urlscan.io logo urlscan.io
SecurityTrails logo

www.hotelt3-billets.ca Open in urlscan Pro
2600:9000:215d:1000:12:a6e8:9040:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hotelt3-billets.ca/
Submission: On April 18 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 11 domains to perform 96 HTTP transactions. The main IP is 2600:9000:215d:1000:12:a6e8:9040:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.hotelt3-billets.ca.
TLS certificate: Issued by R3 on April 18th 2021. Valid for: 3 months.
This is the only time www.hotelt3-billets.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2600:9000:215d:1000:12:a6e8:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.hotelt3-billets.ca
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2600:9000:20e8:2600:1:5424:4140:21 (United States)

ASN16509 (AMAZON-02, US)
dx35vtwkllhj9.cloudfront.net
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
4    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net
6441505.fls.doubleclick.net
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
14    52.208.88.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
stdata.powster.com
data.powster.com
1    99.84.156.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-60.txl52.r.cloudfront.net
tracking.powster.com
26    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
13    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
26 maps.googleapis.com www.hotelt3-billets.ca
maps.googleapis.com
13 www.google-analytics.com www.hotelt3-billets.ca
cdn.ravenjs.com
11 www.youtube.com www.hotelt3-billets.ca
www.youtube.com
8 stdata.powster.com www.hotelt3-billets.ca
8 dx35vtwkllhj9.cloudfront.net www.hotelt3-billets.ca
6 data.powster.com www.hotelt3-billets.ca
5 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 maps.gstatic.com www.hotelt3-billets.ca
maps.googleapis.com
4 6441505.fls.doubleclick.net 2 redirects www.hotelt3-billets.ca
3 www.hotelt3-billets.ca www.hotelt3-billets.ca
2 adservice.google.com 6441505.fls.doubleclick.net
2 fonts.googleapis.com www.hotelt3-billets.ca
maps.googleapis.com
1 www.gstatic.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 googleads.g.doubleclick.net www.youtube.com
1 tracking.powster.com www.hotelt3-billets.ca
1 adservice.google.de adservice.google.com
1 cdn.ravenjs.com www.hotelt3-billets.ca
96 18
Subject Issuer Validity Valid
www.hotelt3-billets.ca
R3		 2021-04-18 -
2021-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
movies.powster.com
R3		 2021-04-10 -
2021-07-09		 3 months crt.sh
tracking.powster.com
R3		 2021-03-05 -
2021-06-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.hotelt3-billets.ca/
Frame ID: A107DC192CD85303706EDFCEA91EA804
Requests: 85 HTTP requests in this frame

Frame: https://6441505.fls.doubleclick.net/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223
Frame ID: 46B3C1376BD099B58B18FB110A764492
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
Frame ID: CFC0F17D4F7827E4C502491D01333BD9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
Frame ID: 9A76E61015071AC5DDC51BDF75C9A300
Requests: 1 HTTP requests in this frame

Frame: https://6441505.fls.doubleclick.net/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152
Frame ID: 77811880A944F3D313E3A7F4BC57A18C
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Frame ID: F2C59FF7CFE8881AED1A4D9336628429
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

96
Requests

100 %
HTTPS

82 %
IPv6

11
Domains

18
Subdomains

18
IPs

3
Countries

2806 kB
Transfer

4691 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://6441505.fls.doubleclick.net/activityi;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223 HTTP 302
  • https://6441505.fls.doubleclick.net/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223
Request Chain 15
  • https://6441505.fls.doubleclick.net/activityi;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152 HTTP 302
  • https://6441505.fls.doubleclick.net/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hotelt3-billets.ca/ 		53 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:1000:12:a6e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f70151e18e0b0db02f8156e50f283a8e5123192b218f493b00c04769ea172d8

Request headers

:method
GET
:authority
www.hotelt3-billets.ca
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html
last-modified
Mon, 30 Jul 2018 16:04:32 GMT
x-amz-version-id
4CO1hW5RCICO7pkvOJm7Yfq7TZoY6UDj
server
AmazonS3
content-encoding
gzip
date
Sun, 18 Apr 2021 16:10:52 GMT
etag
W/"ad9917ec96f3132ac9eb37b5ffa1f121"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
g5Mu0LZ6M8MJBXgQ8o9fonvxbxVnXJDwLZ8RhZlbl1lSQkWJ2WjvKw==
showtimes.css
www.hotelt3-billets.ca/css/ 		218 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hotelt3-billets.ca/css/showtimes.css?v=1532966519970
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:1000:12:a6e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75659ae33aa76ed3bfdd5fb481db57481229e1bd34ea88028bf734a569dbfbdc

Request headers

:path
/css/showtimes.css?v=1532966519970
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hotelt3-billets.ca
referer
https://www.hotelt3-billets.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
56uUp3qkwScLaP9CZngShO5bMIxuIJ4j
content-encoding
gzip
last-modified
Mon, 30 Jul 2018 16:04:28 GMT
server
AmazonS3
x-amz-cf-pop
CPH50-C1
etag
W/"b7677add4024a250b324d68e7c3f5b60"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
date
Sun, 18 Apr 2021 16:10:52 GMT
x-amz-cf-id
hdtSyKpqTq7ey_-FkH4xwniVjQr0KdvTXX1G-VVtbaoSHpIjykapqA==
css
fonts.googleapis.com/ 		3 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700,900
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
40b748887fdf1fd6031ad5656681f0463d61953f6146c3df0d6e25ae1855ba4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 16:10:51 GMT
server
ESF
date
Sun, 18 Apr 2021 16:10:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 16:10:51 GMT
legal-logos.png
dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/legal-logos.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d73edb083c9233898ffeaa46c8da7f58f5680e5eeb04e042a567a5b919d06a99

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 11:23:29 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Fri, 20 Apr 2018 16:07:16 GMT
server
AmazonS3
age
17243
etag
"a4470959af08f3a8ec95b84622568293"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=172800
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
23123
x-amz-cf-id
Fh1rXARBg4nfEElnILHGf7DaYaOM1rt-GsesPEOqGxvNIOhnCjJ7Hg==
raven.min.js
cdn.ravenjs.com/3.16.0/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.16.0/raven.min.js
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0cf2e5bc2b2c489b041685a6d88360b8b696234907e52629dab51deb4763af10

Request headers

Origin
https://www.hotelt3-billets.ca
Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
last-modified
Tue, 13 Jun 2017 01:09:26 GMT
server
Fastly
age
43255
etag
"4a7fbb2b1ce0ea33b2a91794519ecef2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9623
showtimes.js
www.hotelt3-billets.ca/js/ 		778 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:1000:12:a6e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3dffeb67a6b322a99970af790515db8a709742c8e8a0c0979db0b25c7dde45fc

Request headers

:path
/js/showtimes.js?v=1532966519970
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hotelt3-billets.ca
referer
https://www.hotelt3-billets.ca/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
content-encoding
gzip
last-modified
Mon, 30 Jul 2018 16:04:36 GMT
server
AmazonS3
x-amz-cf-pop
CPH50-C1
etag
W/"2b1c9cb7ccd3f255b68f76d211e9c1e2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 0326fbaba639f5673ce3c647a7884df0.cloudfront.net (CloudFront)
x-amz-version-id
GglgXz6icbQ8Psw.He_pYL5vCWCQ084W
x-amz-cf-id
eubngVxBopQ8S7F7MbcSQRoJggxyClvd-KCuerdU6AEYynujIugq8A==
activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223
6441505.fls.doubleclick.net/ Frame 46B3
Redirect Chain
  • https://6441505.fls.doubleclick.net/activityi;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223?
  • https://6441505.fls.doubleclick.net/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_direct...
539 B
434 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6441505.fls.doubleclick.net/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223?
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
e02d293f49cef0e969dbe5a04ac9e6b46215896bd97bcb2bd77de829e7bf45e2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6441505.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hotelt3-billets.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hotelt3-billets.ca/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 18 Apr 2021 16:10:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
409
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 18-Apr-2021 16:25:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 18 Apr 2021 16:10:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6441505.fls.doubleclick.net/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.com/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;o... Frame CFC0 		538 B
640 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
Requested by
Host: 6441505.fls.doubleclick.net
URL: https://6441505.fls.doubleclick.net/activityi;dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7115cd542dfda179d7def763f4df3a9c1dd75e3176ad144b37357fb6523c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6441505.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6441505.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 18 Apr 2021 16:10:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
407
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;or... Frame 9A76 		194 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CPC12aeXiPACFfJCHQkddTsJhA;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7501662415090.223;~oref=https://www.hotelt3-billets.ca/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 18 Apr 2021 16:10:51 GMT
expires
Sun, 18 Apr 2021 16:10:51 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
5572
stdata.powster.com/app_data/dynamic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/app_data/dynamic/5572
Protocol
HTTP/1.1
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.hotelt3-billets.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,Accept-language,If-Modified-Since
access-control-allow-methods
GET
access-control-allow-origin
https://www.hotelt3-billets.ca
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Content-Length
0
Connection
keep-alive
hotel-transylvania-3-a-monster-vacation
stdata.powster.com/app_data/title_regions/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/app_data/title_regions/hotel-transylvania-3-a-monster-vacation
Protocol
HTTP/1.1
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.hotelt3-billets.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,Accept-language,If-Modified-Since
access-control-allow-methods
GET
access-control-allow-origin
https://www.hotelt3-billets.ca
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Content-Length
0
Connection
keep-alive
geo
stdata.powster.com/ 		94 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/geo
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7359455b0bdbe693b79b9842614dc35193f90bb1e2bea2d18cb67cd1a3484efe

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Content-Encoding
gzip
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
100
tracker.js
tracking.powster.com/js/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.powster.com/js/tracker.js
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.156.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-156-60.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7573f292f332485fa0522718b017d1735e0caf9faa1b08da01d9578460dd551a

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EYg20WQBttvTa0q6wHF.dKewFqQyaxaO
content-encoding
gzip
last-modified
Fri, 27 Nov 2020 11:42:00 GMT
server
AmazonS3
x-amz-cf-pop
TXL52-C1
etag
W/"aa6c00fb3bd6156dfbfe05955ae1e899"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d91c21a06968968452d701ff77f35a70.cloudfront.net (CloudFront)
date
Sun, 18 Apr 2021 16:10:52 GMT
x-amz-cf-id
XGGDR_piVqHX7T8R9y4-Tq9wgtgu8rC2LaWAgKdN_yzPa5hVpHay7Q==
5572
stdata.powster.com/app_data/dynamic/ 		162 B
573 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/app_data/dynamic/5572
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6830830f3ba5b7720e32d58522fd0cc0e10aa473e5050d6fcd567ed024cf8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/vnd.api+json
Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
Server
nginx
vary
origin,accept-encoding
Connection
keep-alive
Content-Type
application/vnd.api+json
access-control-allow-origin
https://www.hotelt3-billets.ca
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
162
hotel-transylvania-3-a-monster-vacation
stdata.powster.com/app_data/title_regions/ 		416 B
608 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/app_data/title_regions/hotel-transylvania-3-a-monster-vacation
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4bbb4ce5020fc540d07c64b1d15a90ff3e4f88fe349b85d885dbfd093ac13636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/vnd.api+json
Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
Server
nginx
vary
origin,accept-encoding
Connection
keep-alive
Content-Type
application/vnd.api+json
access-control-allow-origin
https://www.hotelt3-billets.ca
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
197
geo
stdata.powster.com/ 		94 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/geo
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7359455b0bdbe693b79b9842614dc35193f90bb1e2bea2d18cb67cd1a3484efe

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Content-Encoding
gzip
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
100
activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152
6441505.fls.doubleclick.net/ Frame 7781
Redirect Chain
  • https://6441505.fls.doubleclick.net/activityi;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152?
  • https://6441505.fls.doubleclick.net/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_direct...
432 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6441505.fls.doubleclick.net/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152?
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f6.1e100.net
Software
cafe /
Resource Hash
1d302eb19e2e37ebe27211ef59edadadf7ee10c3a41caafa90db71f8d8a5ca1d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6441505.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hotelt3-billets.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hotelt3-billets.ca/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 18 Apr 2021 16:10:51 GMT
expires
Sun, 18 Apr 2021 16:10:51 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
353
x-xss-protection
0
set-cookie
IDE=AHWqTUmxZ6ncrsXvYzmhSmOKo469TzJGXTbbidJGdmDy6VSxPJ1OchsCEug4scEfrYQ; expires=Fri, 13-May-2022 16:10:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 18 Apr 2021 16:10:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6441505.fls.doubleclick.net/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
maps.googleapis.com/maps/api/ 		141 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
ae00baeb17e96fc251229cf97a46c25ea96c36b0926bd768106508ff4b4fae45
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=16
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47133
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:40:51 GMT
facebook.png
dx35vtwkllhj9.cloudfront.net/images/share/ 		588 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/images/share/facebook.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/css/showtimes.css?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12590f1d6a63e66b61843999e433d54cf1d25f335824a7316d9f660292a5d1a8

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 04:36:20 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jul 2020 08:57:28 GMT
server
AmazonS3
age
905671
etag
"8ddae8338e4e2209c8db87f29d701a79"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
588
x-amz-cf-id
1_7xAoJahqZxJBW1likPq22pppM6C7vw-RVzcpnyVHkBpCmjxIrxRQ==
twitter2.png
dx35vtwkllhj9.cloudfront.net/images/share/ 		501 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/images/share/twitter2.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/css/showtimes.css?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d149ef77e4ad82dcda641a0b536570cc9d39cb355e397c2f51b7571a891cf4f8

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:37:53 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Mon, 10 Sep 2018 16:43:06 GMT
server
AmazonS3
age
37979
etag
"99ac4ae037a2812007788f2a33bf1ebb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
501
x-amz-cf-id
U3ez0Ye09_Xm1P8B5CBoIOYMZaLkuQHeqJG5ZCK1KMdlhZ5E9_4_vw==
googleplus.png
dx35vtwkllhj9.cloudfront.net/images/share/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/images/share/googleplus.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/css/showtimes.css?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac98c7b1d8a1740c023c88048386de3be26b5ccd524d4a58cd34d9f17527b9a0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 01:37:01 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Mon, 10 Sep 2018 16:43:06 GMT
server
AmazonS3
age
52431
etag
"5a996eb01bf98ed1a02e5503b83f4a70"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
1519
x-amz-cf-id
R6tU7AmpVKX6WmG7EKczihMK5dCmzsLTwutrYaHhvAN-K2Jj44lEgw==
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.hotelt3-billets.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:11:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
43161
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:11:30 GMT
JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.hotelt3-billets.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 06:04:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:21 GMT
server
sffe
age
36352
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19240
x-xss-protection
0
expires
Mon, 18 Apr 2022 06:04:59 GMT
onesheet.jpg
dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/regions/ca_fr/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/regions/ca_fr/onesheet.jpg
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f7c9e80949cb28d77643f8cf5d5776bc25ec719c76a395926c93360462bd20b

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jul 2018 15:14:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL52-C1
etag
"b9c1828a12b3e1fb10d138fad96ae152"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=172800
accept-ranges
bytes
content-length
58664
x-amz-cf-id
-9bgmfcwcYVyz9NrHZhbKnIPst_oYxRlyBr4ZnqfKbliAzBVxU7ojw==
box-bg.png
dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/regions/ca_fr/ 		440 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/regions/ca_fr/box-bg.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/css/showtimes.css?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b95c72958d6f45f59d7ca03bea8582f7fa30c9f4ffc1812951fc34d931a6382

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jul 2018 15:14:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL52-C1
etag
"9e1f2a74f76e8e1b07d3b64079d2b77b"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=172800
accept-ranges
bytes
content-length
440
x-amz-cf-id
k3muCF6n1nxGWNkiEXd6TFbypqBxRxWND74lFj_N0rtI3nK5M0Af0A==
fangs-bg.png
dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/regions/ca_fr/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/sonypictures/hotel-transylvania-3-a-monster-vacation/images/regions/ca_fr/fangs-bg.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/css/showtimes.css?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e42926b5a4e1857b80e0228e0648f5a71da0f9b841fa50ab871d078f274850d

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jul 2018 15:14:48 GMT
server
AmazonS3
x-amz-cf-pop
TXL52-C1
etag
"efc88434c95b3f3793440c1b189b337a"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=172800
accept-ranges
bytes
content-length
1061
x-amz-cf-id
605XKagJ0hRTCO1H6UUWEbV5QDpp5Yc2VhlTZxaLsAwLhB8-rsLIiA==
common.js
maps.googleapis.com/maps-api-v3/api/js/44/10/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/10/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a0f8b6aba33c296657bcc8de652cee57c1634e55bc8479bf0f6bb25fa57ab47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 09:16:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 03:28:22 GMT
server
sffe
age
24870
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86820
x-xss-protection
0
expires
Mon, 18 Apr 2022 09:16:21 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/44/10/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/10/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb08248d2c652f71e2b8ae6234b52deb18bad4a5fe9dc2e27ee52b604e0c11ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 20:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 03:28:22 GMT
server
sffe
age
70258
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87551
x-xss-protection
0
expires
Sun, 17 Apr 2022 20:39:53 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/44/10/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/10/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d09d61d6c07d9cb4743ff2aa2bdc0595af7f56723f79919e19e316d7b76f3aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 03:28:22 GMT
server
sffe
age
336373
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21601
x-xss-protection
0
expires
Thu, 14 Apr 2022 18:44:38 GMT
dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152
adservice.google.com/ddm/fls/z/ Frame 7781 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152
Requested by
Host: 6441505.fls.doubleclick.net
URL: https://6441505.fls.doubleclick.net/activityi;dc_pre=CIDp7aeXiPACFYa3Gwod-UQLbQ;src=6441505;type=powster;cat=um_so00n;u3=hotel-transylvanie-3-les-vacances-dete;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8964224000979.152?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6441505.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openhand_8_8.cur
maps.gstatic.com/mapfiles/ 		326 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:51 GMT
stats.js
maps.googleapis.com/maps-api-v3/api/js/44/10/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/10/stats.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6129de5b97fd7f7572f3800c87097dd01b6aaa841ee996c9462b4398abe32256
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:45:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 03:28:22 GMT
server
sffe
age
336333
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3959
x-xss-protection
0
expires
Thu, 14 Apr 2022 18:45:18 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/44/10/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/10/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bfebdbffc77cff5f949c4f259e48a0e49983262aff97bc2e0a9ea7372da9333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 03:28:22 GMT
server
sffe
age
336373
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
expires
Thu, 14 Apr 2022 18:44:38 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
869
date
Sun, 18 Apr 2021 15:56:22 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sun, 18 Apr 2021 17:56:22 GMT
t
data.powster.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.powster.com/t?e_c=hotel-transylvania-3-a-monster-vacation&e_a=visit&_cvar=%7B%221%22%3A%5B%22studio%22%2C%22sonypictures%22%5D%2C%222%22%3A%5B%22movie%22%2C%22hotel-transylvania-3-a-monster-vacation%22%5D%2C%223%22%3A%5B%22region%22%2C%22ca_fr%22%5D%2C%224%22%3A%5B%22page_type%22%2C%22website%22%5D%2C%225%22%3A%5B%22view_mode%22%2C%22desktop%22%5D%7D&res=1600x1200&url=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&_id=42f817c1-f682-4095-92fb-297a4db63729
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
X-Pow-Instance
web1223.prod
t
data.powster.com/ 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.powster.com/t?e_c=hotel-transylvania-3-a-monster-vacation&e_a=static-showtimes-view&_cvar=%7B%221%22%3A%5B%22studio%22%2C%22sonypictures%22%5D%2C%222%22%3A%5B%22movie%22%2C%22hotel-transylvania-3-a-monster-vacation%22%5D%2C%223%22%3A%5B%22region%22%2C%22ca_fr%22%5D%2C%224%22%3A%5B%22page_type%22%2C%22website%22%5D%2C%225%22%3A%5B%22view_mode%22%2C%22desktop%22%5D%7D&res=1600x1200&url=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&_id=42f817c1-f682-4095-92fb-297a4db63729
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
X-Pow-Instance
web11054.prod
t
data.powster.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.powster.com/t?e_c=hotel-transylvania-3-a-monster-vacation&e_a=static-start_dimensions&_cvar=%7B%221%22%3A%5B%22studio%22%2C%22sonypictures%22%5D%2C%222%22%3A%5B%22movie%22%2C%22hotel-transylvania-3-a-monster-vacation%22%5D%2C%223%22%3A%5B%22region%22%2C%22ca_fr%22%5D%2C%224%22%3A%5B%22page_type%22%2C%22website%22%5D%2C%225%22%3A%5B%22view_mode%22%2C%22desktop%22%5D%7D&res=1600x1200&url=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&_id=42f817c1-f682-4095-92fb-297a4db63729&e_n=1600x1200
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
X-Pow-Instance
web1225.prod
t
data.powster.com/ 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.powster.com/t?e_c=hotel-transylvania-3-a-monster-vacation&e_a=static-page_visible&_cvar=%7B%221%22%3A%5B%22studio%22%2C%22sonypictures%22%5D%2C%222%22%3A%5B%22movie%22%2C%22hotel-transylvania-3-a-monster-vacation%22%5D%2C%223%22%3A%5B%22region%22%2C%22ca_fr%22%5D%2C%224%22%3A%5B%22page_type%22%2C%22website%22%5D%2C%225%22%3A%5B%22view_mode%22%2C%22desktop%22%5D%7D&res=1600x1200&url=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&_id=42f817c1-f682-4095-92fb-297a4db63729
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
X-Pow-Instance
web10871.prod
t
data.powster.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.powster.com/t?e_c=hotel-transylvania-3-a-monster-vacation&e_a=static-page_is&_cvar=%7B%221%22%3A%5B%22studio%22%2C%22sonypictures%22%5D%2C%222%22%3A%5B%22movie%22%2C%22hotel-transylvania-3-a-monster-vacation%22%5D%2C%223%22%3A%5B%22region%22%2C%22ca_fr%22%5D%2C%224%22%3A%5B%22page_type%22%2C%22website%22%5D%2C%225%22%3A%5B%22view_mode%22%2C%22desktop%22%5D%7D&res=1600x1200&url=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&_id=42f817c1-f682-4095-92fb-297a4db63729
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
X-Pow-Instance
web1223.prod
cities
stdata.powster.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/cities?filter%5Btheaters%5D%5Bcountry%5D%5B0%5D=ca&filter%5Btitles%5D%5Bslug%5D%5B0%5D=hotel-transylvania-3-a-monster-vacation
Protocol
HTTP/1.1
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.hotelt3-billets.ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,Accept-language,If-Modified-Since
access-control-allow-methods
GET
access-control-allow-origin
https://www.hotelt3-billets.ca
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000
Content-Length
0
Connection
keep-alive
ca_fr.png
dx35vtwkllhj9.cloudfront.net/images/flags/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx35vtwkllhj9.cloudfront.net/images/flags/ca_fr.png
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e8:2600:1:5424:4140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea27743cd5ebd722faf004476aabe72d47a81b569d2606868ef4c6c6a2e69fe8

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 19:05:18 GMT
via
1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
last-modified
Wed, 08 Apr 2015 17:16:27 GMT
server
AmazonS3
age
594333
etag
"bfcf7de437f13e5447b80e07053f44ff"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
TXL52-C1
accept-ranges
bytes
content-length
23056
x-amz-cf-id
MMeb_bndLGTRPq91-NjnCfVq4Wff8ZnxmJJnAP8_8CUKENcqVp7Dww==
cities
stdata.powster.com/ 		75 B
502 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stdata.powster.com/cities?filter%5Btheaters%5D%5Bcountry%5D%5B0%5D=ca&filter%5Btitles%5D%5Bslug%5D%5B0%5D=hotel-transylvania-3-a-monster-vacation
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
afc52a0e2c382b1439caf69628ee17f094ebc34d732ee4dd1b2e2abbc07a40d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/vnd.api+json
Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/vnd.api+json

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
Server
nginx
vary
origin,accept-encoding
Connection
keep-alive
Content-Type
application/vnd.api+json
access-control-allow-origin
https://www.hotelt3-billets.ca
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Strict-Transport-Security
max-age=31536000
Content-Length
92
iframe_api
www.youtube.com/ 		1005 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/js/showtimes.js?v=1532966519970
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9597860d23d61f092be7543c5714d0e1dbf18eae058a76c76da64285392b8eb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:51 GMT
t
data.powster.com/ 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.powster.com/t?e_c=hotel-transylvania-3-a-monster-vacation&e_a=static-no_showtimes_available&_cvar=%7B%221%22%3A%5B%22studio%22%2C%22sonypictures%22%5D%2C%222%22%3A%5B%22movie%22%2C%22hotel-transylvania-3-a-monster-vacation%22%5D%2C%223%22%3A%5B%22region%22%2C%22ca_fr%22%5D%2C%224%22%3A%5B%22page_type%22%2C%22website%22%5D%2C%225%22%3A%5B%22view_mode%22%2C%22desktop%22%5D%7D&res=1600x1200&url=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&_id=42f817c1-f682-4095-92fb-297a4db63729
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.88.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-88-117.eu-west-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 18 Apr 2021 16:10:51 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
Express
X-Pow-Instance
web11054.prod
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ 		45 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d51.9532470703125&2d4.65875244140625&2m2&1d52.66021728515625&2d5.220703125&2u12&4sen-US&5e0&6sm%40553000000&7b0&8e0&12e2&callback=_xdc_._39ftij&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=75426
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/10/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
73a7b181ab7de50597cc8e372484a96c56d637c85d940330ef96aa927f9c2a75
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=36
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6052
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=117825920&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=2010145282&gjid=1785238069&cid=1055126448.1618762252&tid=UA-38093606-11&_gid=2040857587.1618762252&_r=1&_slc=1&z=914729527
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.0/raven.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hotelt3-billets.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=117825920&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1181180219&gjid=476667071&cid=1055126448.1618762252&tid=UA-38093606-8&_gid=2040857587.1618762252&_r=1&_slc=1&z=1691573672
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.16.0/raven.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hotelt3-billets.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=website%2Fcore%2Fca_fr%2Fshowtimes-view&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-11&_gid=2040857587.1618762252&z=80734507
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=website%2Fcore%2Fca_fr%2Fshowtimes-view&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-8&_gid=2040857587.1618762252&z=1997916506
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=website%2Fcore%2Fca_fr%2Fstart_dimensions&el=1600x1200&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-11&_gid=2040857587.1618762252&z=1850218399
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=website%2Fcore%2Fca_fr%2Fstart_dimensions&el=1600x1200&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-8&_gid=2040857587.1618762252&z=534955735
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=website%2Fcore%2Fca_fr%2Fpage_visible&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-11&_gid=2040857587.1618762252&z=706451819
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=website%2Fcore%2Fca_fr%2Fpage_visible&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-8&_gid=2040857587.1618762252&z=1228080915
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sony-showtimes-hosted-by-powster%2Fhotel-transylvania-3-a-monster-vacation%2F&ea=website%2Fcore%2Fca_fr%2Fpage_is&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-11&_gid=2040857587.1618762252&z=742507146
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sony-showtimes-hosted-by-powster%2Fhotel-transylvania-3-a-monster-vacation%2F&ea=website%2Fcore%2Fca_fr%2Fpage_is&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-8&_gid=2040857587.1618762252&z=1872550278
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&_s=6&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sony-showtimes-hosted-by-powster%2Fhotel-transylvania-3-a-monster-vacation%2F&ea=website%2Fcore%2Fca_fr%2Fno_showtimes_available&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-11&_gid=2040857587.1618762252&z=53079678
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=117825920&t=event&_s=6&dl=https%3A%2F%2Fwww.hotelt3-billets.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H%C3%B4tel%20Transylvanie%203%3A%20Les%20Vacances%20D%E2%80%99%C3%A9t%C3%A9%3A%20Horaires%20%7C%20Sony%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sony-showtimes-hosted-by-powster%2Fhotel-transylvania-3-a-monster-vacation%2F&ea=website%2Fcore%2Fca_fr%2Fno_showtimes_available&_u=YEDAAAABAAAAAC~&jid=&gjid=&cid=1055126448.1618762252&tid=UA-38093606-8&_gid=2040857587.1618762252&z=2230489
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
22033
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/ 		109 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
688787521ed7834cc36e290802e240d5003d419188c265ad7b50e4e2e9128bd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
40014
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39492
x-xss-protection
0
expires
Mon, 18 Apr 2022 05:03:57 GMT
vt
maps.googleapis.com/maps/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2104!3i1347!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=17454
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
6469efe5e2f90a45ca590e5c7f84afe01f10d76d1a8a1f332b06081ff96f0dcf
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=65
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17074
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2103!3i1347!4i256!2m3!1e0!2sm!3i553276572!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=106902
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
668e9e78818224963521b361870271ab8fb69cd93cd47d71809afc925d236470
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=76
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16997
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2103!3i1346!4i256!2m3!1e0!2sm!3i553276572!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=127854
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
cfb4009c7da0fa4b900ce7fbba0b79a3dcc30e15b2b28acd72ff682726bb5a43
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=73
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20058
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2104!3i1346!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=38406
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
9ba02beed7c9b33ae532b349d38e8976b26f92ced2f2437659f368cc78e633e8
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=72
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17347
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2105!3i1346!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=58066
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
4b07a89f5fdd7c126a8b26b2cd3038529e66b18fb27e56ee368b5e0a4f6ddfdd
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=44
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4888
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2105!3i1347!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=37114
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
5346be46b69c241b65019e0be9c7ca6bf11833580b6180f3656aaac062f7d73f
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=54
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10647
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2105!3i1348!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=16162
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
f1464f3f747f3dc42286352efb8a1f4386f7d5ec0ee3ca1a8d3f6db07935e4a2
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=49
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11626
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2104!3i1348!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=127573
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
70de081138c09429f5bb345b646abcbe9a3dfccb92f51e9a4cc1b9ca655beae6
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=56
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12571
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2103!3i1348!4i256!2m3!1e0!2sm!3i553276572!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=85950
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
55e5e36d056f481c744966c91fb3771fa90a287fc63322a5b646a9ea00ab5263
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=61
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8173
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2103!3i1345!4i256!2m3!1e0!2sm!3i553276572!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=17735
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
635c61c1fd0646dccdd1c14911334aa9c0d88fe7d1f33a1035515fefd2fbf750
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=64
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18116
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2104!3i1345!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=59358
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
d0a64a40ec124a1f3740a27d7d0d74f328839b315c5a6fecf1011542be46d7f7
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=64
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12034
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2105!3i1345!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=79018
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
2f1cc7c4fafe4da951227d089ace32789e09a4a28c84836b1ee5c92c761c7038
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=35
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3660
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2105!3i1349!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=126281
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
ecf54f4e9d438799a4161772db66aaff36e6583ddd6bd59204e68c56a689698b
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=55
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11886
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2104!3i1349!4i256!2m3!1e0!2sm!3i553276560!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=106621
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
b6f9db87fb9a3ae20b3d8b427998fde9cd5f77eeb86f3440b8fabd2a9274175e
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=43
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9176
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m5!1m4!1i12!2i2103!3i1349!4i256!2m3!1e0!2sm!3i553276572!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e0&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=64998
Requested by
Host: www.hotelt3-billets.ca
URL: https://www.hotelt3-billets.ca/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
a15be267408ddd1e3146690e5b719efd11dff6d41b665ff633c8c94aa527c8e0
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=22222222
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
server-timing
gfet4t7; dur=43
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9667
x-xss-protection
0
expires
Fri, 31 Dec 2021 21:01:13 GMT
vt
maps.googleapis.com/maps/ 		3 KB
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i12!2i2103!3i1345!1m4!1m3!1i12!2i2103!3i1346!1m4!1m3!1i12!2i2103!3i1347!1m4!1m3!1i12!2i2103!3i1348!1m4!1m3!1i12!2i2103!3i1349!1m4!1m3!1i12!2i2104!3i1345!1m4!1m3!1i12!2i2105!3i1345!1m4!1m3!1i12!2i2104!3i1346!1m4!1m3!1i12!2i2104!3i1347!1m4!1m3!1i12!2i2105!3i1346!1m4!1m3!1i12!2i2105!3i1347!1m4!1m3!1i12!2i2104!3i1348!1m4!1m3!1i12!2i2104!3i1349!1m4!1m3!1i12!2i2105!3i1348!1m4!1m3!1i12!2i2105!3i1349!2m3!1e0!2sm!3i553276584!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy5lOmwuaXxwLnY6b2ZmLHMudDo1fHMuZTpnfHAuYzojZmZmZGYzZGV8cC5zOi0zMHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjJ8cy5lOmd8cC5jOiNmZmYzZTVjOHxwLmw6MzV8cC52OnNpbXBsaWZpZWQscy50OjUwfHMuZTpnfHAuYzojZmZmOGUxYjN8cC5sOjcwfHAudjpzaW1wbGlmaWVkLHMudDo0OXxzLmU6Z3xwLmM6I2ZmOTcyNTdifHAuczotNDV8cC5sOjI1fHAudjpzaW1wbGlmaWVkLHMudDo0fHAudjpvZmYscy50OjZ8cy5lOmd8cC5jOiNmZjJkYjJjMnxwLnM6LTMwfHAubDo2MHxwLnY6c2ltcGxpZmllZA!4e3!12m1!5b1&callback=_xdc_._gt3iix&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=91079
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/10/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
paintfe /
Resource Hash
a9a65ffeec678bc78f0c978734c28c2fff2831a3a4248d582326f1345d1f7b7a
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-server-version-bin
CggIBBC4/M6DBg==
server
paintfe
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=22222222
content-disposition
attachment; filename="f.txt"
server-timing
gfet4t7; dur=118
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
818
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:51 GMT
/
www.youtube.com/embed/ Frame F2C5 		29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00094a14616ef93d006cec95ef5f6a296aaf9d07f1f37343046eef42bb48bec5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hotelt3-billets.ca/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=kj5CWfGtFjU; VISITOR_INFO1_LIVE=6pfWgR-A11o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.hotelt3-billets.ca/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 18 Apr 2021 16:10:51 GMT
strict-transport-security
max-age=31536000
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+106; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/e0d06a61/ Frame F2C5 		355 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af519e8dc403523c3eae4761e1266ccde896aca39668ca1e1e8b2486e4d70072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:23:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
42447
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53712
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:23:24 GMT
www-embed-player.js
www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/ Frame F2C5 		184 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2cf5e546a2d6c8aeeba1c9e5e12d7d2ead31a0f403fb095b0415e153704a229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 05:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
37065
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66775
x-xss-protection
0
expires
Mon, 18 Apr 2022 05:53:06 GMT
base.js
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame F2C5 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af336d8d11cf599464400feea639b946743f4289c440c2aa9b95553a311e7db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 04:46:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
41072
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1649914
x-xss-protection
0
expires
Mon, 18 Apr 2022 04:46:19 GMT
fetch-polyfill.js
www.youtube.com/s/player/e0d06a61/fetch-polyfill.vflset/ Frame F2C5 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 03:48:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
44567
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8543
x-xss-protection
0
expires
Mon, 18 Apr 2022 03:48:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2C5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
22033
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:03:38 GMT
id
googleads.g.doubleclick.net/pagead/ Frame F2C5 		113 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f615215444863cd259af8fcac33468b1146103c2f7e78407108d90faf76548b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame F2C5 		29 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:03:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
461
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:18:11 GMT
remote.js
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame F2C5 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
604d02a10c9e776c28d7a9631a306927de98251b72736b5bd8b2284df63c63aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
264085
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32747
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:49:27 GMT
embed.js
www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/ Frame F2C5 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb842642e425e5e5f6dc2081cb23fd9b0358b7486a37c0bd42b64bb9734dc9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 14:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 00:18:36 GMT
server
sffe
age
264075
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7769
x-xss-protection
0
expires
Fri, 15 Apr 2022 14:49:37 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame F2C5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:52 GMT
csi_204
www.youtube.com/ Frame F2C5 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/csi_204?v=2&s=youtube&action=embed&yt_sts=n&is_nav=1&csn=MC4xNzcxNDA0ODIzMzA1NTY0Ng..&yt_vis=1&yt_lt=cold&rc=&st=38&cpn=nKHhg6pBDZlk2RGl&rt=pe.139,srt.56,nreqs.1,nress.56,nrese.56,wffs.61,wffe.68,rsf_pc.59,rse_pc.75,fs.181,ol.265,aft.265,ps.265
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:52 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/44/10/ 		88 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/10/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&libraries=places,geometry&callback=googleMapsLoaded
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34cb7710189df4331cad897ce9dc0de4ce8c5d110a97c4333e510f16fb9011d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 03:28:22 GMT
server
sffe
age
336374
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27154
x-xss-protection
0
expires
Thu, 14 Apr 2022 18:44:38 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
85 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.hotelt3-billets.ca%2F&4sAIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&callback=_xdc_._b32t29&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=79263
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/10/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
b5e727d507882e39eb45a747e4cf7c4a7737d3d4807bd4f59ff2dcaa7e72d8a7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:52 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=20
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		12 KB
929 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/10/util.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ec36baf1b1ab23a05f7fa047952e35b6142f79e623c6854aa40e5839f51f3680
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 18 Apr 2021 14:14:41 GMT
server
ESF
date
Sun, 18 Apr 2021 16:10:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 18 Apr 2021 16:10:52 GMT
transparent.png
maps.gstatic.com/mapfiles/ 		68 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/transparent.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:52 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		170 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		170 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		170 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
google_white5.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/google_white5.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0baca961680cdf231953072b012dec0c8102fcb03a2a99886fa7d72e5f9f0942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1642
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.hotelt3-billets.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
500104
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:48 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.hotelt3-billets.ca
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
500104
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:48 GMT
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		104 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ 		62 B
85 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.hotelt3-billets.ca%2F&3sAIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&7snd8zpd&10e1&callback=_xdc_._cfjsz8&key=AIzaSyBtZ_ReV0X_SCLIYosdhO3ICgvjo4HmjbA&token=98863
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/10/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
0eb02de61e1820a2efa6924f372125ae84415b29c82c85d9f1c078a81412d940
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 18 Apr 2021 16:10:52 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=26
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google_white5.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/google_white5.png
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/10/util.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0baca961680cdf231953072b012dec0c8102fcb03a2a99886fa7d72e5f9f0942
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hotelt3-billets.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 16:10:52 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1642
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:10:52 GMT
log_event
www.youtube.com/youtubei/v1/ Frame F2C5 		28 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/e0d06a61/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/?autoplay=0&rel=0&showinfo=0&suggestedQuality=large&enablejsapi=1&playsinline=1&listType=playlist&list=PLkxnI9K93BlbPNsmV71qfHnpsO3ygwjj9&origin=https%3A%2F%2Fwww.hotelt3-billets.ca&widgetid=1
X-YouTube-Client-Version
1.20210414.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgs2cGZXZ1ItQTExbyiLtPGDBg%3D%3D
X-YouTube-Ad-Signals
dt=1618762251958&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C514%2C289&vis=1&wgl=true&ca_type=image&bid=ANyPxKpwaWVJcrPLbYxcXTDHs4I9uAbRJ7gN8e0u9JkWPqqKjJroNexAJAsa2svN2sjJ2flUUDtoMuhFIjGx05MyQBRV9QxCpw

Response headers

date
Sun, 18 Apr 2021 16:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sun, 18 Apr 2021 16:11:02 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| onSnapchatPageHide function| onSnapchatPageShow string| axel number| a object| __INITIAL_STATE__ number| __BUILD_DATE__ object| Raven object| WASHAREBTN object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Store function| getAC_ID function| goToPage boolean| firstSessionVisit boolean| sonyCookieSetup boolean| dropCookie number| cookieDuration string| cookieName string| cookieValue function| googleMapsLoaded function| App function| Doc object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| module$exports$PolyGeometry object| PolyGeometry object| module$exports$Spherical object| Spherical object| module$exports$PolylineCodec object| PolylineCodec object| powTracker string| GoogleAnalyticsObject function| ga boolean| geoCheckDone function| onYouTubeIframeAPIReady boolean| YTloading object| _xdc_ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey

9 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 6pfWgR-A11o
.youtube.com/ Name: YSC
Value: kj5CWfGtFjU
.doubleclick.net/ Name: IDE
Value: AHWqTUmxZ6ncrsXvYzmhSmOKo469TzJGXTbbidJGdmDy6VSxPJ1OchsCEug4scEfrYQ
.hotelt3-billets.ca/ Name: _gid
Value: GA1.2.2040857587.1618762252
.hotelt3-billets.ca/ Name: _gat
Value: 1
.hotelt3-billets.ca/ Name: _gat_studio
Value: 1
www.hotelt3-billets.ca/ Name: sonyCookie-hotel-transylvania-3-a-monster-vacation-ca_fr
Value: on
.hotelt3-billets.ca/ Name: _ga
Value: GA1.2.1055126448.1618762252
www.hotelt3-billets.ca/ Name: powT_id
Value: 42f817c1-f682-4095-92fb-297a4db63729

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6441505.fls.doubleclick.net
adservice.google.com
adservice.google.de
cdn.ravenjs.com
data.powster.com
dx35vtwkllhj9.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maps.googleapis.com
maps.gstatic.com
static.doubleclick.net
stdata.powster.com
tracking.powster.com
www.google-analytics.com
www.gstatic.com
www.hotelt3-billets.ca
www.youtube.com
172.217.23.102
2600:9000:20e8:2600:1:5424:4140:21
2600:9000:215d:1000:12:a6e8:9040:93a1
2a00:1450:4001:802::2006
2a00:1450:4001:808::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a04:4e42:200::729
52.208.88.117
99.84.156.60
00094a14616ef93d006cec95ef5f6a296aaf9d07f1f37343046eef42bb48bec5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0baca961680cdf231953072b012dec0c8102fcb03a2a99886fa7d72e5f9f0942
0cf2e5bc2b2c489b041685a6d88360b8b696234907e52629dab51deb4763af10
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0eb02de61e1820a2efa6924f372125ae84415b29c82c85d9f1c078a81412d940
12590f1d6a63e66b61843999e433d54cf1d25f335824a7316d9f660292a5d1a8
1d302eb19e2e37ebe27211ef59edadadf7ee10c3a41caafa90db71f8d8a5ca1d
1d39e44c97654457b55157f95b65e8af14f655fdb5319159b8135780f7eee005
1e42926b5a4e1857b80e0228e0648f5a71da0f9b841fa50ab871d078f274850d
2f1cc7c4fafe4da951227d089ace32789e09a4a28c84836b1ee5c92c761c7038
306ca53db6fc90ca7241d690f151bfc8db6b55c8f2de5d878a268fe6e7d3754a
34cb7710189df4331cad897ce9dc0de4ce8c5d110a97c4333e510f16fb9011d4
3ab7115cd542dfda179d7def763f4df3a9c1dd75e3176ad144b37357fb6523c9
3dffeb67a6b322a99970af790515db8a709742c8e8a0c0979db0b25c7dde45fc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40b748887fdf1fd6031ad5656681f0463d61953f6146c3df0d6e25ae1855ba4d
44f6af983bb8ac6c2ad7932b4f2e34afe733e6b0249731bdee1eab73aaf547e7
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4b07a89f5fdd7c126a8b26b2cd3038529e66b18fb27e56ee368b5e0a4f6ddfdd
4b95c72958d6f45f59d7ca03bea8582f7fa30c9f4ffc1812951fc34d931a6382
4bbb4ce5020fc540d07c64b1d15a90ff3e4f88fe349b85d885dbfd093ac13636
4f7c9e80949cb28d77643f8cf5d5776bc25ec719c76a395926c93360462bd20b
5346be46b69c241b65019e0be9c7ca6bf11833580b6180f3656aaac062f7d73f
55e5e36d056f481c744966c91fb3771fa90a287fc63322a5b646a9ea00ab5263
604d02a10c9e776c28d7a9631a306927de98251b72736b5bd8b2284df63c63aa
6129de5b97fd7f7572f3800c87097dd01b6aaa841ee996c9462b4398abe32256
635c61c1fd0646dccdd1c14911334aa9c0d88fe7d1f33a1035515fefd2fbf750
6469efe5e2f90a45ca590e5c7f84afe01f10d76d1a8a1f332b06081ff96f0dcf
668e9e78818224963521b361870271ab8fb69cd93cd47d71809afc925d236470
6830830f3ba5b7720e32d58522fd0cc0e10aa473e5050d6fcd567ed024cf8db1
688787521ed7834cc36e290802e240d5003d419188c265ad7b50e4e2e9128bd9
6a0f8b6aba33c296657bcc8de652cee57c1634e55bc8479bf0f6bb25fa57ab47
6a647a0c3cdf71c5fa9d1d5485f78905cac9e6cc70d4dc09dd994f056a80461e
70de081138c09429f5bb345b646abcbe9a3dfccb92f51e9a4cc1b9ca655beae6
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
7359455b0bdbe693b79b9842614dc35193f90bb1e2bea2d18cb67cd1a3484efe
73a7b181ab7de50597cc8e372484a96c56d637c85d940330ef96aa927f9c2a75
745cd249aa9496dd24c88ae597827d4e82ea76e53eeb890fb85ce2a56a4863d8
75659ae33aa76ed3bfdd5fb481db57481229e1bd34ea88028bf734a569dbfbdc
7573f292f332485fa0522718b017d1735e0caf9faa1b08da01d9578460dd551a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863fd75928da215976eb773b7a5fa8a5b680ed4a2feede49c912fb41c50a99c1
8f70151e18e0b0db02f8156e50f283a8e5123192b218f493b00c04769ea172d8
9597860d23d61f092be7543c5714d0e1dbf18eae058a76c76da64285392b8eb8
9ba02beed7c9b33ae532b349d38e8976b26f92ced2f2437659f368cc78e633e8
9bfebdbffc77cff5f949c4f259e48a0e49983262aff97bc2e0a9ea7372da9333
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a15be267408ddd1e3146690e5b719efd11dff6d41b665ff633c8c94aa527c8e0
a2cf5e546a2d6c8aeeba1c9e5e12d7d2ead31a0f403fb095b0415e153704a229
a9a65ffeec678bc78f0c978734c28c2fff2831a3a4248d582326f1345d1f7b7a
ac98c7b1d8a1740c023c88048386de3be26b5ccd524d4a58cd34d9f17527b9a0
ae00baeb17e96fc251229cf97a46c25ea96c36b0926bd768106508ff4b4fae45
af336d8d11cf599464400feea639b946743f4289c440c2aa9b95553a311e7db4
af519e8dc403523c3eae4761e1266ccde896aca39668ca1e1e8b2486e4d70072
afc52a0e2c382b1439caf69628ee17f094ebc34d732ee4dd1b2e2abbc07a40d3
b5e727d507882e39eb45a747e4cf7c4a7737d3d4807bd4f59ff2dcaa7e72d8a7
b6f9db87fb9a3ae20b3d8b427998fde9cd5f77eeb86f3440b8fabd2a9274175e
cb08248d2c652f71e2b8ae6234b52deb18bad4a5fe9dc2e27ee52b604e0c11ee
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccc291db38afc31c01ee7cea2f23d396deff81e172a6285faa672cca41e6e86a
cfb4009c7da0fa4b900ce7fbba0b79a3dcc30e15b2b28acd72ff682726bb5a43
d09d61d6c07d9cb4743ff2aa2bdc0595af7f56723f79919e19e316d7b76f3aa1
d0a64a40ec124a1f3740a27d7d0d74f328839b315c5a6fecf1011542be46d7f7
d149ef77e4ad82dcda641a0b536570cc9d39cb355e397c2f51b7571a891cf4f8
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d73edb083c9233898ffeaa46c8da7f58f5680e5eeb04e042a567a5b919d06a99
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e02d293f49cef0e969dbe5a04ac9e6b46215896bd97bcb2bd77de829e7bf45e2
e21f21ceee588a5075937d9c86ce41c2035489f6a33e612332919f001f506e43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea27743cd5ebd722faf004476aabe72d47a81b569d2606868ef4c6c6a2e69fe8
ea3a3424497eb1c906f646385dcfe1f9465edd6f5428dc3240063cfccaaf7fa5
ec36baf1b1ab23a05f7fa047952e35b6142f79e623c6854aa40e5839f51f3680
ecf54f4e9d438799a4161772db66aaff36e6583ddd6bd59204e68c56a689698b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1464f3f747f3dc42286352efb8a1f4386f7d5ec0ee3ca1a8d3f6db07935e4a2
f19e80109c6b75e5a71833046247e1c120e9503028def5e62983bc8f97cde6ae
f615215444863cd259af8fcac33468b1146103c2f7e78407108d90faf76548b3
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fb842642e425e5e5f6dc2081cb23fd9b0358b7486a37c0bd42b64bb9734dc9e4
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588