farescraper.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://farescraper.com/
Effective URL:
https://farescraper.com/
Submission: On November 24 via manual (November 24th 2023, 4:18:18 pm UTC) from CA — Scanned from CA

Summary HTTP 108 Redirects Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 25 domains to perform 108 HTTP transactions. The main IP is 2606:4700:20::ac43:4970, located in United States and belongs to CLOUDFLARENET, US. The main domain is farescraper.com. The Cisco Umbrella rank of the primary domain is 358119.
TLS certificate: Issued by E1 on October 28th 2023. Valid for: 3 months.

This is the only time farescraper.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:b84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:20:... 2606:4700:20::ac43:4970	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
10	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1f::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
1	52.203.58.82 52.203.58.82	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:20:... 2606:4700:20::681a:a84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4004:c06::61	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f07... 2a03:2880:f07d:0:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
2	13.32.208.59 13.32.208.59	16509 (AMAZON-02) (AMAZON-02)
1	34.160.64.247 34.160.64.247	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2404:6800:401... 2404:6800:4012:2::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
2	44.209.197.219 44.209.197.219	14618 (AMAZON-AES) (AMAZON-AES)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	54.85.216.242 54.85.216.242	14618 (AMAZON-AES) (AMAZON-AES)
1	18.160.41.58 18.160.41.58	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	15169 (GOOGLE) (GOOGLE)
2	34.102.148.231 34.102.148.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	172.253.63.154 172.253.63.154	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::8b	15169 (GOOGLE) (GOOGLE)
2 2	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c06::67	15169 (GOOGLE) (GOOGLE)
1	2600:9000:207... 2600:9000:2073:4a00:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.84.191.41 99.84.191.41	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.52.204 35.190.52.204	15169 (GOOGLE) (GOOGLE)
11	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	54.224.68.126 54.224.68.126	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
108	40

1 2606:4700:20::681a:b84 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

farescraper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:4970 (United States)

ASN13335 (CLOUDFLARENET, US)

farescraper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

js.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.58.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-58-82.compute-1.amazonaws.com

travel.mediaalpha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a84 (United States)

ASN13335 (CLOUDFLARENET, US)

api.farescraper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504458777722880.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f07d:0:face:b00c:0:3 (Apodaca, Mexico)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.208.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-208-59.iad66.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.64.247 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 247.64.160.34.bc.googleusercontent.com

jsres.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4012:2::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.209.197.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-197-219.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.216.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-216-242.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.41.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-58.iad55.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.148.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.148.102.34.bc.googleusercontent.com

sdk.adara.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.63.154 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::8b (Ashburn, United States) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::8b (Washington, United States)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.211 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::67 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2073:4a00:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.52.204 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.68.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-68-126.compute-1.amazonaws.com

display.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	farescraper.com 1 redirects farescraper.com — Cisco Umbrella Rank: 358119 api.farescraper.com — Cisco Umbrella Rank: 504662	523 KB
15	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.us.criteo.net — Cisco Umbrella Rank: 2999 csm.us.criteo.net — Cisco Umbrella Rank: 2920	62 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	258 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	46 KB
7	sojern.com static.sojern.com — Cisco Umbrella Rank: 15029 pixel.sojern.com — Cisco Umbrella Rank: 8334	29 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	143 KB
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 6212 trc.pushnami.com — Cisco Umbrella Rank: 6504 psp.pushnami.com — Cisco Umbrella Rank: 20857	20 KB
5	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 157 fcmatch.google.com — Cisco Umbrella Rank: 4767 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 366	27 KB
4	adara.com js.adara.com — Cisco Umbrella Rank: 30107 jsres.adara.com sdk.adara.com — Cisco Umbrella Rank: 29222	6 KB
3	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 2842 cat.va.us.criteo.com — Cisco Umbrella Rank: 3136 rtb.va.us.criteo.com — Cisco Umbrella Rank: 6312	44 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	238 KB
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4699	2 KB
2	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 126053 display.ringba.com — Cisco Umbrella Rank: 89047	14 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 353	761 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	61 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 4758	432 B
1	sentry.io o4504458777722880.ingest.sentry.io — Cisco Umbrella Rank: 536601	397 B
1	mediaalpha.com travel.mediaalpha.com — Cisco Umbrella Rank: 138970 Failed	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
108	25

	Domain	Requested by
17	farescraper.com	1 redirects farescraper.com
11	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
10	pagead2.googlesyndication.com	farescraper.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
4	pixel.sojern.com	static.sojern.com
4	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	bat.bing.com	farescraper.com bat.bing.com www.googletagmanager.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	cm.g.doubleclick.net	2 redirects
3	analytics.google.com	www.googletagmanager.com
3	static.sojern.com	farescraper.com static.sojern.com
3	www.googletagmanager.com	farescraper.com www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
2	csm.us.criteo.net	ads.us.criteo.com
2	imageproxy.us.criteo.net	ads.us.criteo.com
2	tag.yieldoptimizer.com	2 redirects
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	2 redirects
2	sdk.adara.com	farescraper.com
2	psp.pushnami.com	farescraper.com
2	trc.pushnami.com	farescraper.com
2	api.pushnami.com	farescraper.com api.pushnami.com
2	connect.facebook.net	farescraper.com connect.facebook.net
2	api.farescraper.com	farescraper.com
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	display.ringba.com	farescraper.com
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	script.hotjar.com	static.hotjar.com
1	www.facebook.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	b-js.ringba.com	farescraper.com
1	www.google.com	tpc.googlesyndication.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	jsres.adara.com	farescraper.com
1	o4504458777722880.ingest.sentry.io	farescraper.com
1	travel.mediaalpha.com	farescraper.com
1	js.adara.com	farescraper.com
1	fonts.googleapis.com	farescraper.com
108	44

This site contains no links.

Subject Issuer	Validity	Valid
farescraper.com E1	`2023-10-28` - `2024-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
data.ibuprom.com.ua GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mediaalpha.com Amazon RSA 2048 M01	`2023-06-11` - `2024-07-09`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-02` - `2023-12-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
*.pushnami.com Amazon RSA 2048 M01	`2023-03-04` - `2024-04-02`	a year	crt.sh
*.adara.com Go Daddy Secure Certificate Authority - G2	`2023-05-31` - `2024-07-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ringba.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-08`	10 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-10` - `2024-02-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2023-12-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-16` - `2024-01-18`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://farescraper.com/
Frame ID: A991AA1D3A48FFF506E0FDC95829D3B2
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 51FF51867FE1C8F8394CAC8850991EAD
Requests: 1 HTTP requests in this frame

Frame: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Frame ID: 4D4127C72C16672C4267E6BC4F00CF55
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&adk=1812271804&adf=3025194257&lmt=1700842692&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842691487&bpp=3&bdt=1058&idt=780&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=2&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=804
Frame ID: 977DC02007624FADA6A37573BD72F936
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.1617505744785288&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842691490&bpp=2&bdt=1060&idt=810&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=815
Frame ID: 0B302BDFF4D6045DF3991336212B7FF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.3214656513841243&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842692155&bpp=1&bdt=1725&idt=154&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=157
Frame ID: 0948691352495679625A4CC0059CA694
Requests: 10 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 4F485711BBBCD7B4323E54CDAE9234B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B3FD6D9C6A9CE03D0705BA6BD30BE4CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5DDBF93EE1129A60D0FBD29E5F7D4B01
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWDMxAAF0-oE0Y7UAA9q53bPrON1MgnZ3ymoWQ&u=%7CpvVtdnLCxDXnXZxD%2FfFnMYOX3%2Bg9M5WGphN8A%2Bn1wPM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989vYtsLAeMaginsaFyMX7kCbFVprdpEyZ_wXykVG51Gq-SYdVcD-r5FPrIy4nXZFj3bXbqKuXW0sNvWVK9pten7o2FzsxS8xiHyQF6WghDSPS0uIaxxjvZB32b072Vf75JcsauEvvivcs6Pkvhi-uo22ca5xi2-p6sWvAPbdzfDIVaqRWbqNwzyY-LkAwcSVPIiTbA8GAQYVvhoRS279q_NVP2yF739PWa-lTHeeCQLMUrDWXdqNvfH87ikumpGe0_PJ5C9QOs9zKVzIRO3UZ1rbrrg6Vt6JN_xRWx2_-HNFPEgqNLdbFTcCdXE09XwTY8kPN-pUTaqyXBJeB2_dzoGfxv22azdKpFEvGe0_xw0f-brf2mrkv4yV2zCFjcAeumLsLFAcA2XqWPWkFzGxfmsP_Svsq91hGvgAwbLzQOs2gZgqy5jVW9nONw6NNQB7jjtKfMr1PCUZ7FTXQPMUY_mkON__uZifgHkxvBL--43gEqwrNPKWwLjXlYk_ogqxM_jjx5RTNrQt4nI4lLDTSiVv70yAl8bcDyOYTK6qi8DNUz3VUyqPTtg0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs5ihxMxgZeqnF9SdxtYP59W9gAecge-wXJKat4ynAcCNtwEQASAAYMkGggEXY2EtcHViLTkwNjgxNDgyNjU1NDkzMjLIAQmoAwHIAwKqBNgBT9BwGSqHwF4j8w0esNsxks4Z1q0fIJQc6WsPdAt8Y4BP50eyPFAoktaMTZPMeLbw-7o0fpt4xWBEmdBpSpUBHMzctg3vuTlW_hLQ3C15XYpxa_Vpav2HopvhX5oTLxIu3cj9Kvzkli9ld6yKun8IijDvVDzepJkp9BI_8YngqxduOO8SX2V2XVTZ6e5ckZjpi4X8QWL21_exfPr5mTgOsFmoVUrX0yq_trQjtDLByS8d_n606WmK7KBHY47gKJoSdgsQ_s5cgKLagTBTIqrKvk03NP876zS9gAaPhN66weHsmQegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3t99IJ3kKo1aBO2NIZRXoCStL-GA%26client%3Dca-pub-9068148265549322%26adurl%3D
Frame ID: 58C03B3441141A547C7BCE374497615A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fare Scraper

Page URL History Show full URLs

http://farescraper.com/ HTTP 301
https://farescraper.com/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

108
Requests

94 %
HTTPS

59 %
IPv6

25
Domains

44
Subdomains

40
IPs

3
Countries

1636 kB
Transfer

4561 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://farescraper.com/ HTTP 301
https://farescraper.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RjD_Xfi6lL3HgARqmE7HLQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&google_gid=CAESEHlKD-WggWd7tfl3pWqYu08&google_cver=1

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_hm=RjD_Xfi6lL3HgARqmE7HLQ&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorA1kZKeLe6uAa-jOU9ZC63UC4qfwJsCjrxk8qNrH3kAIfmCsRfa8SRGA5z2uYOD5ATaJzshdArs-Tq1DvF8C-i0WQ2C61UrlkH7GaShCXKsoO765A HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorA1kZKeLe6uAa-jOU9ZC63UC4qfwJsCjrxk8qNrH3kAIfmCsRfa8SRGA5z2uYOD5ATaJzshdArs-Tq1DvF8C-i0WQ2C61UrlkH7GaShCXKsoO765A

Request Chain 67

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DumqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ HTTP 302
https://pixel.sojern.com/idsync/apn?id=4856699001889385436&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ

Request Chain 68

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=e4c3c416-7e47-4a9d-b728-ca76debef8a3&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ

Request Chain 81

https://tag.yieldoptimizer.com/ps/ps?t=i&p=4801&_yoid=e04b0125-b4a4-4ac9-bcce-81e9831c4a8d&_yosid=b6999652-b6cb-432d-9b67-32172db1dd47&gdpr=&gdpr_consent= HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=537645232&t=i&p=4801&_yoid=e04b0125-b4a4-4ac9-bcce-81e9831c4a8d&_yosid=b6999652-b6cb-432d-9b67-32172db1dd47&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MjAzMDk0MzMxOTQ3Ng&google_sc&gdpr=&gdpr_consent=&

108 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
farescraper.com/
Redirect Chain

http://farescraper.com/
https://farescraper.com/

101 KB
21 KB

478ms
109ms

Document
text/html

2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3d6858378421fa74bac7b89ee42ea526fbc8eced46a9e63368c1f7de61c856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 77052
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 82b2f75ebbd539e3-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 Nov 2023 16:18:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA7QwYSTT8Ja2EtlnsoZyXQlPUyhM6KJ1XiVmivZ%2BhSTBtGXPRNeGIlRxGYYqSPgiIyl0vcFHYEkIJbYdhAcxtrtbiJUbshpLlx7lmWto3gaoQaBMF3xz0jMfO%2FX%2ByOobrKXFCuKhLaj6%2BgcPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: MISS
CF-RAY: 82b2f75af91636fb-YYZ
Cache-Control: max-age=86400
Connection: keep-alive
Content-Type: text/html
Date: Fri, 24 Nov 2023 16:18:09 GMT
Location: https://farescraper.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M309SsGn5D3wgFCfUTSp5jkf4HGqChdRwaYv4WWJRFR7ig6u1tWhj9aoL6QWMVib3Dair%2FptovasPWhYqeMcYM4ZN2SEiL7tzN%2BrHxi6O4lklgwRK7vq8ATP0GNzS43jF8CNRnXULtdFmGsAXA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
2 KB 566ms
155ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&family=Catamaran:wght@400;500;600;700;800&family=Mulish:wght@400;500;600;700;800&display=swap

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41161037de3fd9246b8205f05de9ce340af99e5cf30470168c35e5406f151229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Nov 2023 16:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 16:18:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Nov 2023 16:18:10 GMT

GET
H2 200 0e0b995.js Show response
farescraper.com/_nuxt/ 2 KB
2 KB 125ms
123ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farescraper.com/_nuxt/0e0b995.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee013568a3ac53766077f0022fb0131662708ebfea86c93c22af01922a000b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6997
cf-polished: origSize=2481
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 13:44:52 GMT
server: cloudflare
etag: W/"9b1-18bf22069cf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PEwtu9UeNSCYQnLLTJWRf3Nl4SCo8N1RP9t15uK69ymRFqB2GRsJkskj%2BxD1t4aFPVpdvyNuKTCYNF3ba2F0O3vjGRi7CGynvCOBDzssXRyCKNZgW7lwJ6CCrijMIrielNy%2F0NIpGVO%2BKMRzKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 82b2f75f8d6a39e3-YYZ

GET
H2 200 7a3ba6e.js Show response
farescraper.com/_nuxt/ 1 MB
371 KB 212ms
211ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farescraper.com/_nuxt/7a3ba6e.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f58204e1625903ca8c18556a10e01ab8474673e6a9b1318ce2c2cd2feffe8f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6997
cf-polished: origSize=1191514
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 13:44:25 GMT
server: cloudflare
etag: W/"122e5a-18bf21fff65"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCK8bfU23E666utGuEpxjCHXuBHg9YRcOsQV%2FspqJfANcOI3jVQ%2FHtPMWy8m%2FXWevEz5xzJTfj%2B5SccFIqF0zeUdjFLK7f6u2eAjjjT1rraTK66NIIeVRW%2FCsO6fkiNofpuY4C2qW%2FdTEyZ0sw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 82b2f75f8d6f39e3-YYZ

GET
H2 200 c302b69.js Show response
farescraper.com/_nuxt/ 335 KB
75 KB 137ms
136ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farescraper.com/_nuxt/c302b69.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6e774f74a83cb989d64a64ee033b349ad693ce28ad66dfb156f2e331b059a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6996
cf-polished: origSize=343232
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 13:44:25 GMT
server: cloudflare
etag: W/"53cc0-18bf21fff65"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpngKtSTJQgJvhWtWbum9sVGdaER%2Bwg4%2Fhrs8pdwGnmH4rQZqBUF6PeVh7HXstwvM%2BLH2VW8Uroi1o7fc%2Fj6jJhaRjY7JnGZ%2BX71DxWdU4fn3JiL6TxUiymQuk5CK0QLjgAVRxlhzp0tmq0bzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 82b2f75f8d7439e3-YYZ

GET
H2 200 farescraper.com.png
farescraper.com/images/logos/ 6 KB
7 KB 288ms
287ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/logos/farescraper.com.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ee54290620ede7c496e63a51a3fd89f0f3cb7988709a09d758437c791e5c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6997
content-length: 6406
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 18:06:46 GMT
server: cloudflare
etag: W/"1906-1834254f11e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTOSZrGmhFPPdmiP2Z7qjDGnzdx%2FOjQeSxw%2FXSLFHa3wvW4WpuHYN1cAUatxCdk6NPmdPPDIS%2BJgtfH04caN22uVRzDSBoVsF%2Bo1fLL7%2BiYte7LPNGXkTdnd%2BFbAjopiWuvqFl6WM1DyZPLljA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f75fddf239e3-YYZ

GET
H2 200 lang_en.png
farescraper.com/images/ 953 B
1 KB 291ms
290ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/lang_en.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4079c4dc99543843b8c2a8a61db381c7c98766e7bf1d195863ce58ba56aee5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6997
content-length: 953
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Sep 2022 14:11:18 GMT
server: cloudflare
etag: W/"3b9-182f9645598"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5L1nin1HScKwzEJp92Y%2BU5gOi7XhrBvOTJklxXE2vDPSq8wbns3rV5Y3YL8Q2Eq0kd419G2yP5VramxvrHTMvl7HOFYgGkklEdmXbK9hPz6Rqr2qtY%2BjtVZ8t%2Bl%2BU75291aqNGNfdFK1sGoCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f75fddfd39e3-YYZ

GET
H2 200 lang_es.png
farescraper.com/images/ 817 B
1 KB 290ms
289ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/lang_es.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6440288d7610cedb30f770e89dcbb5f0e74762814f459b10789d6e129c4fb771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6996
content-length: 817
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Sep 2023 03:09:52 GMT
server: cloudflare
etag: W/"331-18ac003da10"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAaVoh9IqTODtCQjiJyNnXoOv7YMh8YqLKL9dq3rQ5ns9GG9TfqevoQKGCTiwVjbJyf1no1xCkWPyGcsSIuT8Cy2RO1XYOGny0Eq9aYDE8%2BEdnGBgkdzaiZyTXNPPhlePK9Kaev2AzS5%2FFi2Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f75fddff39e3-YYZ

GET
H2 200 lang_he.png
farescraper.com/images/ 1 KB
1 KB 289ms
289ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/lang_he.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc12d117be0adf2004cce6ee3eda2e2df0cc7873c43c98cf7304af8cff753192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6996
content-length: 1160
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 13:34:08 GMT
server: cloudflare
etag: W/"488-189075c7a38"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKyc%2FAGhj8ztMWd7dr%2Bxb5jR8mz4jiqnKN%2FuOiWPtRyysIAp0s8n%2B8xgClPeuLSykQoRrrYcrPHtSTpo0Rtm6U6S3YdGk6zs%2BIDXOUy4roVy6pgIFiOsF6ouHW05KecSjGlRfizZAOGAvmBkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f75fde0239e3-YYZ

GET
H2 200 farescraper.com.jpg
farescraper.com/images/heroes/ 23 KB
23 KB 289ms
289ms Image
image/jpeg 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/heroes/farescraper.com.jpg

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b6af627c98ca9b35d46110e4659508b4a802e0315d4c9d8bc09baa7ae0876aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6997
content-length: 23354
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sat, 23 Sep 2023 03:09:52 GMT
server: cloudflare
etag: W/"5b3a-18ac003d9f8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2eJBRBox3XfV9WzLR%2Bp%2FpMHblLxcd2FpkQQJ6A%2B5XY3ZNbcZBGgX0Ns5VNAs2mzPja3g4RPB5fsxL9I39Bt33maUUzSQ7J424nJ%2BPkYfv84WLWecoJD5QglyFm%2F3zuuZYrj7ArwhdfN3UO6uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f75fde0439e3-YYZ

GET
DATA 200
OK truncated
/ 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62b61eb224c8f3d42e76c39e08e383685a352a29bd28ecd0279454320e345349

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rocket-loader.min.js Show response
farescraper.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 267ms
267ms Script
application/javascript 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farescraper.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLFcu1Wzv6SmFrgo3AtkAivBqWtQDh0s8oO12I3gWY8znGUNdjLsRKIXaEE3GstN3Ra%2BsOq3kcd552x3cv8NwbxHc1MJnINV8S8v8ODnVrjXAD5XIso7lV9px4nREd073aq243hru%2F0wifVUTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82b2f7600e5739e3-YYZ
expires: Sun, 26 Nov 2023 16:18:10 GMT

GET
H2 200 index.js Show response
js.adara.com/ 14 KB
5 KB 349ms
79ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.adara.com/index.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7c2a844666a1dcf8427326925ebc0b27cd0993e7fbb4007a7428b6889d888db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Fri, 24 Nov 2023 16:18:11 GMT
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4514
x-served-by: cache-yyz4536-YYZ
last-modified: Wed, 15 Nov 2023 19:35:53 GMT
x-timer: S1700842691.133224,VS0,VE0
etag: "7a4fdb1c89eef06ced71cd23f8505d3f20b7fae69d3b5fa9d654abacb20c4855-br"
vary: x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 8647

GET serve.js
travel.mediaalpha.com/js/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 561ms
164ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9068148265549322

Requested by

Host: farescraper.com
URL: https://farescraper.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8192a870bf859450eae09b8785d99dbf55aee46a773b84b7cffa14e22553b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farescraper.com/
Origin: https://farescraper.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52839
x-xss-protection: 0
server: cafe
etag: 574883860984315379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 16:18:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 599ms
199ms Font
font/woff2 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&family=Catamaran:wght@400;500;600;700;800&family=Mulish:wght@400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://farescraper.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:43:58 GMT
x-content-type-options: nosniff
age: 12853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 12:43:58 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 522ms
122ms Font
font/woff2 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://farescraper.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:43:58 GMT
x-content-type-options: nosniff
age: 12853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 12:43:58 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 665ms
266ms Font
font/woff2 2607:f8b0:4004:c1f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://farescraper.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:43:58 GMT
x-content-type-options: nosniff
age: 12853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 12:43:58 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
136 KB 591ms
188ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9068148265549322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138484
x-xss-protection: 0
server: cafe
etag: 12696593722970998856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 16:18:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 51FF 9 KB
4 KB 516ms
118ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9068148265549322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 49911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 02:26:20 GMT
etag: 16674218716276178799
expires: Fri, 08 Dec 2023 02:26:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 serve.js Show response
travel.mediaalpha.com/js/ 14 KB
5 KB 437ms
117ms Script
application/javascript 52.203.58.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://travel.mediaalpha.com/js/serve.js
Requested by: Host: farescraper.com
URL: https://farescraper.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.58.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-58-82.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 499b3afe636ddb37aaa135596a6bac8847c47058f42e88f374ebc97d6e2b1796

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:11 GMT
content-encoding: gzip
server: Apache
content-length: 4765
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

OPTIONS
H2 204 visitor
api.farescraper.com/api/ Frame 0
0 777ms
294ms Preflight 2606:4700:20::681a:a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.farescraper.com/api/visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://farescraper.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 0
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 82b2f76cdf9939e9-YYZ
date: Fri, 24 Nov 2023 16:18:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zHw5kdSsaQ1WxUpj7OUy1RcsZjWp8ZPyodE8%2F4CxmIgfVTTmpIKHztj6J9IZG%2FmyTj9Zz51%2FwfduttbgbttJ3CMxD%2BINuheLXOLjG8hZQ5yEZaNpqWy6VZvT6l9BWr3zSdmMnTw8E%2Fz%2Fi4O6oeEmko%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 403 / Show response
o4504458777722880.ingest.sentry.io/api/4504458790305792/envelope/ 61 B
397 B 436ms
141ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504458777722880.ingest.sentry.io/api/4504458790305792/envelope/?sentry_key=6bc022dcb9b641cb93b8f3d3115cf68d&sentry_version=7

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
81 KB 631ms
237ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W28VHZT

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0c379a9d7639c0a314da41c78985c639f77ad76ed5621a503ac3940df7c8ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83182
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Nov 2023 16:18:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 548ms
154ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10781792077&l=dataLayer

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

770dd6f6c81dd318c76a35ec300115488287a550c3d2df23e4576e728456a632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73777
x-xss-protection: 0
last-modified: Fri, 24 Nov 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Nov 2023 16:18:12 GMT

POST
H2 200 visitor Show response
api.farescraper.com/api/ 847 B
838 B 257ms
257ms XHR
application/json 2606:4700:20::681a:a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.farescraper.com/api/visitor

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f614996bedcd3501d9eae3ff9f37bd94fff63ebffb0a8368e2d89b86ef414e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=006%2FO5jtbUnujEDiNIzQsXnWLcOTbA7rXsQ4bcH2a3hvPQmWzGoy8FdFGMfqJFn%2FG1gZJ8vuudxMEbWO4PHHNNnrLYLuKHANm3i9fCaZuQkil3g43gB84r1hMgkt%2BRdve4ja1s7uJ1prQOJhSpJNpoY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 82b2f76eab1b39e9-YYZ
x-xss-protection: 1; mode=block

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 685ms
211ms Script
application/x-javascript 2a03:2880:f07d:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/c302b69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Nov 2023 16:18:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vpQVjTqgn4XdQUt3M0KW/qdZJknUMSkXKLXnRskNwzzmj9aN8qVQ5Br92sK2aUIcGQ+H5JDle2ud3MUOujDfSg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 495ms
116ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/c302b69.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 24 Nov 2023 16:18:11 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DEDB9095F0274D86B9203810FE5ED98B Ref B: YTO01EDGE0419 Ref C: 2023-11-24T16:18:12Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 farescraper.com.png
farescraper.com/images/logos/ 6 KB
7 KB 115ms
115ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/logos/farescraper.com.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ee54290620ede7c496e63a51a3fd89f0f3cb7988709a09d758437c791e5c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6999
content-length: 6406
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 18:06:46 GMT
server: cloudflare
etag: W/"1906-1834254f11e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEFXjUa9%2BD6HXbX1tQh%2FVcEUE055F%2Fgc1IxXRi6A%2FKJTJyVSIFtegIuPIpwcz5hBiNqhXDCcUM2f99L%2FX4ZSNMKA1tOTofYpZG9TdVuCuLlCA1qjJyVSAf0BUF%2F4tzGL8JJsK1ybBAV3qcyv0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f769e93d39e3-YYZ

GET
H2 200 lang_en.png
farescraper.com/images/ 953 B
1 KB 127ms
127ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/lang_en.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4079c4dc99543843b8c2a8a61db381c7c98766e7bf1d195863ce58ba56aee5dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6999
content-length: 953
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Sep 2022 14:11:18 GMT
server: cloudflare
etag: W/"3b9-182f9645598"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb%2FVSrs8p7dcP%2BBzV457YRQPCUA%2BFAuj1bc%2FnZu98tfpsc6nxLqdvErAEkewdpNaAO361eDjZ6tpeLk6PvMf5uefwqUG6VS35dI1KHpxuxmDLbgZxsULVFPUaxIPKl4cIdLcCZOiiZE7QZxbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f76a196a39e3-YYZ

GET
H2 200 lang_es.png
farescraper.com/images/ 817 B
1 KB 135ms
135ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/lang_es.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6440288d7610cedb30f770e89dcbb5f0e74762814f459b10789d6e129c4fb771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6998
content-length: 817
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Sep 2023 03:09:52 GMT
server: cloudflare
etag: W/"331-18ac003da10"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv1HlVxbyGAVQhO1YiemJnUU%2F57Dy8OSvzOppHnRTZg5iRQUAAda7naT59Oha0PUWQi%2F0oymlAOgPuRSbT1wSNPEfB0IYRbZAm4FnXf%2BU3%2FnBGSF87qbAZbygNj1G%2FGu%2Bm2AdyoQeBg4a4uHiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f76a196d39e3-YYZ

GET
H2 200 lang_he.png
farescraper.com/images/ 1 KB
1 KB 125ms
125ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/lang_he.png

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc12d117be0adf2004cce6ee3eda2e2df0cc7873c43c98cf7304af8cff753192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6998
content-length: 1160
x-xss-protection: 1; mode=block
last-modified: Thu, 29 Jun 2023 13:34:08 GMT
server: cloudflare
etag: W/"488-189075c7a38"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxrdrV8Fh9P9v7m4MdKA8NMvRwuLNuy2cN0LKvaoWn9VWebuQ7O6TlixSSzEJNKdouwrTQJ3N7fgc45aIfn3QWiPc1l6me9d9lXSe6uc1ClLBFCur0K7Ehg%2Fxcmc%2Bih95%2Fbuv3eu8lLMIBwz%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f76a196e39e3-YYZ

GET
H2 200 vmIiNwUzTn9GRtS8.html Show response
static.sojern.com/cip/p/ Frame 4D41 5 KB
5 KB 389ms
79ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/c302b69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 40bcd8bb1665618eb87711e4b83f7daffc5921614b473daa9b246da989b497ec

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 4762
content-type: text/html
date: Fri, 24 Nov 2023 16:17:18 GMT
etag: "bca25c05f244a559cd0e68820f3b15e7"
expires: Fri, 24 Nov 2023 17:17:18 GMT
last-modified: Fri, 16 Sep 2022 20:36:23 GMT
server: UploadServer
x-goog-generation: 1663360583638702
x-goog-hash: crc32c=9QaUWw== md5=vKJcBfJEpVnNDmiCDzsV5w==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4762
x-guploader-uploadid: ABPtcPp_Zs-f2fMKlAg2wLhNWknZoayj5OmFPLMANkRR_d4a70Lk-OZjivAl6Igo3R7niNFmjYxmMgkp5zsicOnp6hyZ_Q

GET
H2 200 650b4bceceb5bf0013a6b63f Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 89 KB
18 KB 428ms
106ms Script
application/javascript 13.32.208.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/650b4bceceb5bf0013a6b63f
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/c302b69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.208.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-208-59.iad66.r.cloudfront.net
Software: /
Resource Hash: 41f4a9b073a90b9f16c8c73a52ed972d64b4a787866aff919965206305120827

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:10:35 GMT
content-encoding: gzip
via: 1.1 38dd8070a251309a7a889ed78686bb50.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C1
age: 457
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: jQ9F68tgT3gpdl2ZN_HfZXdoBgqssjqCSsGwH_ZHTF0UdBTrkV_k5A==

GET
H2 200 farescraper.com.png
farescraper.com/images/icons/ 3 KB
4 KB 108ms
108ms Image
image/png 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://farescraper.com/images/icons/farescraper.com.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

430779f765de13c002dd5bae0d5f556658e98c1e0aa66749c27cc4cba0380f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2744
content-length: 3405
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Sep 2022 14:11:18 GMT
server: cloudflare
etag: W/"d4d-182f9645598"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNkUbd8WI8KawpU1Vgi1b6b3P2Ygun3UQPVRsasvQ46UhMomvjeS0ZhVSS%2FtnaEfrsP8ktLmaeDGDZh%2F4O3d%2FxXm2eTnYPWqftc6q6aE1%2Fu1Emvf%2BugAbkYJymOigEbWBw7TGOU9NFfKdIZhcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82b2f76a39b039e3-YYZ

GET
H2 200 phones Show response
farescraper.com/api/ 473 B
555 B 379ms
379ms XHR
application/json 2606:4700:20::ac43:4970
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://farescraper.com/api/phones?brand=farescraper

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4970 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bfbd71874c8be62784963f7a4ed6c041d23a50d8e4a98c73aa399cd2841b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9J181qP9ypG7dbiI0I72nB2BsYnN2UC%2F6CjQUwWec7TSOkiI%2FD1Zw5lvRByvU0IVh%2F736xNW%2BgxG3%2BP9Deo2wwS0O70Mtn6K5UUadwWSqqjHE%2B44XDJcxwfWN%2FQwhKUH7aDA8nQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 82b2f76a59ea39e3-YYZ
x-xss-protection: 1; mode=block, 1; mode=block

GET
H2 200 ro.json Show response
jsres.adara.com/tcf/ 130 B
686 B 814ms
145ms Fetch
application/json 34.160.64.247
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jsres.adara.com/tcf/ro.json
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.64.247 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 247.64.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 682d061eef475dd8cf9dd37583abd333338a7f8841799190ba47e709dca45342

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:46:02 GMT
age: 1930
x-guploader-uploadid: ABPtcPrMUwK1yYDGFVwlcu-nywsQSjbxgUFal0TEcc4gnlhM261P_2i0jLOuJIvjZdUoMgRpguGCUs_I4_cLI79Nbb5G2T5cBhyc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130
last-modified: Wed, 22 Nov 2023 17:12:39 GMT
server: UploadServer
etag: "cce89fefbd8e66d8afc7fdec9ec37446"
x-goog-generation: 1700673159746866
x-goog-hash: crc32c=aSzv1Q==, md5=zOif772OZtivx/3snsN0Rg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 130
accept-ranges: bytes
content-type: application/json

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ 56 KB
21 KB 116ms
115ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebe97061681cef9cab75ce4e70092ceee2628c887415f6921fc8f7a9174e1d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 03:16:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21852
x-xss-protection: 0
server: cafe
etag: 8639837483975888457
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 03:16:17 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 977D 0
188 B 200ms
198ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&adk=1812271804&adf=3025194257&lmt=1700842692&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842691487&bpp=3&bdt=1058&idt=780&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=2&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=804

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 16:18:12 GMT
expires: Fri, 24 Nov 2023 16:18:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 141ms
140ms Image
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed%20top-0%20bottom-0%20left-0%20right-0%20z-%5B800%5D%20overflow-auto%20text-left%20whitespace-normal%20bg-alpha-darker&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 143ms
140ms Image
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 142ms
141ms XHR
application/json 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb3fb49952a12a0a54b62259e20766476c1076796d74443edc2be951ec728cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12159
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 0B30 0
0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0948 40 KB
16 KB 844ms
844ms Document
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.3214656513841243&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842692155&bpp=1&bdt=1725&idt=154&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=157

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b22a4960059cf6dc1fbba42ce7eb3701565716441a1c3a8197de206151cf2ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15672
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 16:18:13 GMT
expires: Fri, 24 Nov 2023 16:18:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 1183ms
455ms Ping
image/gif 2404:6800:4012:2::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lpcttoox&c=945407694463974&e=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C21065724%2C31061691%2C31061693&ctx=1&met.3=782.1km~1001.1kl_1__1~164.1kn~165.1kk_4~247.1ko~248.1kp~164.1kp~165.1ko_2~166.1k6_x~247.235~248.235~164.235~165.234_1~1032.268~326.26b_2~832.26e~868.26e~216.268_8~215.268_8~843.266_a~889.26u~639.270~1032.276~326.276~832.276~868.276~216.276_1~215.276_1~889.278~639.27d~1032.27f~326.27f~832.27f~868.27f~216.27f_1~215.27f_1~889.27h~639.27j~243.2am_9~113.2ag_f~112.2ae_h&met.1=1.lpcttmej~6.dt~7.du~8.du~9.du~10.o2~11.eu~12.o3~13.r3~14.sq~15.r7~16.u2~17.126~18.126~19.126~20.126~21.128~22.ti~23.ti&met.7=CBsQCDjgCsABzcPxjAU~CBIQBxgBINUHKNUHMMEMOO0EUNcHWPAKYPoHaPAKcIsMePYLgAHKCYgB3vgBqgEoCiZPcGVuK1NhbnM6d2dodEAzMDA7NDAwOzUwMDs2MDA7NzAwOzgwMLABAbgBA8ABsaC7qQo~CBsQByDVBziJAcABqp67MQ~CBsQByDVBzjcAsABgcCOwgk~CBsQByDVBzjVAcAB5Y_Ltws~CBsQBiCRCDiiAsABr_rg3wg~CBsQBiCRCDikAsAB4tGSygY~CBsQBiCRCDijAsAB4uX2igE~CBsQBiCSCDiiAsABuPTxyQQ~CBsQAiCUCDioAsAB2caI3Aw~CBsQCiCyCDiMAsABpP_c-Q0~CBsQByDeCjiBA8ABmtng4A4~CBsQByDeCjgDwAGz0NyNBQ~CAEQBxgBIN4KKN4KMOIPOIQFUN8KWOwNYIMLaOwNcJAPeJOfA4AB55wDiAH6tAmwAQG4AQPAAd6Ov5sB~CAMQChgBIPQPKPQPMPEVOPwFUPUPWIgTYJkQaIgTcMQUeKC8CIAB9LkIiAHw_xiwAQG4AQPAAYPw5K4C~CCgQBRgBIIcQKIcQMI0UOIYEUIkQWJcTYK0QaJcTcIwUeMIigAGWIIgB8UawAQG4AQPAAev4wPoM~CBsQCiCIEDi2A8ABs9DcjQU~CBsQBiDlFDh0wAGv-uDfCA~CBsQBiDnFDiAAcAB4tGSygY~CBsQBiDoFDiIAcAB4uX2igE~CBsQBiDoFDh-wAG49PHJBA~CBsQBiCTFTh-wAHl66X2CA~CBwQChgBIIUWKIUWMJQXOI8BaIUWcPkWeIitAYAB3KoBiAHIvAOwAQG4AQPAAavD4rgM
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4012:2::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 1090ms
363ms Ping
image/gif 2404:6800:4012:2::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lpcttopg&c=945407694463974&e=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C21065724%2C31061691%2C31061693&ctx=1&met.6=6.1_CgwYwRMg0wEqBAgIEgA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4012:2::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 545ms
146ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 16:18:12 GMT

GET
H2 200 hasher.js Show response
static.sojern.com/cip/ Frame 4D41 18 KB
18 KB 74ms
73ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:09:07 GMT
age: 545
x-guploader-uploadid: ABPtcPppx5LhL-A7Yyr0e1Ci1y49XVwO8mgnQ15tiMqTnMDqw1EpoB975BOFN3H3g_tk2jkaKhVtC3yf3iq01--d54EEtA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Fri, 24 Nov 2023 17:09:07 GMT

GET
H2 200 create_params.js Show response
static.sojern.com/utils/ Frame 4D41 4 KB
4 KB 90ms
90ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:05:02 GMT
age: 790
x-guploader-uploadid: ABPtcPq1j0O2g0sBIgqF97vRAa29MXDwAh2M3wSeOefWw-juTdzY6cHJgF6r5I844X1XSJfuuh1qyk90YMk5-C_JWcrkAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Fri, 24 Nov 2023 17:05:02 GMT

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 4F48 2 KB
1 KB 110ms
109ms Document
text/html 13.32.208.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/650b4bceceb5bf0013a6b63f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.208.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-208-59.iad66.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1537
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Fri, 24 Nov 2023 15:52:35 GMT
vary: accept-encoding
via: 1.1 38dd8070a251309a7a889ed78686bb50.cloudfront.net (CloudFront)
x-amz-cf-id: 57SMjDtU4OaVUimulOflBq5WQhbdZ1jEfy_PeWlLB3Sp-ZmuLK1lxA==
x-amz-cf-pop: IAD66-C1
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 148ms
147ms Fetch
text/html 44.209.197.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.197.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-197-219.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
key: 650b4bceceb5bf0013a6b63f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 24 Nov 2023 16:18:13 GMT
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 2
content-type: text/html; charset=utf-8

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 523ms
181ms Preflight 44.209.197.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.197.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-197-219.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://farescraper.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT

GET
H2 200 hp Show response
pixel.sojern.com/partner/vmIiNwUzTn9GRtS8/ Frame 4D41 3 KB
894 B 424ms
145ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sojern.com/partner/vmIiNwUzTn9GRtS8/hp?p=home&cid=s%3Dccid_client%7Cp%3Dhome%7Cccid%3Dc7e76fb1-cb9a-4640-88a1-b2c9b338de82&ccid=farescraper.com%2F%3Ac7e76fb1-cb9a-4640-88a1-b2c9b338de82&s=ccid_client&pt=HOME_PAGE&et=
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: d20a3030d47c6ac8b23210e635a46089dd9e6e8196e4c7d5b6ecac03e715b76c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 565

GET
H2 204 5680016.js Show response
bat.bing.com/p/action/ 0
118 B 116ms
115ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5680016.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 24 Nov 2023 16:18:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0F89E1E958EB4636BECC25CF99222F69 Ref B: YTO01EDGE0419 Ref C: 2023-11-24T16:18:12Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
359 B 168ms
168ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5680016&Ver=2&mid=2b0d8afe-14d5-4778-b740-279805d8800f&sid=10a900608ae511eea8b27b57b0e16355&vid=10a8f5408ae511eeac5f31fccfb4d8b8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Fare%20Scraper&p=https%3A%2F%2Ffarescraper.com%2F&r=&lt=1376&evt=pageLoad&sv=1&rn=98166

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 Nov 2023 16:18:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60102E5F06854B6E95ABD9D6CB17C0B0 Ref B: YTO01EDGE0419 Ref C: 2023-11-24T16:18:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
222 B 130ms
130ms Fetch
text/html 54.85.216.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.216.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-216-242.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
key: 650b4bceceb5bf0013a6b63f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://farescraper.com
date: Fri, 24 Nov 2023 16:18:13 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 572ms
206ms Preflight
application/json 54.85.216.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.216.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-216-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://farescraper.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://farescraper.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 24 Nov 2023 16:18:13 GMT
vary: accept-encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 134ms
133ms Script
application/javascript 2607:f8b0:4004:c06::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J9KYCFB9EV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W28VHZT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7475763cac13366f27a510f31c05064de9331e4ee4fc9a656c03a24d1888dcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Nov 2023 16:18:12 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 119ms
118ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W28VHZT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 24 Nov 2023 16:18:12 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1808CB15FCFD4F1B975BC07DDF67C483 Ref B: YTO01EDGE0419 Ref C: 2023-11-24T16:18:12Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 hotjar-2668478.js Show response
static.hotjar.com/c/ 9 KB
4 KB 551ms
178ms Script
application/javascript 18.160.41.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2668478.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W28VHZT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.41.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-41-58.iad55.r.cloudfront.net

Software

Resource Hash

b77820d42f9a2f9f84c8633c57e406e621fcc4a922f1eee328c8c3b2c92b78b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 69d1fa5e076e71f2d4b957dec774cb8a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P1
etag: W/04a143f5fd0b0bc7946cfbc8025d1573
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ccUB7WSHRd4K85cmRy2kFyB9GugQLE5fhLpPKlBXNvOiwFCpBfr0YQ==

GET
H2 200 504803438038183 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 249ms
248ms Script
application/x-javascript 2a03:2880:f07d:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/504803438038183?v=2.9.138&r=stable&domain=farescraper.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59b163edb35ed0e221c00c55bdc8fa93f1f6f08ae5bee990d48315279e9daa15

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Nov 2023 16:18:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2mhAMjzHBsdow4DXJCmKVTeUVtXaPEjGuPWSgDx49LynkQOpjshqU35EOcpqA26inFKubi16zzNrfMdOyIOhkg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 598ms
186ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-J9KYCFB9EV&gtm=45je3b81v885509101z8849018346&_p=1700842692087&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=628305905.1700842692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700842693&sct=1&seg=0&dl=https%3A%2F%2Ffarescraper.com%2F&dt=Fare%20Scraper&en=page_view&_fv=1&_ss=1&tfd=3600
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J9KYCFB9EV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farescraper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 616ms
203ms Ping
text/plain 2607:f8b0:4004:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J9KYCFB9EV&cid=628305905.1700842692&gtm=45je3b81v885509101z8849018346&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J9KYCFB9EV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farescraper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 api Show response
sdk.adara.com/ 16 B
98 B 111ms
110ms Fetch
text/plain 34.102.148.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api?gdpr=&gdpr_consent=
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.148.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.148.102.34.bc.googleusercontent.com
Software: /
Resource Hash: fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce

Request headers

Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
X-Adara-Key: YzUwYjhlN2UtYTA2OC00YmViLWE2NzEtNTk5YzFmOTc3ZDdk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 google
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: X-Adara-Key
content-length: 16

OPTIONS
H2 200 api
sdk.adara.com/ Frame 0
0 431ms
148ms Preflight 34.102.148.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.adara.com/api?gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.148.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.148.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-adara-key
Access-Control-Request-Method: POST
Origin: https://farescraper.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: X-Adara-Key
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 google

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 576ms
186ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-J9KYCFB9EV&gtm=45je3b81v885509101&_p=1700842692087&gcd=11l1l1l1l1&dma=0&cid=628305905.1700842692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700842693&sct=1&seg=0&dl=https%3A%2F%2Ffarescraper.com%2F&dt=Fare%20Scraper&en=scroll&epn.percent_scrolled=90&_et=10&tfd=3623
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J9KYCFB9EV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farescraper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 4D41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RjD_Xfi6lL3HgARqmE7HLQ&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&google_gid=CAESEHlKD-WggWd7tfl3pWqYu08&google_cver=1

42 B
283 B

100ms
99ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&google_gid=CAESEHlKD-WggWd7tfl3pWqYu08&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&google_gid=CAESEHlKD-WggWd7tfl3pWqYu08&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 4D41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=RjD_Xfi6lL3HgARqmE7HLQ&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDorA1kZKeLe6uAa-jOU9ZC63UC4qfwJsCjrxk8qNrH3kAIfmCsRfa8SRGA5z2uYOD5ATaJzshdArs-Tq1DvF8C-i0WQ2C61UrlkH7GaShCXKsoO765A
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorA1kZKeLe6uAa-jOU9ZC63UC4qfwJsCjrxk8qNrH3kAIfmCsRfa8SRGA5z2uYOD5ATaJzshdArs-Tq1DvF8C-i0WQ2C61UrlkH7GaShCXKsoO765A

170 B
432 B

632ms
223ms

Image
image/png

2607:f8b0:4004:c1b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorA1kZKeLe6uAa-jOU9ZC63UC4qfwJsCjrxk8qNrH3kAIfmCsRfa8SRGA5z2uYOD5ATaJzshdArs-Tq1DvF8C-i0WQ2C61UrlkH7GaShCXKsoO765A

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82

Protocol

Server

2607:f8b0:4004:c1b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:14 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorA1kZKeLe6uAa-jOU9ZC63UC4qfwJsCjrxk8qNrH3kAIfmCsRfa8SRGA5z2uYOD5ATaJzshdArs-Tq1DvF8C-i0WQ2C61UrlkH7GaShCXKsoO765A
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

apn
pixel.sojern.com/idsync/ Frame 4D41
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DumqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ
https://pixel.sojern.com/idsync/apn?id=4856699001889385436&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ

42 B
59 B

97ms
97ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=4856699001889385436&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Protocol: H3
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
an-x-request-uuid: 5701fe28-087b-4655-bde1-4c0a0a1cc69d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pixel.sojern.com/idsync/apn?id=4856699001889385436&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ
x-proxy-origin: 70.25.255.186; 70.25.255.186; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/ Frame 4D41
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=e4c3c416-7e47-4a9d-b728-ca76debef8a3&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ

42 B
276 B

99ms
99ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=e4c3c416-7e47-4a9d-b728-ca76debef8a3&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/p/vmIiNwUzTn9GRtS8.html?p=home&ccid=c7e76fb1-cb9a-4640-88a1-b2c9b338de82
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://pixel.sojern.com/idsync/ttd?id=e4c3c416-7e47-4a9d-b728-ca76debef8a3&sjrn_id=umqEfGtwpQT3eBK5iNZHAJ250vqcWZcZlCKo1rQm2WJt9DxYwwZ0leD2Xf8JBUxZ
date: Fri, 24 Nov 2023 16:18:13 GMT
server: Kestrel
content-length: 327

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B3FD 13 KB
5 KB 135ms
134ms Document
text/html 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 16:03:04 GMT
expires: Sat, 23 Nov 2024 16:03:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5DDB 829 B
1 KB 565ms
159ms Document
text/html 2607:f8b0:4004:c06::67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::67 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee55a50d3462881eaacc8bb3e172d2050037f634c54625c801ab72674f88c4ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3M37cmH-RBhTZwf76LJRrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://farescraper.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3M37cmH-RBhTZwf76LJRrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 16:18:13 GMT
expires: Fri, 24 Nov 2023 16:18:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 CA3062dd8755954fc3a95653c2e825135d Show response
b-js.ringba.com/ 13 KB
13 KB 624ms
151ms Script
text/html 2600:9000:2073:4a00:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CA3062dd8755954fc3a95653c2e825135d
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/c302b69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2073:4a00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c18ef97cc46c59809141b4810711c1c8c9154424d302655f1af6fc81faafa176

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:14:13 GMT
via: 1.1 966a4e45512437c14125c564c492a2d6.cloudfront.net (CloudFront)
x-aspnet-version: 4.0.30319
x-amz-cf-pop: IAD50-C2
age: 241
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-length: 13212
x-runtime: 0.0000
server: Microsoft-IIS/10.0
access-control-max-age: 300
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public
x-amz-cf-id: ef0afM6RUUbo3KOCKjseHQQrkV0cOgkspK1aauDrhp7RkwGIUfOcAA==
expires: Fri, 24 Nov 2023 16:19:11 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 58C0 123 KB
44 KB 618ms
157ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZWDMxAAF0-oE0Y7UAA9q53bPrON1MgnZ3ymoWQ&u=%7CpvVtdnLCxDXnXZxD%2FfFnMYOX3%2Bg9M5WGphN8A%2Bn1wPM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989vYtsLAeMaginsaFyMX7kCbFVprdpEyZ_wXykVG51Gq-SYdVcD-r5FPrIy4nXZFj3bXbqKuXW0sNvWVK9pten7o2FzsxS8xiHyQF6WghDSPS0uIaxxjvZB32b072Vf75JcsauEvvivcs6Pkvhi-uo22ca5xi2-p6sWvAPbdzfDIVaqRWbqNwzyY-LkAwcSVPIiTbA8GAQYVvhoRS279q_NVP2yF739PWa-lTHeeCQLMUrDWXdqNvfH87ikumpGe0_PJ5C9QOs9zKVzIRO3UZ1rbrrg6Vt6JN_xRWx2_-HNFPEgqNLdbFTcCdXE09XwTY8kPN-pUTaqyXBJeB2_dzoGfxv22azdKpFEvGe0_xw0f-brf2mrkv4yV2zCFjcAeumLsLFAcA2XqWPWkFzGxfmsP_Svsq91hGvgAwbLzQOs2gZgqy5jVW9nONw6NNQB7jjtKfMr1PCUZ7FTXQPMUY_mkON__uZifgHkxvBL--43gEqwrNPKWwLjXlYk_ogqxM_jjx5RTNrQt4nI4lLDTSiVv70yAl8bcDyOYTK6qi8DNUz3VUyqPTtg0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs5ihxMxgZeqnF9SdxtYP59W9gAecge-wXJKat4ynAcCNtwEQASAAYMkGggEXY2EtcHViLTkwNjgxNDgyNjU1NDkzMjLIAQmoAwHIAwKqBNgBT9BwGSqHwF4j8w0esNsxks4Z1q0fIJQc6WsPdAt8Y4BP50eyPFAoktaMTZPMeLbw-7o0fpt4xWBEmdBpSpUBHMzctg3vuTlW_hLQ3C15XYpxa_Vpav2HopvhX5oTLxIu3cj9Kvzkli9ld6yKun8IijDvVDzepJkp9BI_8YngqxduOO8SX2V2XVTZ6e5ckZjpi4X8QWL21_exfPr5mTgOsFmoVUrX0yq_trQjtDLByS8d_n606WmK7KBHY47gKJoSdgsQ_s5cgKLagTBTIqrKvk03NP876zS9gAaPhN66weHsmQegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3t99IJ3kKo1aBO2NIZRXoCStL-GA%26client%3Dca-pub-9068148265549322%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.3214656513841243&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842692155&bpp=1&bdt=1725&idt=154&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8b8f395da8b535a63ce8fb78ef5cbd27c0e4a7221971a6d1ff5822eed37d55d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 16:18:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=AsEd7a2nQFI5sx0G9GcZg18TNQSrYpH9GPcybdIAiLcF3Zju9iDCfDZDKUYsOjNODFRJO4B7k2O1PsuYeU7D0qV_burpuWVke-F9_4TpCtuKrq27pR6pvHAflCkAKrE7bWjtjfrGCQtHqzMnddHAVqklkqn25aAHbJSBfX8MitklXgI8AlgU_phSOFqEm43nSmIxGuoQGt0iD51G6NR2iq3PthShDQZAF3boe82hcr6EzCOtdZlzbomDsoLjxqp1y-TIDA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 35873503
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0948 3 KB
1 KB 121ms
120ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41869
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 04:40:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0948 20 KB
9 KB 114ms
113ms Script
text/javascript 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 06:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0948 202 KB
64 KB 545ms
141ms Script
text/javascript 2607:f8b0:4004:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Nov 2023 16:18:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 643ms
222ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=504803438038183&ev=PageView&dl=https%3A%2F%2Ffarescraper.com%2F&rl=&if=false&ts=1700842693229&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700842693228.799716645&ler=empty&it=1700842692909&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 Nov 2023 16:18:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B3FD 39 KB
15 KB 117ms
116ms Script
text/javascript 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 12:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 12:58:05 GMT

GET
DATA 200
OK truncated
/ Frame 0948 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c6973655d30cbcaa18b71041526de2529a5165fb2d9f4a389701a33f595ab9f

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 438ms
123ms Script
application/javascript 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2668478.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ca8d1424de70ce439236d37048e65f54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 94628
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9d6-P6BmfUnCPzLyxdrJOWul_eDCESfPGj8YshV6DQEhdVgNsXjltA==

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame B3FD 0
40 B 112ms
111ms Image
text/plain 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?h3FY_g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel Show response
cm.g.doubleclick.net/
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=4801&_yoid=e04b0125-b4a4-4ac9-bcce-81e9831c4a8d&_yosid=b6999652-b6cb-432d-9b67-32172db1dd47&gdpr=&gdpr_consent=
https://tag.yieldoptimizer.com/ps/ps?tc=537645232&t=i&p=4801&_yoid=e04b0125-b4a4-4ac9-bcce-81e9831c4a8d&_yosid=b6999652-b6cb-432d-9b67-32172db1dd47&gdpr=&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MjAzMDk0MzMxOTQ3Ng&google_sc&gdpr=&gdpr_consent=&

170 B
243 B

115ms
114ms

Fetch
image/png

172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MjAzMDk0MzMxOTQ3Ng&google_sc&gdpr=&gdpr_consent=&

Protocol

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=MjAzMDk0MzMxOTQ3Ng&google_sc&gdpr=&gdpr_consent=&
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5DDB 0
0 140ms
140ms Image
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=945407694463974&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 58C0 2 KB
1 KB 548ms
144ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZWDMxAAF0-oE0Y7UAA9q53bPrON1MgnZ3ymoWQ&u=%7CpvVtdnLCxDXnXZxD%2FfFnMYOX3%2Bg9M5WGphN8A%2Bn1wPM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989vYtsLAeMaginsaFyMX7kCbFVprdpEyZ_wXykVG51Gq-SYdVcD-r5FPrIy4nXZFj3bXbqKuXW0sNvWVK9pten7o2FzsxS8xiHyQF6WghDSPS0uIaxxjvZB32b072Vf75JcsauEvvivcs6Pkvhi-uo22ca5xi2-p6sWvAPbdzfDIVaqRWbqNwzyY-LkAwcSVPIiTbA8GAQYVvhoRS279q_NVP2yF739PWa-lTHeeCQLMUrDWXdqNvfH87ikumpGe0_PJ5C9QOs9zKVzIRO3UZ1rbrrg6Vt6JN_xRWx2_-HNFPEgqNLdbFTcCdXE09XwTY8kPN-pUTaqyXBJeB2_dzoGfxv22azdKpFEvGe0_xw0f-brf2mrkv4yV2zCFjcAeumLsLFAcA2XqWPWkFzGxfmsP_Svsq91hGvgAwbLzQOs2gZgqy5jVW9nONw6NNQB7jjtKfMr1PCUZ7FTXQPMUY_mkON__uZifgHkxvBL--43gEqwrNPKWwLjXlYk_ogqxM_jjx5RTNrQt4nI4lLDTSiVv70yAl8bcDyOYTK6qi8DNUz3VUyqPTtg0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs5ihxMxgZeqnF9SdxtYP59W9gAecge-wXJKat4ynAcCNtwEQASAAYMkGggEXY2EtcHViLTkwNjgxNDgyNjU1NDkzMjLIAQmoAwHIAwKqBNgBT9BwGSqHwF4j8w0esNsxks4Z1q0fIJQc6WsPdAt8Y4BP50eyPFAoktaMTZPMeLbw-7o0fpt4xWBEmdBpSpUBHMzctg3vuTlW_hLQ3C15XYpxa_Vpav2HopvhX5oTLxIu3cj9Kvzkli9ld6yKun8IijDvVDzepJkp9BI_8YngqxduOO8SX2V2XVTZ6e5ckZjpi4X8QWL21_exfPr5mTgOsFmoVUrX0yq_trQjtDLByS8d_n606WmK7KBHY47gKJoSdgsQ_s5cgKLagTBTIqrKvk03NP876zS9gAaPhN66weHsmQegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3t99IJ3kKo1aBO2NIZRXoCStL-GA%26client%3Dca-pub-9068148265549322%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 58C0 2 KB
1 KB 548ms
144ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 58C0 308 B
636 B 600ms
198ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 58C0 293 B
621 B 601ms
199ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 58C0 43 B
348 B 489ms
188ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=AjTKWfffgEuq0bdCRWnXhgqArmJFWhinIdlVv1xB_RPN6my724uO-XI_UID6_KFgTtucNtXuiCAiggQpBAQRwwBX6scEOcYgwbB4EvlQmVEr2gplHzKT9rS1_kMAuWofRPDK-5uJ0SIBiGVQjigkyutdaT5UO9YDf40A-apF22QgfL1dTAd7TcBepsBiyHXfe99XhOULlNela7Ku4G1gZMpkTEixcqreTlXpp5qko1v8-7LqLjUj0ZCfJY27xAJgKZTeki9Z46d5v-ljZmN9PdumWto35dR3sf3F_1Gdvrjsu5Y9v4lpeKSRyihOgjLBxVCYUip0eLsR8g4q099c56VX6DAu9GU1OsOfdFLcRE3uEWHtXGNWozgy--ZUs6YHromMKq54GDqRSyyFqvKjuE6b7z-LP7KKRcbmvQHEbmq67a9I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3280634
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 58C0 12 KB
5 KB 494ms
109ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2017241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnKaFlty2eU9ba7aP6dhRz4EZfl4pV8VkYW55mDiciOwdKB3UdMOA1I61FrNxqgDq4DM7bw2GQqZ5UGTO4MlPGBoMHHVKA0LyXvZS%2BAi6IyeUGgeRbWyUBPo0CuOsXuHB0vfaaCehYpv7HgXVG77bj6r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82b2f77a5b05a204-YYZ
expires: Wed, 13 Nov 2024 16:18:14 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 58C0 12 KB
6 KB 189ms
189ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 58C0 5 KB
5 KB 546ms
145ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=101353&q=80&r=0&u=https%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F101353%2F230214%2F8ccbd93215994669803e26f0921c8425_logo_colorset_2_vertical.png&v=3&w=196&rid=4&s=4WCM1bLAizeUG-VV0NrUh-XT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

100e0deec40fcdf4150a2ac5d2db405b3f7fc8f737f58eebd5408a08bce6fdaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5212
expires: Mon, 28 Oct 2024 00:57:34 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 58C0 11 KB
11 KB 599ms
198ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=101353&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fhydrow%2Fimage%2Fupload%2Ff_auto%2Fw_2000%2Fq_90%2Fv1666281667%2FPDP%2FHydrowOG%2Fhpv9yk29syhwd73bcjtp-2.png&v=3&w=800&rid=4&s=xRKQXXJ8VoHq3YqemYdzE-zu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

57318419ac5833d9d09e076098209f234c8f498cb74ebdcd64b77876373109ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
timing-allow-origin: *
content-length: 11392
expires: Mon, 27 Nov 2023 15:07:10 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 58C0 0
128 B 655ms
193ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=AsEd7a2nQFI5sx0G9GcZg18TNQSrYpH9GPcybdIAiLcF3Zju9iDCfDZDKUYsOjNODFRJO4B7k2O1PsuYeU7D0qV_burpuWVke-F9_4TpCtuKrq27pR6pvHAflCkAKrE7bWjtjfrGCQtHqzMnddHAVqklkqn25aAHbJSBfX8MitklXgI8AlgU_phSOFqEm43nSmIxGuoQGt0iD51G6NR2iq3PthShDQZAF3boe82hcr6EzCOtdZlzbomDsoLjxqp1y-TIDA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Nov 2023 16:18:14 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 58C0 2 KB
1 KB 162ms
161ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 58C0 2 KB
1 KB 136ms
135ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 280ms
279ms Ping
image/gif 2404:6800:4012:2::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~lpcttoph&c=945407694463974&e=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C21065724%2C31061691%2C31061693&ctx=1&met.6=6.1_Cg0Y4yIgNCoGCAYSAhAB
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4012:2::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 142ms
142ms Image
text/html 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=945407694463974&bg=!ycqlyoXNAAZxrfrxUa07ADQBe5WfOLUE0byhHVnmZ1tZOZ_ESywFKz_MTZj8eSmdlUrQLiwTgFxKWc3lUreWRdSQm3CGAgAAAE5SAAAAA2gBBwoAZC27Ahgx_FlWn-2QJRo50q2G6L6y7FDCd51ruQlYL67Z7aOIP4Hp2YtWM8QN3RmhvgJmsqnJH8UWutexLLE5UVjWJKFsw9xms1bkJtmu6yL2-qRy9i5V5cAkr7t4oeI04f46akyZArhTq4dweg8ike_cuvhtssuT3QrFKwtSFrviP6VUsp2K2N5SEWwZD-QY0zY81-h295n13_a3YuJUNKNKSwGuWYmMbn2StZ_t4mW9NfsGOU0GwTtl3RTP73e5Ox_gdC0HTceYbSuPcv-gSUXJgn3q8VpyyIr3Ayr2SRvartNnQ8_Kn026ZOZjxFehPcAY681hEV53lO_Rs965-YiXLojBnBHQ496gQnwZItMxIT4-IYusxg0NBaXkj4uq1UUdsJWUxICxGfHLJRpuKdM-Nxyy9geXDkToqLMJ-AcXUYmrA4E9lz1Z6lVXcraZ05dqdDNuvhTxQJ0YDSuEPZiD5L5iQpwR8jSXYlTVeBBzKMmpyQOAj0cwsYy-Ob84RxD95tXrL8ww3pB7JoJ5H70waQpEh4NdsHIYcRvEmL8-ibsa2E3oMz_T6y-ZZcM1iuQ479LZMIv9bRJJ98Q96wjBmD8_0lYpJDKK7mrntK1tjEXzGk-L1NV-edszmWkWq9lKgalT2mJAAbKiamwragRMdJOD5T6KgMVZf-coZr7tDIDnZFmtCOeeV5gLTGGPWqKJV6zy6Hp5O8EOMLDU7H3Jn9v2V0tZK5a8vXQa68U1WO-DPUvlCB4cCEaBl5xVSHYbNB_Xh0-BGoxlU7qEsBVHnt8hwz3tAiUDD5clW7IxiS6ACKIj0b8XurOyc3LP-qcUojb3iVoYdhyn8bxp-yeC-yiRrmJJ04xT14RmTmMcaEoGzUlD85nrdijSv_cdMqTX4skZwiGoi78WBwbaYgoFK6iIsDvVJGOG5eXBM_h8aMsxJAM6zi7Eps6PWIH71iQ_7XnXFqkzNEh7ByEBruSgSlUnGp7u0dcSPvlJBNE7BbxAq-u12qR6jSHn1p-9f5ht8cY_Vj4Y536BdlaHrDTNi1MBAewmWQ3H_hKMLOI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

POST
H/1.1 200
OK gnbulk Show response
display.ringba.com/v2/nis/ 394 B
780 B 547ms
96ms XHR
application/json 54.224.68.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ringba.com/v2/nis/gnbulk
Requested by: Host: farescraper.com
URL: https://farescraper.com/_nuxt/7a3ba6e.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.68.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-68-126.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ba763e1db1ebba54d042d43f47e98d6afba23e2863b40fb901bf9bfc9aca638

Request headers

Referer: https://farescraper.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 24 Nov 2023 16:18:13 GMT
X-Runtime: 0.0020
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Max-Age: 300
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://farescraper.com
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 394
Expires: -1

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 58C0 2 KB
842 B 123ms
123ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 58C0 2 KB
841 B 177ms
177ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0948 42 B
64 B 146ms
145ms Fetch
image/gif 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWSSWcz4WHX6_tWLNJgY0-PZbvIugxsMRYtb7xkaBCw3aBI3aOxnVYKkWOLPk0vMGr6RtQik82xYQSVgirufZAu1z_H_THcxgPUZC41L_9IxD6Tn7Hag&sig=Cg0ArKJSzNcPF5lNkS-uEAE&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3218245532&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700842692313&rpt=1633&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 58C0 0
127 B 182ms
181ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Nov 2023 16:18:14 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 58C0 15 KB
16 KB 667ms
219ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.us.criteo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:15 GMT

GET
H2 200 roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 58C0 15 KB
16 KB 562ms
180ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin: https://ads.us.criteo.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-3df4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 18 Nov 2024 16:18:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0948 0
19 B 153ms
152ms Image
text/html 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7K0xxMxgZeqnF9SdxtYP59W9gAecge-wXJKat4ynAcCNtwEQASAAYMkGggEXY2EtcHViLTkwNjgxNDgyNjU1NDkzMjLIAQmoAwHIAwKqBNUBT9BwGSqHwF4j8w0esNsxks4Z1q0fIJQc6WsPdAt8Y4BP50eyPFAoktaMTZPMeLbw-7o0fpt4xWBEmdBpSpUBHMzctg3vuTlW_hLQ3C15XYpxa_Vpav2HopvhX5oTLxIu3cj9Kvzkli9ld6yKun8IijDvVDzepJkp9BI_8YngqxduOO8SX2V2XVTZ6e5ckZjpi4X8QWL21_exfPr5mTgOsFmoVUrX0yq_trQjtDLByS9f_F4mL9RhlimsXFpsEX22xwQ49-BERDkp-7manLTmpszzoMbcgAaPhN66weHsmQegBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTkwNjgxNDgyNjU1NDkzMjIYAA&sigh=LT0tfBaaQpI&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNPFPw1GZNg0V-9AMXLL8D68QFeTpHc_FvFZd_RTXgSzFu6dyYUKrc6ufyoP-NnSkKkAf5v0X1hOzqpZbR1sNG2sG4d0gP-PYMzhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.3214656513841243&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842692155&bpp=1&bdt=1725&idt=154&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Nov 2023 16:18:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 0948 0
126 B 686ms
222ms Image
text/plain 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfDFdv5RLAJmALiIp0XAgAAAKtgc5vlgHUdEMPMYGVbBgrRJEe1qnF7AAASAAAKCkFRVUJDZ0VCQ2c&wp=ZWDMxAAF0-oE0Y7UAA9q53bPrON1MgnZ3ymoWQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:18:16 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 251164
server: Kestrel
content-length: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 0948 64 KB
24 KB 101ms
95ms Script
text/javascript 172.253.63.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f154.1e100.net

Software

cafe /

Resource Hash

25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 15:51:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1618
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24357
x-xss-protection: 0
server: cafe
etag: 17020722232796629264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Nov 2023 16:51:18 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0948 0
17 B 278ms
278ms Ping
image/gif 2404:6800:4012:2::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lpcttrvc&chm=1&ctx=2&gqid=xMxgZei3FrKNyQPs-JzgCg&qqid=COqZ_uOE3YIDFdSO0QQd52oPcA&met.4=fb.ns~lb.rg~ol.35b~bdt.-1gb~bpp.-4d~idt.-4~dtd.-1~dt.-4e&met.3=492.nw_1~492.nx~113.39e_5~112.39a_9&met.1=1.lpcttom1~6.1~7.1~8.1~9.1~10.1~12.1~13.nh~14.p1~15.nk~16.19w~17.19w~18.19w~19.35a~20.35a~21.35b~22.rv~23.rv&met.7=CAUQCBgBMIUHOO8faAFwzQZ45HyAAbh6iAHWvQKwAQG4AQM~CBsQBSDeBjjgEw~CB4QChgBIN8GKN8GMN8HOIABaOAGcNkHeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIN8GKN8GMNgHOHlo4AZw0gd4iUWAAd1CiAHwoQGwAQG4AQM~CCoQChgBIIUHKIUHMJoMOJUFUIgHWJkKYK4HaJkKcKYLeNr-A4ABrvwDiAHd0AywAQG4AQM~CCAQBBgBINYUKNYUMOgVOJIBaNcUcOgVeNYCgAEqiAEqsAEBuAED~CCEQBhgBIL4aKL4aMNkbOJoBaL8acNgbeKwCsAEBuAED~CBsQBiC_GjivBQ~CCgQChgBIPAfKPAfMPogOIoBaPYfcNUgeNHAAYABpb4BiAH__gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4012:2::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 121ms
120ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-J9KYCFB9EV&gtm=45je3b81v885509101z8849018346&_p=1700842692087&gcd=11l1l1l1l1&dma=0&cid=628305905.1700842692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1700842693&sct=1&seg=0&dl=https%3A%2F%2Ffarescraper.com%2F&dt=Fare%20Scraper&en=scroll&ep.event_trigger=custom&_et=7&tfd=8624
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J9KYCFB9EV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://farescraper.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Nov 2023 16:18:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://farescraper.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: travel.mediaalpha.com
URL: https://travel.mediaalpha.com/js/serve.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.1617505744785288&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842691490&bpp=2&bdt=1060&idt=810&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=815

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
farescraper.com/	1970-01-20 16:37:27	Name: entryId Value: c7e76fb1-cb9a-4640-88a1-b2c9b338de82
.farescraper.com/	1970-01-20 16:28:49	Name: _uetsid Value: 10a900608ae511eea8b27b57b0e16355
.farescraper.com/	1970-01-21 01:48:58	Name: _uetvid Value: 10a8f5408ae511eeac5f31fccfb4d8b8
.farescraper.com/	1970-01-20 18:36:58	Name: _gcl_au Value: 1.1.1655892135.1700842693
.bing.com/	1970-01-21 01:48:58	Name: MUID Value: 2FC05709A959642D00FA44DAA8736570
.bat.bing.com/	1970-01-20 16:37:27	Name: MR Value: 0
.farescraper.com/	1970-01-21 02:03:22	Name: _ga Value: GA1.1.628305905.1700842692
.farescraper.com/	1970-01-21 01:12:58	Name: _yoid Value: e04b0125-b4a4-4ac9-bcce-81e9831c4a8d
.farescraper.com/	1969-12-31 23:59:59	Name: _yosid Value: b6999652-b6cb-432d-9b67-32172db1dd47
.sojern.com/	1970-01-20 16:37:27	Name: adh Value: 1
.farescraper.com/	1970-01-21 02:03:22	Name: _ga_J9KYCFB9EV Value: GS1.1.1700842693.1.0.1700842693.60.0.0
.farescraper.com/	1970-01-20 18:36:58	Name: _fbp Value: fb.1.1700842693228.799716645
.farescraper.com/	1970-01-21 01:48:58	Name: __gads Value: ID=7d9eb6f0b4f6e75f:T=1700842692:RT=1700842692:S=ALNI_MZqO0Oh0OJu3O-bZ2E_MI-NoCkz-A
.farescraper.com/	1970-01-21 01:48:58	Name: __gpi Value: UID=00000da3a5b2fd8b:T=1700842692:RT=1700842692:S=ALNI_Mb4AIm5-dctPj2dWeO__aeI6H6xuw
.doubleclick.net/	1970-01-21 02:03:22	Name: IDE Value: AHWqTUlpzWtiEi7Hz7B9KlMlGf5LWVKua0oyOeTTHKWiUn9Cu9HONEos72viBr_eljM
.adsrvr.org/	1970-01-21 01:14:25	Name: TDID Value: e4c3c416-7e47-4a9d-b728-ca76debef8a3
.adnxs.com/	1970-01-20 18:36:58	Name: uuid2 Value: 4856699001889385436
.sojern.com/	1970-01-21 01:12:58	Name: gid Value: CAESEHlKD-WggWd7tfl3pWqYu08
.sojern.com/	1970-01-21 01:12:58	Name: cid Value: 4630ff5d-f8ba-94bd-c780-046a984ec72d#1700784000000
.adsrvr.org/	1970-01-21 01:14:25	Name: TDCPM Value: CAEYBSABKAIyCwiKkPqG9sS2PBAFOAE.
.sojern.com/	1970-01-20 17:10:34	Name: ttdid Value: e4c3c416-7e47-4a9d-b728-ca76debef8a3
.sojern.com/	1970-01-20 18:36:58	Name: apnid Value: 4856699001889385436
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: cktst Value: 537645232
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: ckid Value: 2030943319476
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: dph Value: %7B%22t%22%3A%5B130576%5D%2C%22dp%22%3A%5B4801%5D%7D
.yieldoptimizer.com/	1970-01-21 01:12:58	Name: ph Value: %7B%22p%22%3A%5B39%5D%2C%22t%22%3A%5B130576%5D%7D
.farescraper.com/	1970-01-21 01:12:58	Name: _hjSessionUser_2668478 Value: eyJpZCI6IjExMmYyYTk5LTgwMGItNWYyZC1hNjdmLTNjOTU1NzkxOWRlZCIsImNyZWF0ZWQiOjE3MDA4NDI2OTQ1NDksImV4aXN0aW5nIjpmYWxzZX0=
.farescraper.com/	1970-01-20 16:27:24	Name: _hjFirstSeen Value: 1
.farescraper.com/	1970-01-20 16:27:24	Name: _hjIncludedInSessionSample_2668478 Value: 0
.farescraper.com/	1970-01-20 16:27:24	Name: _hjSession_2668478 Value: eyJpZCI6ImY0Nzg1ZjE4LWY2NGQtNGE3NS1iOTM0LWNiZTNhZDZhMWMxNCIsImNyZWF0ZWQiOjE3MDA4NDI2OTQ1NTAsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.farescraper.com/	1970-01-20 16:27:24	Name: _hjAbsoluteSessionInProgress Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://o4504458777722880.ingest.sentry.io/api/4504458790305792/envelope/?sentry_key=6bc022dcb9b641cb93b8f3d3115cf68d&sentry_version=7 Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: https://farescraper.com/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9068148265549322&output=html&h=280&slotname=5620342470&adk=3218245532&adf=674549957&pi=t.ma~as.5620342470&w=1200&fwrn=4&fwrnh=100&lmt=1700842692&rafmt=1&format=1200x280&url=https%3A%2F%2Ffarescraper.com%2F&ea=0&region=page-0.3214656513841243&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700842692155&bpp=1&bdt=1725&idt=154&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4537642219104&rume=1&frm=20&pv=1&ga_vid=628305905.1700842692&ga_sid=1700842692&ga_hid=476760300&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=474&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809317%2C31078301%2C44807764%2C44808149%2C44808285%2C44809054%2C21065724%2C31061691%2C31061693&oid=2&pvsid=945407694463974&tmod=1992511262&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=157 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
analytics.google.com
api.farescraper.com
api.pushnami.com
b-js.ringba.com
bat.bing.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
csm.us.criteo.net
display.ringba.com
farescraper.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imageproxy.us.criteo.net
js.adara.com
jsres.adara.com
match.adsrvr.org
o4504458777722880.ingest.sentry.io
pagead2.googlesyndication.com
pixel.sojern.com
psp.pushnami.com
rtb.va.us.criteo.com
script.hotjar.com
sdk.adara.com
securepubads.g.doubleclick.net
static.criteo.net
static.hotjar.com
static.sojern.com
stats.g.doubleclick.net
tag.yieldoptimizer.com
tpc.googlesyndication.com
travel.mediaalpha.com
trc.pushnami.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
googleads.g.doubleclick.net
travel.mediaalpha.com
107.178.244.119
13.32.208.59
151.101.1.195
172.253.63.154
18.160.41.58
2001:4860:4802:32::181
2404:6800:4012:2::2003
2600:9000:2073:4a00:4:1957:6500:93a1
2606:4700:20::681a:a84
2606:4700:20::681a:b84
2606:4700:20::ac43:4970
2606:4700::6811:190e
2607:f8b0:4004:c06::61
2607:f8b0:4004:c06::67
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c08::9a
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c1b::8b
2607:f8b0:4004:c1d::5f
2607:f8b0:4004:c1d::84
2607:f8b0:4004:c1d::9c
2607:f8b0:4004:c1f::5e
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::9
2620:1ec:c11::200
2a03:2880:f07d:0:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.102.148.231
34.120.195.249
34.160.64.247
35.190.52.204
35.244.188.9
44.209.197.219
52.203.58.82
52.223.40.198
54.224.68.126
54.85.216.242
68.67.181.211
74.119.119.147
99.84.191.41
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
100e0deec40fcdf4150a2ac5d2db405b3f7fc8f737f58eebd5408a08bce6fdaa
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ba763e1db1ebba54d042d43f47e98d6afba23e2863b40fb901bf9bfc9aca638
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4079c4dc99543843b8c2a8a61db381c7c98766e7bf1d195863ce58ba56aee5dc
40bcd8bb1665618eb87711e4b83f7daffc5921614b473daa9b246da989b497ec
41161037de3fd9246b8205f05de9ce340af99e5cf30470168c35e5406f151229
41f4a9b073a90b9f16c8c73a52ed972d64b4a787866aff919965206305120827
430779f765de13c002dd5bae0d5f556658e98c1e0aa66749c27cc4cba0380f3b
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
499b3afe636ddb37aaa135596a6bac8847c47058f42e88f374ebc97d6e2b1796
4c6973655d30cbcaa18b71041526de2529a5165fb2d9f4a389701a33f595ab9f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57318419ac5833d9d09e076098209f234c8f498cb74ebdcd64b77876373109ec
59b163edb35ed0e221c00c55bdc8fa93f1f6f08ae5bee990d48315279e9daa15
5c6e774f74a83cb989d64a64ee033b349ad693ce28ad66dfb156f2e331b059a1
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62b61eb224c8f3d42e76c39e08e383685a352a29bd28ecd0279454320e345349
6440288d7610cedb30f770e89dcbb5f0e74762814f459b10789d6e129c4fb771
682d061eef475dd8cf9dd37583abd333338a7f8841799190ba47e709dca45342
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7475763cac13366f27a510f31c05064de9331e4ee4fc9a656c03a24d1888dcf4
770dd6f6c81dd318c76a35ec300115488287a550c3d2df23e4576e728456a632
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7c2a844666a1dcf8427326925ebc0b27cd0993e7fbb4007a7428b6889d888db6
7c8192a870bf859450eae09b8785d99dbf55aee46a773b84b7cffa14e22553b5
87bfbd71874c8be62784963f7a4ed6c041d23a50d8e4a98c73aa399cd2841b60
8b8f395da8b535a63ce8fb78ef5cbd27c0e4a7221971a6d1ff5822eed37d55d3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b6af627c98ca9b35d46110e4659508b4a802e0315d4c9d8bc09baa7ae0876aa
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b22a4960059cf6dc1fbba42ce7eb3701565716441a1c3a8197de206151cf2ae0
b6ee54290620ede7c496e63a51a3fd89f0f3cb7988709a09d758437c791e5c1f
b77820d42f9a2f9f84c8633c57e406e621fcc4a922f1eee328c8c3b2c92b78b4
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
c18ef97cc46c59809141b4810711c1c8c9154424d302655f1af6fc81faafa176
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce3d6858378421fa74bac7b89ee42ea526fbc8eced46a9e63368c1f7de61c856
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0c379a9d7639c0a314da41c78985c639f77ad76ed5621a503ac3940df7c8ea9
d20a3030d47c6ac8b23210e635a46089dd9e6e8196e4c7d5b6ecac03e715b76c
dc12d117be0adf2004cce6ee3eda2e2df0cc7873c43c98cf7304af8cff753192
dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe97061681cef9cab75ce4e70092ceee2628c887415f6921fc8f7a9174e1d6b
ee013568a3ac53766077f0022fb0131662708ebfea86c93c22af01922a000b15
ee55a50d3462881eaacc8bb3e172d2050037f634c54625c801ab72674f88c4ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f58204e1625903ca8c18556a10e01ab8474673e6a9b1318ce2c2cd2feffe8f30
f614996bedcd3501d9eae3ff9f37bd94fff63ebffb0a8368e2d89b86ef414e3b
f8f69294cb3228695da3ba9b677db613089da1f680cc7daba635881b6e6554af
fb1bf528d8237aac3e9ead389ab246ba0068f61fe281610110937ef2b8adefce
fb3fb49952a12a0a54b62259e20766476c1076796d74443edc2be951ec728cab

farescraper.com Open in urlscan Pro 2606:4700:20::ac43:4970 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

59 %IPv6

25 Domains

44 Subdomains

40 IPs

3 Countries

1636 kBTransfer

4561 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

farescraper.com Open in urlscan Pro
2606:4700:20::ac43:4970 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

59 %
IPv6

25
Domains

44
Subdomains

40
IPs

3
Countries

1636 kB
Transfer

4561 kB
Size

34
Cookies

108 HTTP transactions
2 data transactions