urlscan.io logo urlscan.io
SecurityTrails logo

hotesaison.ca Open in urlscan Pro
172.67.167.243  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hotesaison.com/
Effective URL: https://hotesaison.ca/
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 5 domains to perform 33 HTTP transactions. The main IP is 172.67.167.243, located in United States and belongs to CLOUDFLARENET, US. The main domain is hotesaison.ca.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.
This is the only time hotesaison.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
6 172.67.167.243 13335 (CLOUDFLAR...)
14 2404:2280:1cc... 24429 (TAOBAO Zh...)
2 163.181.92.230 24429 (TAOBAO Zh...)
9 104.18.3.36 13335 (CLOUDFLAR...)
33 5
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
hotesaison.com
6    172.67.167.243 (United States)

ASN13335 (CLOUDFLARENET, US)
hotesaison.ca
14    2404:2280:1cc:0:3::a (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
bs-guest-static.myhostex.com
2    163.181.92.230 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
oss.image.xiaogetech.com
9    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
Apex Domain
Subdomains		 Transfer
14 myhostex.com
bs-guest-static.myhostex.com
609 KB
9 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 15296
502 KB
6 hotesaison.ca
hotesaison.ca
132 KB
2 xiaogetech.com
oss.image.xiaogetech.com
1 MB
1 hotesaison.com
hotesaison.com
471 B
33 5
Domain Requested by
14 bs-guest-static.myhostex.com hotesaison.ca
bs-guest-static.myhostex.com
9 imagedelivery.net
6 hotesaison.ca bs-guest-static.myhostex.com
2 oss.image.xiaogetech.com
1 hotesaison.com 1 redirects
33 5

This site contains links to these domains. Also see Links.

Domain
www.hotesaison.com
Subject Issuer Validity Valid
hotesaison.ca
WE1		 2024-10-25 -
2025-01-23		 3 months crt.sh
*.myhostex.com
WoTrus DV Server CA [Run by the Issuer]		 2024-11-08 -
2025-11-08		 a year crt.sh
oss.image.xiaogetech.com
Encryption Everywhere DV TLS CA - G2		 2024-09-18 -
2025-09-18		 a year crt.sh
imagedelivery.net
E5		 2024-11-14 -
2025-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://hotesaison.ca/
Frame ID: DE39862A55FD710ED3F1E54B66963345
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hôte Saison | Vacation Rentals

Page URL History Show full URLs

  1. https://hotesaison.com/ HTTP 301
    https://hotesaison.ca/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

33
Requests

94 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

5
Countries

2709 kB
Transfer

4222 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hotesaison.com/ HTTP 301
    https://hotesaison.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hotesaison.ca/
Redirect Chain
  • https://hotesaison.com/
  • https://hotesaison.ca/
214 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hotesaison.ca/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f41a1845b7ea0fc52a343fffb4c8e9aa5df93264f844129715228fceee9bf8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e4b7ace8c8966db-AMS
content-encoding
zstd
content-type
text/html
date
Mon, 18 Nov 2024 22:43:31 GMT
last-modified
Fri, 08 Nov 2024 10:06:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCmtFtozkTnOuhgejRxSo4qO0TeOCeLwf0RoTOTdS7XhyY2BwEFVmpXfXEK77jVT1%2BbHkbIWuyoZ3MpjA6gMOoUn7hPKFpcPnoJmsP5CzcXB6JltEXEaN%2FgReWl5APrA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15500&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4138&recv_bytes=4486&delivery_rate=703&cwnd=12000&unsent_bytes=0&cid=9a4dd4b78144b22e&ts=1957&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding Accept-Encoding

Redirect headers

cache-control
max-age=3600
cf-ray
8e4b7ace1b8866e8-AMS
content-length
167
content-type
text/html
date
Mon, 18 Nov 2024 22:43:29 GMT
expires
Mon, 18 Nov 2024 23:43:29 GMT
location
https://hotesaison.ca
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwMENQ%2FXsNPpMX%2BR8fUsGtSn9JHHbI65Qcrkts3NU9K04Ycv%2Bu20C5KU6N2eDO%2BMlIeO3UHvGW4C5JRgz9Oqf%2BDdIts3%2BzAOYZbiR8Mg5Xjy2IRAML6ydxvfM8Y4JCfsjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bde02ca.js
bs-guest-static.myhostex.com/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/bde02ca.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2dec9ccbb204b289ba66c79341c63da2682bae8f61541f62a64d1fb5e1f9c202

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
5Z9n8plO3Y9Kd247xvSg5A==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
909323
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:130476550
Date
Fri, 08 Nov 2024 10:08:09 GMT
x-oss-server-time
24
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Fri, 08 Nov 2024 10:06:36 GMT
X-Swift-CacheTime
2300044
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
2580463498767461471
Connection
keep-alive
Via
ens-cache7.l2de3[0,0,200-0,H], ens-cache16.l2de3[9,0], ens-cache6.de5[0,0,200-0,H], ens-cache10.de5[14,0]
Ali-Swift-Global-Savetime
1731060489
X-Swift-SaveTime
Mon, 11 Nov 2024 19:14:05 GMT
Access-Control-Allow-Origin
*
EagleId
a3b55c9e17319698127116243e
Content-Length
1450
x-oss-request-id
672DE3095A7A54343446E4BE
Server
Tengine
a9c0f28.js
bs-guest-static.myhostex.com/_nuxt/ 		232 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/a9c0f28.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4e95051069a4c13f35e12f796d6216b5deeaa431a77b932160bdf4355661c808

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
9Zejxat9MXqU9ylLY7qOrw==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
353560
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:76818970
Date
Thu, 14 Nov 2024 20:30:51 GMT
x-oss-server-time
91
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 07:23:04 GMT
X-Swift-CacheTime
2581604
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
14154907325215103458
Connection
keep-alive
Via
ens-cache6.l2de3[0,0,304-0,H], ens-cache8.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache11.de5[4,0]
Ali-Swift-Global-Savetime
1731616252
X-Swift-SaveTime
Thu, 14 Nov 2024 23:24:08 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9f17319698127108439e
Content-Length
82305
x-oss-request-id
67365DFB6D1B293435B13275
Server
Tengine
11911a2.js
bs-guest-static.myhostex.com/_nuxt/ 		895 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/11911a2.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
44c4e92433a33b2f8cda1ced2461e89fd459edef732a173818b6459f007e491e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
j+rknlyYRxk9I20Yaxholw==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
1236267
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:7:640249105
Date
Mon, 04 Nov 2024 15:19:05 GMT
x-oss-server-time
111
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 07:23:05 GMT
X-Swift-CacheTime
2041689
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
2204161826871979599
Connection
keep-alive
Via
ens-cache8.l2de3[0,0,200-0,H], ens-cache11.l2de3[2,0], ens-cache11.de5[0,21,200-0,H], ens-cache3.de5[28,0]
Ali-Swift-Global-Savetime
1730733545
X-Swift-SaveTime
Mon, 11 Nov 2024 00:10:56 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9717319698127145974e
Content-Length
253816
x-oss-request-id
6728E5E946706D3739922115
Server
Tengine
306b4f7.js
bs-guest-static.myhostex.com/_nuxt/ 		307 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/306b4f7.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7771c04bbf73da0150b5629a671bfe329dac1010dda80ee5b871d22b4d47d06f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
/s6qsWPgrC2WeWkIkw2t1Q==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
1764843
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:50600176
Date
Tue, 29 Oct 2024 12:29:29 GMT
x-oss-server-time
60
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Tue, 29 Oct 2024 12:06:58 GMT
X-Swift-CacheTime
1641841
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
6780240060434993902
Connection
keep-alive
Via
ens-cache10.l2de3[0,0,200-0,H], ens-cache17.l2de3[2,0], ens-cache3.de5[0,0,200-0,H], ens-cache7.de5[3,0]
Ali-Swift-Global-Savetime
1730204969
X-Swift-SaveTime
Sat, 09 Nov 2024 12:25:28 GMT
Access-Control-Allow-Origin
*
EagleId
a3b55c9b17319698127415562e
Content-Length
72007
x-oss-request-id
6720D5298247A232361552BD
Server
Tengine
4de3d88.js
bs-guest-static.myhostex.com/_nuxt/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/4de3d88.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2b0279f7b52ae19d74dfab02994b96df76c4c89bd354b131fd1f5b00dcb36dc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
aU2UAUvWFmJR2pO84uegsA==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
2183634
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:517877163
Date
Thu, 24 Oct 2024 16:09:38 GMT
x-oss-server-time
38
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 11:10:46 GMT
X-Swift-CacheTime
1028683
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
14729852719447955852
Connection
keep-alive
Via
ens-cache18.l2de3[0,0,200-0,H], ens-cache5.l2de3[2,0], ens-cache12.de5[0,0,200-0,H], ens-cache13.de5[2,0]
Ali-Swift-Global-Savetime
1729786178
X-Swift-SaveTime
Mon, 11 Nov 2024 18:24:55 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55ca117319698127413156e
Content-Length
11971
x-oss-request-id
671A71423807663331E5C479
Server
Tengine
1f352c7.js
bs-guest-static.myhostex.com/_nuxt/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/1f352c7.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7676fbdf1153fbf697e1f7298af8703617bcdf926634b6ab0836befc450fad85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
ebC7pqmQ68XhqzXt4/tSEg==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
2297399
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:233744863
Date
Wed, 23 Oct 2024 08:33:33 GMT
x-oss-server-time
104
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 07:23:04 GMT
X-Swift-CacheTime
928202
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
3728874457645384238
Connection
keep-alive
Via
ens-cache11.l2de3[0,0,200-0,H], ens-cache16.l2de3[0,0], ens-cache11.de5[0,5,200-0,H], ens-cache6.de5[16,0]
Ali-Swift-Global-Savetime
1729672413
X-Swift-SaveTime
Mon, 11 Nov 2024 14:43:31 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9a17319698127405086e
Content-Length
3650
x-oss-request-id
6718B4DC92BB033036300A99
Server
Tengine
2eb772b.js
bs-guest-static.myhostex.com/_nuxt/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/2eb772b.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2ef7183284bfe8337695594808ab39dc5a665d92995c2e220e50e8f74ecbac78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
WqnoGoO/WKk35LWri/Jz5A==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
673218
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:126810153
Date
Mon, 11 Nov 2024 03:43:14 GMT
x-oss-server-time
116
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 07:23:04 GMT
X-Swift-CacheTime
2519912
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
5295984447263852219
Connection
keep-alive
Via
ens-cache5.l2de3[0,0,200-0,H], ens-cache6.l2de3[2,0], ens-cache6.de5[0,0,200-0,H], ens-cache10.de5[6,0]
Ali-Swift-Global-Savetime
1731296594
X-Swift-SaveTime
Mon, 11 Nov 2024 23:44:42 GMT
Access-Control-Allow-Origin
*
EagleId
a3b55c9e17319698127526464e
Content-Length
6010
x-oss-request-id
67317D520A4085323691AD02
Server
Tengine
state.js
bs-guest-static.myhostex.com/_nuxt/static/1731059377/ 		643 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/static/1731059377/state.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
12a8a1de85061f9f1ffb382a04eb2216b19aaff1339ba58c9ffd7a785599992e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
x-oss-storage-class
Standard
Age
909018
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:185436172
Date
Fri, 08 Nov 2024 10:13:14 GMT
x-oss-server-time
40
Content-Type
application/javascript
Last-Modified
Fri, 08 Nov 2024 10:13:14 GMT
X-Swift-CacheTime
2070189
Timing-Allow-Origin
*
Connection
keep-alive
Via
ens-cache26.l2us3[0,0,200-0,H], ens-cache12.l2us3[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache13.de5[5,0]
Ali-Swift-Global-Savetime
1731060794
X-Swift-SaveTime
Thu, 14 Nov 2024 11:10:05 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55ca117319698127113022e
Content-Length
643
x-oss-request-id
672DE43A32B1A63535DB8B6D
Server
Tengine
payload.js
bs-guest-static.myhostex.com/_nuxt/static/1731059377/ 		58 B
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/static/1731059377/payload.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
764ff533d446116ca7dfc14cf2c5dd391ad7f62a03534bf6c14582b16d5e8d82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
4ZDLhqlUG7kZvv5CvK2kBg==
x-oss-storage-class
Standard
ETag
"E190CB86A9541BB919BEFE42BCADA406"
Age
907729
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:198555714
Date
Fri, 08 Nov 2024 10:34:43 GMT
x-oss-server-time
73
Content-Type
application/javascript
Last-Modified
Fri, 08 Nov 2024 10:13:15 GMT
X-Swift-CacheTime
2394380
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
4338098402170267511
Connection
keep-alive
Via
ens-cache8.l2de3[0,0,200-0,H], ens-cache2.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache6.de5[6,0]
Ali-Swift-Global-Savetime
1731062083
X-Swift-SaveTime
Sun, 10 Nov 2024 17:28:23 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9a17319698127094902e
Content-Length
58
x-oss-request-id
672DE94381BEF33330986498
Server
Tengine
manifest.js
bs-guest-static.myhostex.com/_nuxt/static/1731059377/ 		428 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/static/1731059377/manifest.js
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a8a54b1f20dd55dfa95433b372a1ffcd6a6840d30a3791cdaaf05f6447a8c6cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
LO3sI805GjH0q5ZDYvxUFQ==
x-oss-storage-class
Standard
ETag
"2CEDEC23CD391A31F4AB964362FC5415"
Age
909323
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:853919877
Date
Fri, 08 Nov 2024 10:08:09 GMT
x-oss-server-time
18
Content-Type
application/javascript
Last-Modified
Fri, 08 Nov 2024 10:06:37 GMT
X-Swift-CacheTime
2590240
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
13846264081045895670
Connection
keep-alive
Via
ens-cache5.l2de3[0,0,200-0,H], ens-cache11.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache7.de5[5,0]
Ali-Swift-Global-Savetime
1731060489
X-Swift-SaveTime
Fri, 08 Nov 2024 10:37:29 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9b17319698127125403e
Content-Length
428
x-oss-request-id
672DE309C078153431632061
Server
Tengine
d77eb4c.js
bs-guest-static.myhostex.com/_nuxt/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/d77eb4c.js
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/bde02ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
f2443206c1b038832215a1f1c7a37304ffd6b0d8747c3bf70b6b5f9e44d6bc44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
DVu8Y1XPsFqq0cuL5x9AfA==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
2520350
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:826347954
Date
Sun, 20 Oct 2024 18:37:42 GMT
x-oss-server-time
52
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 07:23:05 GMT
X-Swift-CacheTime
949718
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
13480370815404920835
Connection
keep-alive
Via
ens-cache2.l2de3[0,0,200-0,H], ens-cache15.l2de3[3,0], ens-cache3.de5[0,0,200-0,H], ens-cache3.de5[2,0]
Ali-Swift-Global-Savetime
1729449462
X-Swift-SaveTime
Fri, 08 Nov 2024 18:49:04 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9717319698129227199e
Content-Length
6475
x-oss-request-id
67154DF64D84EE39356CA1E8
Server
Tengine
cd31f33.js
bs-guest-static.myhostex.com/_nuxt/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/cd31f33.js
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/bde02ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
af7d3ec0214b752f6da83de73542cdd3d47a3316fa5114f2080b31666c3e8875

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
uBxhA9a/bU9REe923eWAzg==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
2456441
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:644486707
Date
Mon, 21 Oct 2024 12:22:51 GMT
x-oss-server-time
75
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Mon, 21 Oct 2024 03:21:21 GMT
X-Swift-CacheTime
805344
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
14215462729137754021
Connection
keep-alive
Via
ens-cache12.l2de3[0,0,200-0,H], ens-cache8.l2de3[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache7.de5[1,0]
Ali-Swift-Global-Savetime
1729513371
X-Swift-SaveTime
Mon, 11 Nov 2024 04:40:27 GMT
Access-Control-Allow-Origin
*
EagleId
a3b55c9b17319698129226642e
Content-Length
11340
x-oss-request-id
6716479B32B1A63639F703C8
Server
Tengine
6ac80e5.js
bs-guest-static.myhostex.com/_nuxt/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/6ac80e5.js
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/bde02ca.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2d7921eb0743585a0491973439229e87d303a40e94f29e0158c7aac5f61e16c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
LifUepi42+rHQzy8Jw9X3g==
x-oss-storage-class
Standard
Content-Encoding
gzip
Age
685950
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:11:690255542
Date
Mon, 11 Nov 2024 00:11:02 GMT
x-oss-server-time
124
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 25 Jul 2024 07:23:05 GMT
X-Swift-CacheTime
2539078
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
13322950039345460653
Connection
keep-alive
Via
ens-cache7.l2de3[0,0,200-0,H], ens-cache5.l2de3[53,0], ens-cache6.de5[0,0,200-0,H], ens-cache10.de5[8,0]
Ali-Swift-Global-Savetime
1731283862
X-Swift-SaveTime
Mon, 11 Nov 2024 14:53:04 GMT
Access-Control-Allow-Origin
*
EagleId
a3b55c9e17319698129217466e
Content-Length
3010
x-oss-request-id
67314B96EEF2D03837505702
Server
Tengine
country_codes
hotesaison.ca/api/guest/account/ 		0
0
init
hotesaison.ca/api/guest/page/ 		486 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hotesaison.ca/api/guest/page/init
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/a9c0f28.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4fa5ab0989ba1d19d3671783157fe11c97df614e4080c4703e4e508925f2df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://hotesaison.ca/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
bs-host-timezone
America/Toronto
bs-host-dateformat
M d Y
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmAMvg4v6OFaQkwpntpqAer%2B70oCXIPnIW4ouFGLM7iFA3JfgucrxtalPjIH0YbomHwQbC2cilAUubTBEUUFc%2Bd72snBt7DTkzdxRWF2FrDgC3WMJFMd06CS64zPtvTb"}],"group":"cf-nel","max_age":604800}
expires
-1
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15159&sent=70&recv=44&lost=0&retrans=0&sent_bytes=65923&recv_bytes=7849&delivery_rate=1882063&cwnd=27600&unsent_bytes=0&cid=9a4dd4b78144b22e&ts=3840&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 22:43:33 GMT
content-type
application/json
vary
Accept-Encoding, Accept-Encoding
bs-host-now
2024-11-18T17:43:33-05:00
priority
u=1,i
bs-host-timeformat
24
cache-control
private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
bs-host-id
100331
pragma
no-cache
bs-client-ip
31.204.152.218
bs-host-language
en
x-ratelimit-remaining
599
cf-ray
8e4b7ae33c3f66db-AMS
access-control-allow-origin
*
x-ratelimit-limit
600
server
cloudflare
place_list
hotesaison.ca/api/guest/listing/ 		498 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hotesaison.ca/api/guest/listing/place_list
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/a9c0f28.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f89c9b03a40f08edb7192d33d55ffda71fda08e6f58da8ff377ea816d54354d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://hotesaison.ca/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
bs-host-timezone
America/Toronto
bs-host-dateformat
M d Y
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4Cufg9lTq%2FpW%2BDHUeADnhetjGiecJvyyQuuEy5eGNcOJcNOmMkxoroK6Wk82BWR0%2FdNUPzfqm7U%2B9bK52bUyH5bqUAjAeVJUfD%2FEY493Fbf7A7kNmXWnJPt1itpD%2Bey"}],"group":"cf-nel","max_age":604800}
expires
-1
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15486&sent=72&recv=45&lost=0&retrans=0&sent_bytes=67215&recv_bytes=7893&delivery_rate=2473&cwnd=27600&unsent_bytes=0&cid=9a4dd4b78144b22e&ts=4261&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 22:43:33 GMT
content-type
application/json
vary
Accept-Encoding, Accept-Encoding
bs-host-now
2024-11-18T17:43:33-05:00
priority
u=1,i
bs-host-timeformat
24
cache-control
private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
bs-host-id
100331
pragma
no-cache
bs-client-ip
31.204.152.218
bs-host-language
en
x-ratelimit-remaining
597
cf-ray
8e4b7ae33c4266db-AMS
access-control-allow-origin
*
x-ratelimit-limit
600
server
cloudflare
country_codes
hotesaison.ca/api/guest/account/ 		0
0
home
hotesaison.ca/api/guest/page/ 		79 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hotesaison.ca/api/guest/page/home
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/a9c0f28.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfa3e104c58533eebb902cf14edc6435d87f7e7efda55fa659c12dda97853c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://hotesaison.ca/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
bs-host-timezone
America/Toronto
bs-host-dateformat
M d Y
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Xv7LavdGCgADYyaVv5JIZ26KI149i4l1ZXiFQ38h1u6eGgra37aAgKncmEUge6f0Q4gOG4wQ4EepMN3SWThXYfhc8JDemUg6HoMoZH5fPDfmarT7yigE7frxE2TH13w"}],"group":"cf-nel","max_age":604800}
expires
-1
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16580&sent=76&recv=47&lost=0&retrans=1&sent_bytes=70595&recv_bytes=7981&delivery_rate=30463&cwnd=27600&unsent_bytes=0&cid=9a4dd4b78144b22e&ts=4603&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 22:43:34 GMT
content-type
application/json
vary
Accept-Encoding, Accept-Encoding
bs-host-now
2024-11-18T17:43:33-05:00
priority
u=1,i
bs-host-timeformat
24
cache-control
private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
bs-host-id
100331
pragma
no-cache
bs-client-ip
31.204.152.218
bs-host-language
en
x-ratelimit-remaining
597
cf-ray
8e4b7ae33c4366db-AMS
access-control-allow-origin
*
x-ratelimit-limit
600
server
cloudflare
log
hotesaison.ca/api/guest/ 		71 B
1019 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hotesaison.ca/api/guest/log
Requested by
Host: bs-guest-static.myhostex.com
URL: https://bs-guest-static.myhostex.com/_nuxt/a9c0f28.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef0534c11e04d459a4179c612f7bf07c637f8bc7035073eb12661b76d85ab36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://hotesaison.ca/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
bs-host-timezone
America/Toronto
bs-host-dateformat
M d Y
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uf41UWwHaBavDcuuH2u2HQ0JnKXcTwoO4boFYQk0dAOuxYCATjM3dBrpR1i6uGktyYU1zIQrV8wKCyk%2BNsslCMtJ3SxctJuP9fKX3tx4YB%2Ffrlsp1wx%2FF%2BUsYaeKNwD7"}],"group":"cf-nel","max_age":604800}
expires
-1
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15383&sent=74&recv=46&lost=0&retrans=0&sent_bytes=68503&recv_bytes=7937&delivery_rate=87798&cwnd=27600&unsent_bytes=0&cid=9a4dd4b78144b22e&ts=4492&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 22:43:34 GMT
content-type
application/json
vary
Accept-Encoding, Accept-Encoding
bs-host-now
2024-11-18T17:43:33-05:00
priority
u=1,i
bs-host-timeformat
24
cache-control
private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
bs-host-id
100331
pragma
no-cache
bs-client-ip
31.204.152.218
bs-host-language
en
x-ratelimit-remaining
596
cf-ray
8e4b7ae33c4566db-AMS
access-control-allow-origin
*
x-ratelimit-limit
600
server
cloudflare
Poppins-Regular.35d26b7.ttf
bs-guest-static.myhostex.com/_nuxt/fonts/ 		155 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bs-guest-static.myhostex.com/_nuxt/fonts/Poppins-Regular.35d26b7.ttf
Requested by
Host: hotesaison.ca
URL: https://hotesaison.ca/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:3::a , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://hotesaison.ca
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
Content-MD5
CT7om+nt4wOD85qJnEhagg==
x-oss-storage-class
Standard
ETag
"093EE89BE9EDE30383F39A899C485A82"
Age
1168472
x-oss-object-type
Normal
X-Cache
HIT TCP_HIT dirn:12:734953482
Date
Tue, 05 Nov 2024 10:09:01 GMT
x-oss-server-time
70
Content-Type
application/octet-stream
Last-Modified
Fri, 28 Jun 2024 09:28:59 GMT
X-Swift-CacheTime
2368521
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
8757559298534313556
Connection
keep-alive
Via
ens-cache17.l2de3[0,0,200-0,H], ens-cache4.l2de3[1,0], ens-cache13.de5[0,0,200-0,H], ens-cache10.de5[3,0]
Ali-Swift-Global-Savetime
1730801341
X-Swift-SaveTime
Fri, 08 Nov 2024 00:13:40 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
EagleId
a3b55c9e17319698130588346e
Content-Length
158240
x-oss-request-id
6729EEBCCF36CB35377241FE
Server
Tengine
undefined
hotesaison.ca/ 		214 KB
59 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hotesaison.ca/undefined?d=1731059377070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f41a1845b7ea0fc52a343fffb4c8e9aa5df93264f844129715228fceee9bf8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wG5w4e1yQb48Gr5ncBIAQQHPpMz6MRsCplgOI%2B6CCqg3LA472ygVpBzE9SApfphl3gVExmuJBWRctGrY7vbPA09bV2BvOLTdeZGBagYID%2BIVJaOHSeDmILMXUIS%2FwbEp"}],"group":"cf-nel","max_age":604800}
cf-ray
8e4b7ae5ee1866db-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18596&sent=86&recv=53&lost=0&retrans=2&sent_bytes=81987&recv_bytes=8247&delivery_rate=22828&cwnd=27600&unsent_bytes=0&cid=9a4dd4b78144b22e&ts=5445&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
text/html
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Fri, 08 Nov 2024 10:06:17 GMT
priority
u=1,i
AJH1727019237033.png
oss.image.xiaogetech.com/ 		732 KB
733 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oss.image.xiaogetech.com/AJH1727019237033.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.230 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1539fd814ffacfda9e0b99d404b59011d8f984542822ae50b7e37a26293e04df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
content-md5
pgmx0PKreR1cZ6iXSa3dLQ==
x-oss-storage-class
Standard
etag
"A609B1D0F2AB791D5C67A89749ADDD2D"
age
0
x-oss-object-type
Normal
x-cache
MISS TCP_MISS dirn:-2:-2
date
Mon, 18 Nov 2024 22:43:35 GMT
x-oss-server-time
38
content-type
image/png
last-modified
Sun, 22 Sep 2024 15:33:57 GMT
x-swift-cachetime
3600
timing-allow-origin
*
x-oss-hash-crc64ecma
553761043428531459
via
ens-cache13.l2us3[325,327,200-0,H], ens-cache34.l2us3[329,0], ens-cache6.de5[663,665,200-0,M], ens-cache11.de5[687,0]
ali-swift-global-savetime
1731969815
x-swift-savetime
Mon, 18 Nov 2024 22:43:36 GMT
accept-ranges
bytes
eagleid
a3b55c9f17319698153881471e
content-length
749305
x-oss-request-id
673BC31735C1EE3237806235
server
Tengine
AJH1727019237033.png
oss.image.xiaogetech.com/ 		732 KB
734 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://oss.image.xiaogetech.com/AJH1727019237033.png?d=1731969813521
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.230 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
1539fd814ffacfda9e0b99d404b59011d8f984542822ae50b7e37a26293e04df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

x-oss-cdn-auth
success
content-md5
pgmx0PKreR1cZ6iXSa3dLQ==
x-oss-storage-class
Standard
etag
"A609B1D0F2AB791D5C67A89749ADDD2D"
x-oss-object-type
Normal
x-cache
MISS TCP_MISS dirn:-2:-2
date
Mon, 18 Nov 2024 22:43:36 GMT
x-oss-server-time
37
content-type
image/png
last-modified
Sun, 22 Sep 2024 15:33:57 GMT
x-swift-cachetime
3600
timing-allow-origin
*
x-oss-hash-crc64ecma
553761043428531459
via
ens-cache21.l2us3[643,642,200-0,M], ens-cache16.l2us3[645,0], ens-cache10.de5[911,911,200-0,M], ens-cache11.de5[921,0]
ali-swift-global-savetime
1731969816
x-swift-savetime
Mon, 18 Nov 2024 22:43:36 GMT
accept-ranges
bytes
eagleid
a3b55c9f17319698154141633e
content-length
749305
x-oss-request-id
673BC31874516139349F9DB7
server
Tengine
public
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/fd86ba97-22a4-47de-9644-60a90f59ac00/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/fd86ba97-22a4-47de-9644-60a90f59ac00/public
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d683842b1d04a4fa649b799a784d9990a9fcb71c9929a385d14f261b5084e7f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cf5gydc3tUF8ZoKunMzwtzcrPMfb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=1,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=757+151 c=0+0 v=2024.10.6 l=165889 f=false
cf-ray
8e4b7aecbf840b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
165889
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@409d253e-761d-f099-85e4-29b33480371a/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@409d253e-761d-f099-85e4-29b33480371a/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6842e157742cc4b01d06f040f29fd4382f413c290b928392ea6e122b8c25f4cf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cfZwXVt4HWxO0UMd_DJ8B6uPm7ap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=1181+194 c=0+0 v=2024.10.6 l=46680 f=false
cf-ray
8e4b7aecbf7e0b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
46680
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@1b77db7a-98dd-6754-d238-adcc16ef6ea4/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@1b77db7a-98dd-6754-d238-adcc16ef6ea4/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76840c1e1b8bb167c266ec3f1b977ff070e662a9ea0da993255c3ce34f7f3ca9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cfr6G5KblZYUWzWFQoOnkcswZlap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=638+193 c=0+0 v=2024.10.6 l=44196 f=false
cf-ray
8e4b7aecbf860b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
44196
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@9cb3bde5-ef2b-8541-a6a5-49ee2972feb0/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@9cb3bde5-ef2b-8541-a6a5-49ee2972feb0/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c606fa70448f63d9bfcf337442a939d5192b2a59544c1a4a5f9b52822fa0fb3c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cf5sgPYPkvrjFcI-tL8vD4Ln7Cap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=682+113 c=0+0 v=2024.10.6 l=30492 f=false
cf-ray
8e4b7aecbf8a0b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
30492
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@0bacef44-3195-664d-79cc-e53f7d556fe3/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@0bacef44-3195-664d-79cc-e53f7d556fe3/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ecc7518a648185410b1e538f4dce63b9721a6ba91e5c31060075ccef6e467b8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cfhOOqIAm4nUpw_FLuPy6wlhiGap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=709+164 c=0+0 v=2024.10.6 l=53819 f=false
cf-ray
8e4b7aecbf870b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
53819
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@342d831f-e380-1ce9-f415-a41ce6fa473d/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@342d831f-e380-1ce9-f415-a41ce6fa473d/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e80e3107eb7eb430fb0fcc423bc87d7ea8600acbbaa8fd9b99fb60e1db9e70c5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cfpjmqoXK60wqWc6PDR0UWU2CNap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=806+156 c=0+0 v=2024.10.6 l=42833 f=false
cf-ray
8e4b7aecbf850b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
42833
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@6eb7328c-11e2-f864-ade2-060ed12d129e/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@6eb7328c-11e2-f864-ade2-060ed12d129e/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59d67d952653d7fd54e11512c02ec3da2d9e6a969ea8d2ec628b477a1b711929
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cfcCkHvSbt02KR83FuH9yllyDuap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:36 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=1108+134 c=0+0 v=2024.10.6 l=27113 f=false
cf-ray
8e4b7af25d2b0b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
27113
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@09807954-cf2a-00bb-7991-98b03e58fad9/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@09807954-cf2a-00bb-7991-98b03e58fad9/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0e7bf07e42c25a4f5d67d96602b7bcf6d4366293aae326b546339b91962bfa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
MISS
etag
"cfzJANoF7INTM0bKmMy9CFCMNrap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:36 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=1146+162 c=0+0 v=2024.10.6 l=28054 f=false
cf-ray
8e4b7af25d2f0b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
28054
server
cloudflare
w480
imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@3f0fd1e3-8065-5263-b120-0abc7aace89e/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/Erxl2GS_CcQSVQujmLkDkQ/system@3f0fd1e3-8065-5263-b120-0abc7aace89e/w480
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754379350b8d0a014701880dba6fdd7dd945395c3ef8da92a25109b306062ae7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://hotesaison.ca/

Response headers

cf-cache-status
HIT
etag
"cfQK7U3AfJKezyyrfYd7b3tyGPap6QktiWGJZ05CRKDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 18 Nov 2024 22:43:35 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
priority
u=3,i
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=38+172 c=0+0 v=2024.10.6 l=71223 f=false
cf-ray
8e4b7af25d320b5c-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
71223
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hotesaison.ca
URL
https://hotesaison.ca/api/guest/account/country_codes
Domain
hotesaison.ca
URL
https://hotesaison.ca/api/guest/account/country_codes

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __NUXT__ object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| Hammer object| __SVG_SPRITE__ function| _ object| lib number| rem number| dpr function| __NUXT_JSONP__ object| __NUXT_JSONP_CACHE__ function| __NUXT_IMPORT__ object| $nuxt

2 Cookies

Domain/Path Name / Value
hotesaison.ca/ Name: vuex
Value: {%22vuex_user_info%22:{}}
hotesaison.ca/ Name: hostex_bs_session
Value: NlOOgXPEZhmFFFpCPvzKyPbRP9QNdmr93o0pSz1Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bs-guest-static.myhostex.com
hotesaison.ca
hotesaison.com
imagedelivery.net
oss.image.xiaogetech.com
hotesaison.ca
104.18.3.36
163.181.92.230
172.67.167.243
188.114.97.3
2404:2280:1cc:0:3::a
0a0e7bf07e42c25a4f5d67d96602b7bcf6d4366293aae326b546339b91962bfa
12a8a1de85061f9f1ffb382a04eb2216b19aaff1339ba58c9ffd7a785599992e
1539fd814ffacfda9e0b99d404b59011d8f984542822ae50b7e37a26293e04df
2b0279f7b52ae19d74dfab02994b96df76c4c89bd354b131fd1f5b00dcb36dc4
2d7921eb0743585a0491973439229e87d303a40e94f29e0158c7aac5f61e16c8
2dec9ccbb204b289ba66c79341c63da2682bae8f61541f62a64d1fb5e1f9c202
2ef7183284bfe8337695594808ab39dc5a665d92995c2e220e50e8f74ecbac78
44c4e92433a33b2f8cda1ced2461e89fd459edef732a173818b6459f007e491e
4d683842b1d04a4fa649b799a784d9990a9fcb71c9929a385d14f261b5084e7f
4e95051069a4c13f35e12f796d6216b5deeaa431a77b932160bdf4355661c808
59d67d952653d7fd54e11512c02ec3da2d9e6a969ea8d2ec628b477a1b711929
5ef0534c11e04d459a4179c612f7bf07c637f8bc7035073eb12661b76d85ab36
6842e157742cc4b01d06f040f29fd4382f413c290b928392ea6e122b8c25f4cf
707fdc5c8bab57a90061c6a8ed7b70d5ffb82fc810e994e79f90bace890c255a
754379350b8d0a014701880dba6fdd7dd945395c3ef8da92a25109b306062ae7
764ff533d446116ca7dfc14cf2c5dd391ad7f62a03534bf6c14582b16d5e8d82
7676fbdf1153fbf697e1f7298af8703617bcdf926634b6ab0836befc450fad85
76840c1e1b8bb167c266ec3f1b977ff070e662a9ea0da993255c3ce34f7f3ca9
7771c04bbf73da0150b5629a671bfe329dac1010dda80ee5b871d22b4d47d06f
7ecc7518a648185410b1e538f4dce63b9721a6ba91e5c31060075ccef6e467b8
86f41a1845b7ea0fc52a343fffb4c8e9aa5df93264f844129715228fceee9bf8
a8a54b1f20dd55dfa95433b372a1ffcd6a6840d30a3791cdaaf05f6447a8c6cc
af7d3ec0214b752f6da83de73542cdd3d47a3316fa5114f2080b31666c3e8875
bc4fa5ab0989ba1d19d3671783157fe11c97df614e4080c4703e4e508925f2df
c606fa70448f63d9bfcf337442a939d5192b2a59544c1a4a5f9b52822fa0fb3c
e80e3107eb7eb430fb0fcc423bc87d7ea8600acbbaa8fd9b99fb60e1db9e70c5
f2443206c1b038832215a1f1c7a37304ffd6b0d8747c3bf70b6b5f9e44d6bc44
f89c9b03a40f08edb7192d33d55ffda71fda08e6f58da8ff377ea816d54354d7
fbfa3e104c58533eebb902cf14edc6435d87f7e7efda55fa659c12dda97853c5