urlscan.io logo urlscan.io
SecurityTrails logo

www.chambresdhotescorsedusud.com Open in urlscan Pro
159.89.99.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://chambresdhotescorsedusud.com/
Effective URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Submission: On September 19 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 15 domains to perform 27 HTTP transactions. The main IP is 159.89.99.10, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.chambresdhotescorsedusud.com.
TLS certificate: Issued by R3 on July 22nd 2023. Valid for: 3 months.
This is the only time www.chambresdhotescorsedusud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    159.89.99.10 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
chambresdhotescorsedusud.com
www.chambresdhotescorsedusud.com
1    2606:4700::6812:1aef (United States)

ASN13335 (CLOUDFLARENET, US)
fiore-di-machja.amenitiz.io
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:223f:5800:11:9cf3:c0:21 (United States)

ASN16509 (AMAZON-02, US)
d3kyd4hzk57l6r.cloudfront.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    52.212.172.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-172-169.eu-west-1.compute.amazonaws.com
app-api.vidjet.io
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)
bam.eu01.nr-data.net
Apex Domain
Subdomains		 Transfer
8 chambresdhotescorsedusud.com
chambresdhotescorsedusud.com
www.chambresdhotescorsedusud.com
2 MB
3 vidjet.io
app-api.vidjet.io — Cisco Umbrella Rank: 225824
10 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
28 KB
2 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10328
822 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
311 B
2 cloudfront.net
d3kyd4hzk57l6r.cloudfront.net
11 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
4 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
164 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
8 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 969
28 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2805
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
257 B
1 gstatic.com
fonts.gstatic.com
17 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683
20 KB
1 amenitiz.io
fiore-di-machja.amenitiz.io
463 B
27 15
Domain Requested by
6 www.chambresdhotescorsedusud.com 2 redirects www.chambresdhotescorsedusud.com
3 app-api.vidjet.io www.chambresdhotescorsedusud.com
3 cdnjs.cloudflare.com www.chambresdhotescorsedusud.com
2 bam.eu01.nr-data.net www.chambresdhotescorsedusud.com
2 region1.analytics.google.com www.googletagmanager.com
2 d3kyd4hzk57l6r.cloudfront.net www.chambresdhotescorsedusud.com
2 fonts.googleapis.com www.chambresdhotescorsedusud.com
2 www.googletagmanager.com www.chambresdhotescorsedusud.com
2 cdn.jsdelivr.net
2 chambresdhotescorsedusud.com 2 redirects
1 js-agent.newrelic.com www.chambresdhotescorsedusud.com
1 www.google.co.uk www.chambresdhotescorsedusud.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com www.chambresdhotescorsedusud.com
1 fiore-di-machja.amenitiz.io 1 redirects
27 16

This site contains no links.

Subject Issuer Validity Valid
www.chambresdhotescorsedusud.com
R3		 2023-07-22 -
2023-10-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
app-api.vidjet.io
Amazon RSA 2048 M01		 2023-04-27 -
2024-05-25		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Frame ID: 533734299EA4F2A756E83B9163501B5A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://chambresdhotescorsedusud.com/ HTTP 301
    https://chambresdhotescorsedusud.com/ HTTP 301
    http://www.chambresdhotescorsedusud.com/ HTTP 301
    https://www.chambresdhotescorsedusud.com/ HTTP 302
    https://fiore-di-machja.amenitiz.io/fr/site-en-construction.fr HTTP 301
    https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

27
Requests

100 %
HTTPS

73 %
IPv6

15
Domains

16
Subdomains

14
IPs

4
Countries

2117 kB
Transfer

6150 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chambresdhotescorsedusud.com/ HTTP 301
    https://chambresdhotescorsedusud.com/ HTTP 301
    http://www.chambresdhotescorsedusud.com/ HTTP 301
    https://www.chambresdhotescorsedusud.com/ HTTP 302
    https://fiore-di-machja.amenitiz.io/fr/site-en-construction.fr HTTP 301
    https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request site-en-construction.fr
www.chambresdhotescorsedusud.com/fr/
Redirect Chain
  • http://chambresdhotescorsedusud.com/
  • https://chambresdhotescorsedusud.com/
  • http://www.chambresdhotescorsedusud.com/
  • https://www.chambresdhotescorsedusud.com/
  • https://fiore-di-machja.amenitiz.io/fr/site-en-construction.fr
  • https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
57 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.89.99.10 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2b41ed05c5fc70739be6b12f6b2b68107fb614ad35ee76c22c6642f2e1fbe2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
accept-language
en-GB,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8091461f8fbf3a8c-FRA
Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Sep 2023 10:51:31 GMT
Link
</assets/application-e6168ecca5c336674e3a5aa9f5dd621c760ee14bfacdbd1200e282f0dbbb110b.css>; rel=preload; as=style; nopush,</assets/application-0578a696ca054ae45778a7ade4b1a6c39c1f7e4f2bf15fc00df18b7e1cbc3ddf.js>; rel=preload; as=script; nopush,<https://cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css>; rel=preload; as=style; nopush,<https://cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js>; rel=preload; as=script; nopush
ORG
AMENITIZ
Referrer-Policy
strict-origin-when-cross-origin
Server
cloudflare
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
f362472c-c44b-4e66-b9ab-b2d541dc8183
X-Runtime
0.024803
X-Xss-Protection
0
alt-svc
h3=":443"; ma=86400

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8091461e9c0548bf-LHR
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 10:51:31 GMT
location
https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
org
AMENITIZ
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding, Origin
via
1.1 vegur
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
cf680462-127c-4a4f-b9a2-2ef3dbad1bc2
x-runtime
0.013370
x-xss-protection
0
application-e6168ecca5c336674e3a5aa9f5dd621c760ee14bfacdbd1200e282f0dbbb110b.css
www.chambresdhotescorsedusud.com/assets/ 		1 MB
278 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.chambresdhotescorsedusud.com/assets/application-e6168ecca5c336674e3a5aa9f5dd621c760ee14bfacdbd1200e282f0dbbb110b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.89.99.10 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac77b2a7837bfaae368e8edfeba8dc153147d1a5a9abe03b02bc606f64ad4a89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Tue, 19 Sep 2023 10:51:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
CF-Cache-Status
HIT
Content-Encoding
br
Age
31974
Cf-Polished
origSize=1375603
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Fri, 15 Sep 2023 07:12:29 GMT
Server
cloudflare
ORG
AMENITIZ
Vary
Accept-Encoding, Origin
Content-Type
text/css
Cache-Control
public, max-age=31570951
CF-RAY
80914620ef2a5b68-FRA
Expires
Wed, 18 Sep 2024 20:34:02 GMT
application-0578a696ca054ae45778a7ade4b1a6c39c1f7e4f2bf15fc00df18b7e1cbc3ddf.js
www.chambresdhotescorsedusud.com/assets/ 		3 MB
760 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chambresdhotescorsedusud.com/assets/application-0578a696ca054ae45778a7ade4b1a6c39c1f7e4f2bf15fc00df18b7e1cbc3ddf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.89.99.10 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388f1821c6b671fe2ac0ca40a7f40c8cc182016ffa7dacb17a28a0f22dcb99dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Tue, 19 Sep 2023 10:51:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
CF-Cache-Status
HIT
Content-Encoding
br
Age
223914
Cf-Polished
origSize=5008431
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
Cf-Bgj
minify
Last-Modified
Wed, 23 Aug 2023 12:01:49 GMT
Server
cloudflare
ORG
AMENITIZ
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
Cache-Control
public, max-age=31299426
CF-RAY
809146213dcf3679-FRA
Expires
Sun, 15 Sep 2024 17:08:37 GMT
jquery.bxslider.css
cdn.jsdelivr.net/bxslider/4.2.12/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55ddd1f80cec627f624b79cea24ccd18fb38180c3bff6757ffe56be7c1a6445d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18065804
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA, cache-jnb7027-JNB
server
cloudflare
etag
W/"f5e-9CY+ZfG2D1tXr+G8dDrQnwbBEmY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cao5a10e4ouDh4ZCrp4XhKEs2SgfnYb%2FZK1V4OTzkP9kooKIxiZt90xczFYQ%2FvsdOwUYgyfhQSElHWybrExw5KzxDZKQzsS9sy2wRWfwG9xpI306KSb958qupeSTG2eBGf4Lp5LMt%2FNNKGigLBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
80914620ff3323b4-LHR
jquery.bxslider.min.js
cdn.jsdelivr.net/bxslider/4.2.12/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bxslider/4.2.12/jquery.bxslider.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
66606
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230029-FRA, cache-yyz4580-YYZ
server
cloudflare
etag
W/"5bf7-z6ox3Bc9Kcb0lQd4zMXLOxqRM5Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TawEMlKRKS24e56B5m3Esv1%2FUN9LdVW%2BOzgnWB4FxRIvp8TimIiJM%2B6mTQ6vkzMHaZjv%2Bd0CBTY9zqP7zpuTW5BoMKYyeGsCJHqromvykJ3uovvLm85D8GrlIKR0SjmI4wE3V52JpDfz1wVfs44%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
809146210f3623b4-LHR
gtm.js
www.googletagmanager.com/ 		224 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBHMMX4&l=dataLayerTagManager
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
356524897658c961ee2585be637224ac561293510b355b7f12a93817322312f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79159
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Sep 2023 10:51:31 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1073
age
11544372
cdn-cachedat
12/25/2022 15:18:49
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a861247b0714121d267aeedd0fbf7d9c
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
80914621589f3699-LHR
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		35 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Domine|Lato|Nunito|Playfair+Display|Abhaya+Libre|Alegreya|Alegreya+Sans+SC|Arsenal|Cinzel|Cookie|Dancing+Script|Grand+Hotel|Great+Vibes|Halant|Inconsolata|Didact+Gothic|Lobster|Lobster+Two|Marvel|Niconne|Old+Standard+TT|Overlock+SC|Pacifico|Playfair+Display+SC|Sacramento|Tangerine|Orbitron|Rubik|Raleway
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
decd338b3ce72e0c3b0e1e4a9743b79f1dfdec42c454a8d35163aa674bc2696c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 10:51:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Sep 2023 10:51:31 GMT
style.css
d3kyd4hzk57l6r.cloudfront.net/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3kyd4hzk57l6r.cloudfront.net/style.css
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:11:9cf3:c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
952403b8e4ed58f55c3542c7c00c98f3e054eac444b57726f5c3df8ff16562c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 06:41:02 GMT
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Sep 2022 09:53:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
35217
etag
W/"ad1547f39ea9dc2f1d490a95937c2e3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
_tMbu6dDmQH4yWk9CNjIxL-OO3z4pdVvZB5Bcoe975HAbjXi-ns8zA==
gdpr-banner.umd.js
d3kyd4hzk57l6r.cloudfront.net/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3kyd4hzk57l6r.cloudfront.net/gdpr-banner.umd.js
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5800:11:9cf3:c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8b2d01db350f55d198ab59cd31e5d619ee75e2c35d177e5ed65db2d14085c79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 06:26:22 GMT
content-encoding
gzip
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Sep 2022 09:53:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
22535
etag
W/"7f65d86b3f62eaefc08157651ef5a2d8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JY5wDzrrqtSX4S3tbkB8doMJx1wjLffdV5i9scDAREHArRKsOLJc8Q==
cloudinary-core-shrinkwrap.min.js
cdnjs.cloudflare.com/ajax/libs/cloudinary-core/2.6.3/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cloudinary-core/2.6.3/cloudinary-core-shrinkwrap.min.js
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b66904832a3cb7a5ff6ec5d89502883f6210e02ee85e0f39c3eda75b1042de8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13704187
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22121
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-18e30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxIT1VwQk1lBw4q2gnqUhLVuZfOJDkxCS3Os8vVxLC0WBrY6EZdJ94cga7Yl3AEAYB4jTQtr8NQVOctjGYD7oMBGBBpZFh1IOTRla%2B61l9kUVeb1s5Ugd%2FtUdlEYanbTQOgb3aB1ZpXjtrN3VAOerv21"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809146215bd023ed-LHR
expires
Sun, 08 Sep 2024 10:51:31 GMT
ls.rias.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/plugins/rias/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/plugins/rias/ls.rias.min.js
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6a25184accd140966fe9f2833418f56c8d95dd85c9ab4d3f2fb95aabe551d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13368943
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1971
last-modified
Mon, 04 May 2020 16:12:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed0-12cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8es5rtuGgjH7ZGrzjdFNpGbIAwZrCAAT091XWEhDF1JuNJoMGeuOgfi4DJiMyrlSCdjaI6IpqTlwSLj7lO2LgvjBColwEeNR2ZEwJLrRVr1VuxmVAjq3V3I6DVYRlHp%2F9vw73mQjDRswMCDb1NzViLYZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809146215bd223ed-LHR
expires
Sun, 08 Sep 2024 10:51:31 GMT
lazysizes.min.js
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.1.8/lazysizes.min.js
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1089658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2879
last-modified
Thu, 22 Jun 2023 11:06:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b38-b3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo3wc14NDtmIFyut9u%2BUw%2BLCh10JfUKse1vGjzrPEIyTiVWms5MH9eI4%2FHKJ9IwXNbgrU%2BqCHauZNVMJrTzj3Ep1m%2BBFBHiNX8StwpjfV2j6jnMzuTDDKAj15MglEZ4mv880EejEYLsA79cGEdQI061a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809146215bd423ed-LHR
expires
Sun, 08 Sep 2024 10:51:31 GMT
css
fonts.googleapis.com/ 		7 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:300,400,600,700
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/assets/application-e6168ecca5c336674e3a5aa9f5dd621c760ee14bfacdbd1200e282f0dbbb110b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b81af2c33bda11980c3d249017f10ea638e00db9288e763d4222eee3ec95c777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 10:43:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Sep 2023 10:51:31 GMT
generator.js
app-api.vidjet.io/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-api.vidjet.io/generator.js?siteId=73caa509-d78c-41ee-82e7-bc7f48477f33
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.172.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-172-169.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
058daff34795e8a64433336abb03dddbf7241bb3cfe9ad4e31c3d82853864dfe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
gzip
etag
W/"71e2-R8P5D32aR5h74D5Bq3UpT0/ndpg"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, GET, DELETE, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
js
www.googletagmanager.com/gtag/ 		254 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FQHQSHFNNP&l=dataLayerTagManager&cx=c
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc3c1c19f700e0b988604eb48bdf427113ed24799b69d40c22e035bcc0fda0dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Tue, 19 Sep 2023 10:51:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88745
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Sep 2023 10:51:31 GMT
work_in_progress-3954d35e9f531360cf49ead4513270d1e4d05eb3e2c790f207b558867bf1d8f4.jpg
www.chambresdhotescorsedusud.com/assets/site/ 		765 KB
766 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chambresdhotescorsedusud.com/assets/site/work_in_progress-3954d35e9f531360cf49ead4513270d1e4d05eb3e2c790f207b558867bf1d8f4.jpg
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/assets/application-e6168ecca5c336674e3a5aa9f5dd621c760ee14bfacdbd1200e282f0dbbb110b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.89.99.10 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fe45d3475ac41c2eaad9be792cd7cb1e9615a66e19d7a6333c32045254550f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/assets/application-e6168ecca5c336674e3a5aa9f5dd621c760ee14bfacdbd1200e282f0dbbb110b.css
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

Date
Tue, 19 Sep 2023 10:51:31 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
CF-Cache-Status
HIT
Age
4398
alt-svc
h3=":443"; ma=86400
Content-Length
783856
Cf-Bgj
h2pri
Last-Modified
Thu, 10 Aug 2023 13:41:58 GMT
Server
cloudflare
ORG
AMENITIZ
Vary
Origin, Accept-Encoding
Content-Type
image/jpeg
Cache-Control
public, max-age=31623539
Accept-Ranges
bytes
CF-RAY
809146230c8130db-FRA
Expires
Thu, 19 Sep 2024 11:10:30 GMT
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3j6zdXWg.woff2
fonts.gstatic.com/s/nunito/v26/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3j6zdXWg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Domine|Lato|Nunito|Playfair+Display|Abhaya+Libre|Alegreya|Alegreya+Sans+SC|Arsenal|Cinzel|Cookie|Dancing+Script|Grand+Hotel|Great+Vibes|Halant|Inconsolata|Didact+Gothic|Lobster|Lobster+Two|Marvel|Niconne|Old+Standard+TT|Overlock+SC|Pacifico|Playfair+Display+SC|Sacramento|Tangerine|Orbitron|Rubik|Raleway
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc450e36554c51b060a3ba51573e0995338c05e3ab60dc20d171c1ad825d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.chambresdhotescorsedusud.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

date
Thu, 14 Sep 2023 18:19:08 GMT
x-content-type-options
nosniff
age
405143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16368
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:02:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:19:08 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FQHQSHFNNP&gtm=45je39i0h2&_p=1064165006&_gaz=1&cid=1273702924.1695120692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695120691&sct=1&seg=0&dl=https%3A%2F%2Fwww.chambresdhotescorsedusud.com%2Ffr%2Fsite-en-construction.fr&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQHQSHFNNP&l=dataLayerTagManager&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 10:51:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chambresdhotescorsedusud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FQHQSHFNNP&cid=1273702924.1695120692&gtm=45je39i0h2&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQHQSHFNNP&l=dataLayerTagManager&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 10:51:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chambresdhotescorsedusud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FQHQSHFNNP&cid=1273702924.1695120692&gtm=45je39i0h2&aip=1&z=1000770462
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 10:51:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track-event
app-api.vidjet.io/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app-api.vidjet.io/track-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.172.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-172-169.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.chambresdhotescorsedusud.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
PUT, POST, GET, DELETE, OPTIONS
access-control-allow-origin
*
allow
POST
content-length
4
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 10:51:32 GMT
etag
W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
vary
Accept-Encoding
x-powered-by
Express
track-event
app-api.vidjet.io/ 		38 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-api.vidjet.io/track-event
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.172.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-172-169.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e27e1f6e9e900dbaad7dc72183492d4916ded98fc48333cdba4532ef729f4324

Request headers

Referer
https://www.chambresdhotescorsedusud.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type
application/json

Response headers

date
Tue, 19 Sep 2023 10:51:32 GMT
etag
W/"26-eixvy7EqsgcIgqAmlJ2D0D9fM5k"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, GET, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
38
nr-spa.3b61d78f-1.240.0.min.js
js-agent.newrelic.com/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa.3b61d78f-1.240.0.min.js
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
951d822fc2fb79b605471fbff20fa807879bc8cae81952421d711b1137b9685b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

x-amz-version-id
bWp0ZkommAazDIzdeS.w74S63l8o23gk
content-encoding
br
via
1.1 varnish
date
Tue, 19 Sep 2023 10:51:32 GMT
strict-transport-security
max-age=300
x-amz-request-id
XPPMT95HEEQVMSY2
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
27920
x-amz-id-2
nHTs62TMEaawmapOTssoqMVXkSvD8jshG+kvusQeDhZO7ZvqxujamTMqueMvzOITYgjCdmzsqoA=
x-served-by
cache-man4131-MAN
last-modified
Tue, 12 Sep 2023 21:48:06 GMT
server
AmazonS3
x-timer
S1695120692.126205,VS0,VE0
etag
"f85c3fa29a0ed5f7ae4286128597abbd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2756
NRBR-47e039c0c074d6b28c5
bam.eu01.nr-data.net/1/ 		40 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRBR-47e039c0c074d6b28c5?a=489734564&v=1.240.0&to=JhpeRQoXCQgBSh0QWhEQH0YXCg47DVZtE0EKEkJUCws%3D&rst=2124&ck=0&s=bbc23fc8cb77fb7b&ref=https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr&af=err,xhr,stn,ins,spa&qt=2&ap=24&be=1237&fe=781&dc=676&perf=%7B%22timing%22:%7B%22of%22:1695120690038,%22n%22:0,%22f%22:1064,%22dn%22:1064,%22dne%22:1064,%22c%22:1064,%22s%22:1064,%22ce%22:1064,%22rq%22:1065,%22rp%22:1238,%22rpe%22:1283,%22di%22:1912,%22ds%22:1912,%22de%22:1913,%22dc%22:2016,%22l%22:2016,%22le%22:2018%7D,%22navigation%22:%7B%7D%7D&fp=1622&fcp=1622
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer
https://www.chambresdhotescorsedusud.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 10:51:32 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.chambresdhotescorsedusud.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-man4148-MAN
NRBR-47e039c0c074d6b28c5
bam.eu01.nr-data.net/events/1/ 		24 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/events/1/NRBR-47e039c0c074d6b28c5?a=489734564&v=1.240.0&to=JhpeRQoXCQgBSh0QWhEQH0YXCg47DVZtE0EKEkJUCws%3D&rst=2351&ck=0&s=bbc23fc8cb77fb7b&ref=https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Requested by
Host: www.chambresdhotescorsedusud.com
URL: https://www.chambresdhotescorsedusud.com/fr/site-en-construction.fr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.chambresdhotescorsedusud.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
content-type
text/plain

Response headers

date
Tue, 19 Sep 2023 10:51:32 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.chambresdhotescorsedusud.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-man4148-MAN
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-FQHQSHFNNP&gtm=45je39i0h2&_p=1064165006&cid=1273702924.1695120692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695120691&sct=1&seg=0&dl=https%3A%2F%2Fwww.chambresdhotescorsedusud.com%2Ffr%2Fsite-en-construction.fr&dt=&en=scroll&epn.percent_scrolled=90&_et=87
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQHQSHFNNP&l=dataLayerTagManager&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.chambresdhotescorsedusud.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 10:51:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.chambresdhotescorsedusud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| dataLayerTagManager object| NREUM object| webpackChunk:NRBA-1.240.0.PROD object| newrelic object| google_tag_manager object| google_tag_data function| onConversationsAPIReady object| hsConversationsOnReady function| gdpr-banner function| onYouTubeIframeAPIReady object| gaGlobal function| slice function| extend function| hasProp function| initSwitchery function| initMasks function| initDatepicker function| handleAttachementLabel function| initDropFile function| ready function| jsPDF function| saveAs function| Deflater function| DecodeStream function| FlateStream boolean| windowIsTurbolinked object| cookiesEu object| confetti function| renderBookingDetailsSidepannelContent function| openBookingDetailsSidepanel function| closeBookingDetailsSidepannel function| flash function| hexToRgb function| clamp function| isInArray function| pJS function| openPictureLibraryMarketing function| closePictureLibraryMarketing function| openPictureLibraryClient function| closePictureLibraryClient function| OpenSmallSidepannel function| OpenMediumSidepannel function| OpenLargeSidepannel function| CloseSecondSidepannel function| CloseSmallSidepannelButton function| CloseMediumSidepannelButton function| CloseLargeSidepannelButton function| addZ function| getEndDateYearPlusOne function| callErrorBulkUpdateMoreThanOneYear function| scrolledHeaders function| setCheckbox function| toggleCheckBoxes function| clickableRow function| resizeActionBar number| width function| fillBlankWithDots function| $ function| jQuery object| dataConfirmModal object| cloudinary function| _ object| Gmaps function| moment object| FullCalendar object| TextAlignMap function| PNG function| Cookies object| SocialShareButton object| Chartkick function| Chart function| tinycolor function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| retinajs object| Amenitiz object| AOS object| ActionCable object| App function| JSEncrypt function| ldBar function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| intlTelInputUtils function| Outlayer function| Masonry object| dropDownButton object| lazySizesConfig object| lazySizes object| backgroundImages number| len undefined| imagePath undefined| height undefined| sizes undefined| closest_width undefined| closest_height undefined| multiple function| createDateRanges function| getRandomValues function| vidjetDisplayLaunchPopup object| rnds8 function| rng object| REGEX function| validate function| stringify object| Vidjet

5 Cookies

Domain/Path Name / Value
.chambresdhotescorsedusud.com/ Name: _myapp_session
Value: G%2FGlGv6vxJCez168pcWFUeYaD%2Bt0%2Bzkqi1DhxuUB183sb%2BvUbVP3ov2p%2B7UcitaI4eqrcudvQoYMSBWTVxtASdrxBNr%2BFHAA7skfh9p03WTqm%2BiVfZX8c1J6C6k7VbhEl13ygFSaBEJ5gKGnsbRwJMtwjlatpibRVj6NXtENCqyno1%2FHg3wjaBrFYLWgr8C%2BGNNvHFD%2BybiqQqzkKZrMoglxrVFEpPtVAvM%2FKw7j25z7E7azswKL9dW1l97UOuF7iCdMXNEYoY6vBJXcboluP9Sz2H3AFJAPyNFUSy42ErI9PrMhEgRQfUAnNFc%3D--Hezi8VEaFac16KDP--nM4goVc06S7OqcfCyqrIdw%3D%3D
.chambresdhotescorsedusud.com/ Name: _gcl_au
Value: 1.1.1412970177.1695120692
.chambresdhotescorsedusud.com/ Name: _ga
Value: GA1.1.1273702924.1695120692
.chambresdhotescorsedusud.com/ Name: _ga_FQHQSHFNNP
Value: GS1.1.1695120691.1.0.1695120691.60.0.0
www.chambresdhotescorsedusud.com/ Name: vidjet-sessionId
Value: 055c4280-af7a-41e0-abee-e8283d948973

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-api.vidjet.io
bam.eu01.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
chambresdhotescorsedusud.com
d3kyd4hzk57l6r.cloudfront.net
fiore-di-machja.amenitiz.io
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
maxcdn.bootstrapcdn.com
region1.analytics.google.com
stats.g.doubleclick.net
www.chambresdhotescorsedusud.com
www.google.co.uk
www.googletagmanager.com
151.101.66.137
159.89.99.10
185.221.87.23
2001:4860:4802:32::36
2600:9000:223f:5800:11:9cf3:c0:21
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:1aef
2606:4700::6812:bcf
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c09::9d
52.212.172.169
058daff34795e8a64433336abb03dddbf7241bb3cfe9ad4e31c3d82853864dfe
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
356524897658c961ee2585be637224ac561293510b355b7f12a93817322312f8
388f1821c6b671fe2ac0ca40a7f40c8cc182016ffa7dacb17a28a0f22dcb99dc
4b66904832a3cb7a5ff6ec5d89502883f6210e02ee85e0f39c3eda75b1042de8
55ddd1f80cec627f624b79cea24ccd18fb38180c3bff6757ffe56be7c1a6445d
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
7d3068ede90edb6a637e13f5ad0b35a6b284a3822ef1e54f383be6d2838be577
951d822fc2fb79b605471fbff20fa807879bc8cae81952421d711b1137b9685b
952403b8e4ed58f55c3542c7c00c98f3e054eac444b57726f5c3df8ff16562c7
a0fe45d3475ac41c2eaad9be792cd7cb1e9615a66e19d7a6333c32045254550f
aa6a25184accd140966fe9f2833418f56c8d95dd85c9ab4d3f2fb95aabe551d5
ac77b2a7837bfaae368e8edfeba8dc153147d1a5a9abe03b02bc606f64ad4a89
acc450e36554c51b060a3ba51573e0995338c05e3ab60dc20d171c1ad825d966
ad2b41ed05c5fc70739be6b12f6b2b68107fb614ad35ee76c22c6642f2e1fbe2
b81af2c33bda11980c3d249017f10ea638e00db9288e763d4222eee3ec95c777
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
dc3c1c19f700e0b988604eb48bdf427113ed24799b69d40c22e035bcc0fda0dc
decd338b3ce72e0c3b0e1e4a9743b79f1dfdec42c454a8d35163aa674bc2696c
e27e1f6e9e900dbaad7dc72183492d4916ded98fc48333cdba4532ef729f4324
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b2d01db350f55d198ab59cd31e5d619ee75e2c35d177e5ed65db2d14085c79
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c