf648fb85e6c1485bc40a3704a3ad1e5588793a5160e2
b7d7395bc54e7ed64bfc0df20ccfb00afc196f6f5c08bcd05082290938e392bd
b9f74131306f59a5d684a03111c8b9053db65ec040d4a126c421b54243a0f562
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
e10b94ce84d5d84ed731a7112acffca5d87ddcd60ed31c8e7253bb4a8acba864
f3f99ee9e22dd0a7181f70fbe81f87ed2f4d0fea1590a97894a9d7e5825f86ce
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725