urlscan.io logo urlscan.io
SecurityTrails logo

www.bookingbuddy.com Open in urlscan Pro
2.19.34.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://e.bookingbuddy.com/redirect/?vv=2&q=eJx1T0trAjEQ_jWbWyWvyeOQQ0W8lLag9dJL0SRrQ91ENruK_74TofRQCsPM933zPjthtADNSXWSBMc...
Effective URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%...
Submission: On December 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 69 HTTP transactions. The main IP is 2.19.34.65, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is www.bookingbuddy.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 30th 2019. Valid for: 3 months.
This is the only time www.bookingbuddy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 23.203.91.208 16625 (AKAMAI-AS)
1 6 2.19.34.65 20940 (AKAMAI-ASN1)
1 104.108.40.189 16625 (AKAMAI-AS)
1 23.210.249.164 16625 (AKAMAI-AS)
1 52.57.76.10 16509 (AMAZON-02)
4 143.204.90.242 16509 (AMAZON-02)
1 52.2.9.17 14618 (AMAZON-AES)
1 35.244.174.68 15169 (GOOGLE)
1 63.34.164.219 16509 (AMAZON-02)
7 104.108.57.29 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.203.173.113 14618 (AMAZON-AES)
7 216.58.207.66 15169 (GOOGLE)
1 172.217.21.226 15169 (GOOGLE)
1 104.108.68.242 16625 (AKAMAI-AS)
1 2 185.34.188.113 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
69 24
13    23.203.91.208 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-203-91-208.deploy.static.akamaitechnologies.com
e.bookingbuddy.com
landers-static.smartertravel.com
tds.travelsmarter.net
tls.travelsmarter.net
cs.travelsmarter.net
6    2.19.34.65 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-65.deploy.static.akamaitechnologies.com
www.bookingbuddy.com
p.travelsmarter.net
1    104.108.40.189 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-40-189.deploy.static.akamaitechnologies.com
cdn-3.convertexperiments.com
1    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    52.57.76.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-76-10.eu-central-1.compute.amazonaws.com
aghutv.com
4    143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net
c.amazon-adsystem.com
1    52.2.9.17 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-2-9-17.compute-1.amazonaws.com
idx.liadm.com
1    35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 68.174.244.35.bc.googleusercontent.com
api.rlcdn.com
1    63.34.164.219 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-34-164-219.eu-west-1.compute.amazonaws.com
match.adsrvr.org
7    104.108.57.29 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-57-29.deploy.static.akamaitechnologies.com
c.evidon.com
1    2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    52.203.173.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-203-173-113.compute-1.amazonaws.com
l.betrad.com
7    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
1    172.217.21.226 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net
www.googleadservices.com
1    104.108.68.242 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-68-242.deploy.static.akamaitechnologies.com
locations.smartertravel.net
2    185.34.188.113 (Netherlands)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: bookingbuddy.com.ssl.sc.omtrdc.net
sstats.bookingbuddy.com
1    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
5    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
3    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
3    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
Domain Requested by
9 landers-static.smartertravel.com www.bookingbuddy.com
landers-static.smartertravel.com
7 c.evidon.com www.bookingbuddy.com
c.evidon.com
6 securepubads.g.doubleclick.net www.googletagservices.com
landers-static.smartertravel.com
securepubads.g.doubleclick.net
www.bookingbuddy.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bookingbuddy.com
cdn.ampproject.org
5 www.bookingbuddy.com 1 redirects landers-static.smartertravel.com
4 l.betrad.com www.bookingbuddy.com
4 c.amazon-adsystem.com www.bookingbuddy.com
landers-static.smartertravel.com
3 cdn.ampproject.org securepubads.g.doubleclick.net
3 www.google.com www.bookingbuddy.com
securepubads.g.doubleclick.net
3 www.googletagservices.com landers-static.smartertravel.com
securepubads.g.doubleclick.net
2 pagead2.googlesyndication.com
2 sstats.bookingbuddy.com 1 redirects www.bookingbuddy.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.google.de www.bookingbuddy.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 locations.smartertravel.net landers-static.smartertravel.com
1 www.googleadservices.com www.googletagmanager.com
1 cs.travelsmarter.net landers-static.smartertravel.com
1 p.travelsmarter.net landers-static.smartertravel.com
1 pubads.g.doubleclick.net www.bookingbuddy.com
1 www.googletagmanager.com www.bookingbuddy.com
1 tls.travelsmarter.net landers-static.smartertravel.com
1 tds.travelsmarter.net landers-static.smartertravel.com
1 match.adsrvr.org js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 idx.liadm.com js-sec.indexww.com
1 aghutv.com www.bookingbuddy.com
1 js-sec.indexww.com www.bookingbuddy.com
1 cdn-3.convertexperiments.com www.bookingbuddy.com
1 e.bookingbuddy.com 1 redirects
69 31

This site contains links to these domains. Also see Links.

Domain
www.jetsetter.com
www.avoyatravel.com
Subject Issuer Validity Valid
www.smartertravel.com
Let's Encrypt Authority X3		 2019-10-30 -
2020-01-28		 3 months crt.sh
*.convertexperiments.com
DigiCert SHA2 Secure Server CA		 2019-02-17 -
2020-05-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
aghutv.com
Amazon		 2019-08-05 -
2020-09-05		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.liadm.com
Amazon		 2019-01-25 -
2020-02-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.evidon.com
DigiCert ECC Secure Server CA		 2019-02-01 -
2020-05-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
l.betrad.com
Go Daddy Secure Certificate Authority - G2		 2019-04-25 -
2021-06-24		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
sstats.bookingbuddy.com
DigiCert SHA2 High Assurance Server CA		 2019-06-01 -
2020-09-03		 a year crt.sh
www.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Frame ID: 0374E118D90026602F79BA80948C7D49
Requests: 56 HTTP requests in this frame

Frame: https://p.travelsmarter.net/api/usersync/sync.html?api_key=WreE2ft7R86obF0cG0hHFQ&publisher_browser_id=049817a1-7e0f-4cc4-97bd-a0f6cc57f453&publisher_user_id=RBM2K83ZSR&cb=1576608906644
Frame ID: EF095663126B1DD6889E4A8E9A28830A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnjR_Y7pl-8sfF39ComRaQHEWUF3rbUbnr90up3WSii-B1IrhUHkHatr5X2UOXW3Qo4ATZTvzBcrMMAT8HqYCUyTS7fLzVe4y3CARYTJpfiVp13sMiXk8T0qinsbL0QHUpihDmU0MbbcVEYXqAdCYUTvzQfaFUE93Sh48zU4-Il1gKwntAVjwDsNa6i1iAiLxdUNaeZ9teq6hl2-2k9kStl6vcQJY7UmGcdA9syexj_3AOlChn5e4eMRxvFHC_wJvJDlcWHiLj8TzG95tVrVhESUouaG5cUqRA5rsWjnTDNRtoH6z8dgGrTbuZ-g&sai=AMfl-YSyCj4FZTjYg2L9uxeBYwwZ2Ic7JGArFy1aeCTiSWTU-2FOs1uHTuiFelM_xiLAYzOl4hf-D0kOAaGGnmretBxung0zYdNY4bA1r4T0D8r9uG-Qry-Vk0FFTWxS0ls&sig=Cg0ArKJSzAOtfnxGDtZ2EAE&adurl=
Frame ID: 99A44C75D7E825DCBB3710F9CC0A662E
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: C26FACED00AAAE1D3DE47508A62DF072
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://e.bookingbuddy.com/redirect/?vv=2&q=eJx1T0trAjEQ_jWbWyWvyeOQQ0W8lLag9dJL0SRrQ91ENruK_74TofRQCsP... HTTP 302
    http://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&n... HTTP 302
    https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&n... Page URL

Page Statistics

69
Requests

100 %
HTTPS

35 %
IPv6

21
Domains

31
Subdomains

24
IPs

5
Countries

1802 kB
Transfer

4706 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://e.bookingbuddy.com/redirect/?vv=2&q=eJx1T0trAjEQ_jWbWyWvyeOQQ0W8lLag9dJL0SRrQ91ENruK_74TofRQCsPM933zPjthtADNSXWSBMcs44wyRSVQbS2ZHCWz2yyf-ZMR79sNuThPTu6U6lQXh1K-Uj4e5hBuC18GMjgwXIIGRbIDpjW1UpLoOr3sOK_RT6lkRJ14RB_KEOuUfBP0ihT3OU3ne2qNdr1e_yxAOeaH3RZjvx9jxQhacKUEtCax9vM4xuxvnVjttquOqzKmY8pIX1_ekIa2MO_vZ6C2aSUzot8HUcin6YLaHX34ivDnlY5DO-9fp2qZRx9bh0U2-BQQc6q1adPaKEaSs4x4B9KaQCWLCqwO0LOehb0BkMANg8C_AbGXcf4 HTTP 302
    http://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1 HTTP 302
    https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/s24434979861042?AQB=1&ndh=1&pf=1&t=17%2F11%2F2019%2019%3A55%3A6%202%20-60&fid=3C7242EDD70F5D72-3E4748ACE4161966&vmt=485017AC&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=NP_Fare_Details_Route&g=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&cc=USD&ch=air&v0=59&v7=59&v9=59&v22=NP_Fare_Details_Route&v24=air&v25=NP_Fare_Details_Route&v38=en-US&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/s24434979861042?AQB=1&pccr=true&vidn=2EFC9245053139C0-6000012EA0004846&&ndh=1&pf=1&t=17%2F11%2F2019%2019%3A55%3A6%202%20-60&fid=3C7242EDD70F5D72-3E4748ACE4161966&vmt=485017AC&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=NP_Fare_Details_Route&g=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&cc=USD&ch=air&v0=59&v7=59&v9=59&v22=NP_Fare_Details_Route&v24=air&v25=NP_Fare_Details_Route&v38=en-US&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bookingbuddy.com/en-US/fares/57326635/
Redirect Chain
  • http://e.bookingbuddy.com/redirect/?vv=2&q=eJx1T0trAjEQ_jWbWyWvyeOQQ0W8lLag9dJL0SRrQ91ENruK_74TofRQCsPM933zPjthtADNSXWSBMcs44wyRSVQbS2ZHCWz2yyf-ZMR79sNuThPTu6U6lQXh1K-Uj4e5hBuC18GMjgwXIIGRbIDpjW1Up...
  • http://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
  • https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
114 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-65.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash
858407cb0f460a5061db9875a4c887e0cbe3f62da25be6654ef9754b397475f2
Security Headers
Name Value
Strict-Transport-Security max-age=0 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Host
www.bookingbuddy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
Content-Encoding
gzip
Content-Language
en-US
P3p
policyref="http://www.bookingbuddy.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMo DEVo PSAo PSDo IVAo IVDo CONo OUR DELa OTRa IND COM NAV"
Server
Skipper
Strict-Transport-Security
max-age=0 ; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-Xss-Protection
1; mode=block
Content-Length
25747
Expires
Tue, 17 Dec 2019 18:55:06 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 17 Dec 2019 18:55:06 GMT
Connection
keep-alive

Redirect headers

Content-Length
0
Location
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Server
Skipper
Date
Tue, 17 Dec 2019 18:55:05 GMT
Connection
keep-alive
10025026-10024557.js
cdn-3.convertexperiments.com/js/ 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-3.convertexperiments.com/js/10025026-10024557.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.40.189 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-40-189.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
38156720f5bb8461553c4ea6364eb5e93cf7f0665df5dbd2e495bcbb47237c3d

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Dec 2019 18:55:06 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=79
Connection
keep-alive
Content-Length
61142
X-Privacy-Policy
You can find our privacy policy at https://www.convert.com/privacy-notice/
icons-data-svg.css
landers-static.smartertravel.com/v458.0/css/ 		403 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landers-static.smartertravel.com/v458.0/css/icons-data-svg.css
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
701b7e52de00780c275462d0bfb1e4e2c25073385e35d0ef5ead531b78a5d8d0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 05 Dec 2019 15:38:29 GMT
server
AmazonS3
x-amz-request-id
1E2EFE52E62DC68E
etag
"adb7a265e0ed2687f87010fe6da8ecc3"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=49939
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
x-amz-id-2
OWedGDZ57KSRAnLLfyyJhF5+WWx5JPZM6jV6+3rm+EuAalZ2MJR83AaM5j7ocbvjCksKy73COpE=
187903-230233970765074.js
js-sec.indexww.com/ht/p/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187903-230233970765074.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a633a20f4d3b371a109b6e9d2c9b2278327b5362791055d641c7f155348addb

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Dec 2019 18:55:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Dec 2019 22:16:15 GMT
Server
Apache
ETag
"da43b4-19037-599d98f5aadf6"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3138
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
31285
Expires
Tue, 17 Dec 2019 19:47:24 GMT
serve.js
aghutv.com/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aghutv.com/js/serve.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.76.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-76-10.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
16997996bf0d12e3b625a2685ad586fa76bfb86ad1b276183748ea8a9f83916f

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
server
Apache
content-length
4107
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
tabBrowsing.css
landers-static.smartertravel.com/v458.0/css/page/ 		278 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landers-static.smartertravel.com/v458.0/css/page/tabBrowsing.css
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
396474839f2a70c184547e7c3f558969a2feb1d2275ca5f945ae087488acc4ec

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 05 Dec 2019 15:38:29 GMT
server
AmazonS3
x-amz-request-id
826AC96A4303F26F
etag
"c6b268003fc02fad917d5691eb09feea"
vary
Accept-Encoding
content-type
text/css
status
200
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
43282
x-amz-id-2
bKQewSxPUsCOywuFqvEvq5H6XJRQywiYD7utr/jWTA+B5U1lkfbtKKKx+wMlpImj1gVn8ojkm0g=
tabBrowsing-page.js
landers-static.smartertravel.com/v458.0/js/ 		2 MB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
60482aaf2ddce94152f2825d227d34130bc5276bda81138993f95847390094c6

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 05 Dec 2019 15:38:35 GMT
server
AmazonS3
x-amz-request-id
AE6CAA27861E593D
etag
"0778e1e700ac42ca3a092a7f0478ba2d"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=49964
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
x-amz-id-2
uZ8W1eazs7cKjGkqZVxcQNichnHVluC7UR5mTA7BXYm6ldi/1PUFx6l7Njw8E9cJfXWy0EryjH0=
apstag.js
c.amazon-adsystem.com/aax2/ 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 16:30:20 GMT
content-encoding
gzip
server
Server
age
8686
etag
6bed68e25cc35021d570267b56047ef8
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
YpRaSlFNfWz9Di8oFOkQyWKkTKH6Hevv4OLkp3rvneFJPjMfVi747g==
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
idx
idx.liadm.com/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idx
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187903-230233970765074.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.9.17 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-2-9-17.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.bookingbuddy.com
Date
Tue, 17 Dec 2019 18:55:06 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
identity
api.rlcdn.com/api/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187903-230233970765074.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers
rid
match.adsrvr.org/track/ 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187903
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187903-230233970765074.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.164.219 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-34-164-219.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c46115bc4d67fce150f998d559507cdcdfbc39022dac83439ec5855f779523f

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bookingbuddy.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Thu, 16 Jan 2020 18:55:06 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
09c12eac1631e9848e71f1474fd5eb51e9c57c4c6825c60d109b3fcd86e311cf

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
13619
last-modified
Wed, 11 Dec 2019 22:20:46 GMT
server
AkamaiNetStorage
etag
"fb9234d038482555c929d8b46e2a4e8a:1576102846.327093"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 18 Dec 2019 18:55:06 GMT
country.js
c.evidon.com/geo/ 		260 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9a5637d760ace9a9700f1c5bc5c476e4d603dc7a9d68724f816d30814a376172

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
last-modified
Wed, 30 May 2018 22:22:39 GMT
server
AkamaiNetStorage
access-control-allow-origin
etag
"8d3bb7b8708f6911ebe937e111b09ec4:1527718959"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
status
200
accept-ranges
bytes
access-control-allow-headers
*
content-length
260
snthemes.js
c.evidon.com/sitenotice/1402/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1402/snthemes.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d0d378f718cdfe07950cd3defc61cde457cb233ec22a93c9ac0ce26a1a676a13

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
2571
last-modified
Mon, 16 Dec 2019 15:22:05 GMT
server
AkamaiNetStorage
etag
"9d23983663292d18c2d5341771cec423:1576509725.323162"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 18 Dec 2019 18:55:06 GMT
settings.js
c.evidon.com/sitenotice/1402/bookingbuddy/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1402/bookingbuddy/settings.js
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
720cfdb4f6d93e66951fd68576aa189af2a3a7134cfc4ddb7dc8063e4904da83

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
1990
last-modified
Mon, 09 Dec 2019 18:26:09 GMT
server
AkamaiNetStorage
etag
"74e5f28af1a25ba81bb96c1c988b834b:1575915969.152564"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 18 Dec 2019 18:55:06 GMT
WreE2ft7R86obF0cG0hHFQ
tds.travelsmarter.net/api/user_snapshot/apikey/ 		35 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tds.travelsmarter.net/api/user_snapshot/apikey/WreE2ft7R86obF0cG0hHFQ?location_lookup=true&publisher_browser_id=049817a1-7e0f-4cc4-97bd-a0f6cc57f453
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash
bdb3df895f32ff91a2b717208524e4976764ff4301266602077edd05e3a1bae3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
server
Skipper
status
200
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
content-length
48
WreE2ft7R86obF0cG0hHFQ
tls.travelsmarter.net/api/label_service/apikey/ 		34 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tls.travelsmarter.net/api/label_service/apikey/WreE2ft7R86obF0cG0hHFQ?publisher_browser_id=049817a1-7e0f-4cc4-97bd-a0f6cc57f453
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash
841298bd31b4b7ed89e5d58b3ee63fbbd51dc3ee0ba20f472525ffe7aadd1c1f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
server
Skipper
status
200
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
*
content-length
49
/
www.bookingbuddy.com/service-api/fareServiceProxy/fare/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bookingbuddy.com/service-api/fareServiceProxy/fare/?currency=USD&destination=ORD&id=57326635&origin=ONT&sources=-2%2C-3%2C0
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-65.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
32cf9974553405eee9be807b47766bbbe0bad512bb4461b150f0f749c19b2706
Security Headers
Name Value
Strict-Transport-Security max-age=0 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=0 ; includeSubDomains
Server
openresty
Date
Tue, 17 Dec 2019 18:55:06 GMT
Vary
Accept-Encoding, User-Agent
P3p
policyref="http://www.bookingbuddy.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMo DEVo PSAo PSDo IVAo IVDo CONo OUR DELa OTRa IND COM NAV"
X-Xss-Protection
1; mode=block
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
4313
Geo
NL
Expires
Tue, 17 Dec 2019 18:55:06 GMT
gtm.js
www.googletagmanager.com/ 		136 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M72XJGZ
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37db4fa647e65650e8c1045fe668d5246d4568e6506792cfebf34c01f5b62f4b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
br
last-modified
Tue, 17 Dec 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
31569
x-xss-protection
0
expires
Tue, 17 Dec 2019 18:55:06 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 16:36:35 GMT
content-encoding
gzip
vary
Origin
age
8312
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
uONsd6E9qtCeQt5CREJpQV5hdHKPCRGGQnoiCKcDNxGif7O8rsm6Vg==
en.js
c.evidon.com/sitenotice/1402/translations/ 		87 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/1402/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
95e3827c1f09de644afd35d3f96ea5b2b3d907f1bd99f20ebff669945efba4b2

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
4833
last-modified
Mon, 16 Dec 2019 20:05:17 GMT
server
AkamaiNetStorage
etag
"59cc921eaa8f22e03e39e5887c02207f:1576526717.030886"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 18 Dec 2019 18:55:06 GMT
evidon-banner.js
c.evidon.com/sitenotice/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-banner.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
007dacdc5695dd65eadf528531c2dc255f4b449d85eabc3cd85dfa7b9d1850eb

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
2972
last-modified
Wed, 11 Dec 2019 22:20:46 GMT
server
AkamaiNetStorage
etag
"6e8a177a89d6647a00338d696f18c27d:1576102846.932752"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=86400, private;max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 18 Dec 2019 18:55:06 GMT
1
l.betrad.com/site/v3/1402/18003/8/1/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/1402/18003/8/1/2/1?consent=0
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-173-113.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
DFPAudiencePixel;ord=3529606127048.599;dc_seg=486064077
pubads.g.doubleclick.net/activity;dc_iu=/5349/ 		42 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/5349/DFPAudiencePixel;ord=3529606127048.599;dc_seg=486064077
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Dec 2019 18:55:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
55081
l.betrad.com/site/v3/1402/18003/8/4/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/1402/18003/8/4/2/1/55081?consent=0
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-173-113.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
icong1.png
c.evidon.com/pub/ 		600 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icong1.png
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.57.29 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-57-29.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
last-modified
Tue, 21 May 2019 16:14:21 GMT
server
AkamaiNetStorage
access-control-allow-origin
etag
"d08da9f445b63100a56646de99043059:1558455261"
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,POST
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
*
content-length
600
55081
l.betrad.com/site/v3/1402/18003/8/2/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/1402/18003/8/2/2/1/55081?consent=0
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-173-113.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
55081
l.betrad.com/site/v3/1402/18003/8/1/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/1402/18003/8/1/2/1/55081?consent=0
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.173.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-203-173-113.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
/
www.bookingbuddy.com/service-api/fareServiceProxy/city-fares/ 		214 KB
215 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bookingbuddy.com/service-api/fareServiceProxy/city-fares/?codes=ONT&currency=USD&fareDirection=outbound&limit=50&sources=-2%2C-3%2C0
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-65.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
f0e597b22a973c53babf292fcb1b4ddb5c77fe659accc0507bf0f857776a6f0e
Security Headers
Name Value
Strict-Transport-Security max-age=0 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=0 ; includeSubDomains
Server
openresty
Date
Tue, 17 Dec 2019 18:55:06 GMT
Vary
Accept-Encoding, User-Agent
P3p
policyref="http://www.bookingbuddy.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMo DEVo PSAo PSDo IVAo IVDo CONo OUR DELa OTRa IND COM NAV"
X-Xss-Protection
1; mode=block
Cache-Control
max-age=0, no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Content-Type
application/json;charset=utf-8
Geo
NL
Expires
Tue, 17 Dec 2019 18:55:06 GMT
sync.html
p.travelsmarter.net/api/usersync/ Frame EF09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://p.travelsmarter.net/api/usersync/sync.html?api_key=WreE2ft7R86obF0cG0hHFQ&publisher_browser_id=049817a1-7e0f-4cc4-97bd-a0f6cc57f453&publisher_user_id=RBM2K83ZSR&cb=1576608906644
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-65.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash

Request headers

:method
GET
:authority
p.travelsmarter.net
:scheme
https
:path
/api/usersync/sync.html?api_key=WreE2ft7R86obF0cG0hHFQ&publisher_browser_id=049817a1-7e0f-4cc4-97bd-a0f6cc57f453&publisher_user_id=RBM2K83ZSR&cb=1576608906644
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1

Response headers

status
200
content-type
text/html;charset=utf-8
content-language
en
p3p
policyref="http://www.bookingbuddy.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMo DEVo PSAo PSDo IVAo IVDo CONo OUR DELa OTRa IND COM NAV"
server
Skipper
vary
Accept-Encoding
content-encoding
gzip
date
Tue, 17 Dec 2019 18:55:06 GMT
content-length
329
set-cookie
st_browser_id=1455c2fe-2f02-451e-83f6-147c30b4f1c4; Path=/; Domain=.travelsmarter.net; Max-Age=33696000; Expires=Sun, 10 Jan 2021 18:55:06 GMT; Secure; SameSite=None sa_aud_cmp=; Path=/; Max-Age=10; Expires=Tue, 17 Dec 2019 18:55:16 GMT; Secure; SameSite=None
/
cs.travelsmarter.net/api/publisher/WreE2ft7R86obF0cG0hHFQ/page-view/ 		125 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cs.travelsmarter.net/api/publisher/WreE2ft7R86obF0cG0hHFQ/page-view/?request_id=a154340f-8a08-4198-9f9e-163170152e6d&page_state_id=fd779ea4-f6e7-494c-bea1-266d21e4c125&timezone_offset=-60&st_browser_id=85ec4f4b-f18d-4ed5-a5b3-c4732f5103fd&publisher_user_id=RBM2K83ZSR&publisher_browser_id=049817a1-7e0f-4cc4-97bd-a0f6cc57f453&currency=USD&locale=en_US&product_type=air&marketing_source=59&campaign_id=51770944&date_1=2020-01-07&date_2=2020-01-14&origin_id=85525071&destination_id=84477519&flight_type=roundtrip&flight_service_class=economyCoach&nonstop=false&num_adults=1&page_name=Fare%20Details&page_type=entry&initiated_at=2019-12-17T18%3A55%3A06.645Z
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash
f139f27c6e468b4c04b8438f1f827075c007b754747418375c62959e40640686

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
server
Skipper
status
200
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bookingbuddy.com
access-control-allow-credentials
true
content-length
131
conversion_async.js
www.googleadservices.com/pagead/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M72XJGZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.226 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
cafe /
Resource Hash
ad88ca7b2b18f0decee115923f36fa3ecf23bc00a513b633e32600055942b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9939
x-xss-protection
0
server
cafe
etag
6341620215770430825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 17 Dec 2019 18:55:06 GMT
32823,35805
locations.smartertravel.net/en/ids/ta/ 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://locations.smartertravel.net/en/ids/ta/32823,35805
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.68.242 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-68-242.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash
93bb8cb099d88095a8a58f5465ce34def35b56aef84926064eb04eba1b5ad639

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

Date
Tue, 17 Dec 2019 18:55:06 GMT
Content-Encoding
gzip
Server
Skipper
ETag
"03fc5273728804f82ecb8334102914551--gzip"
Vary
Accept-Encoding
Content-Language
en
Access-Control-Allow-Origin
*
Cache-Control
max-age=81634
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1074
s24434979861042
sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/
Redirect Chain
  • https://sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/s24434979861042?AQB=1&ndh=1&pf=1&t=17%2F11%2F2019%2019%3A55%3A6%202%20-60&fid=3C7242EDD70F5D72-3E4748ACE4161966&vmt=485017AC&ce=UTF-8&cdp=2...
  • https://sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/s24434979861042?AQB=1&pccr=true&vidn=2EFC9245053139C0-6000012EA0004846&&ndh=1&pf=1&t=17%2F11%2F2019%2019%3A55%3A6%202%20-60&fid=3C7242EDD70...
43 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/s24434979861042?AQB=1&pccr=true&vidn=2EFC9245053139C0-6000012EA0004846&&ndh=1&pf=1&t=17%2F11%2F2019%2019%3A55%3A6%202%20-60&fid=3C7242EDD70F5D72-3E4748ACE4161966&vmt=485017AC&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=NP_Fare_Details_Route&g=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&cc=USD&ch=air&v0=59&v7=59&v9=59&v22=NP_Fare_Details_Route&v24=air&v25=NP_Fare_Details_Route&v38=en-US&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.34.188.113 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
bookingbuddy.com.ssl.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 17 Dec 2019 18:55:06 GMT
X-C
ms-6.11.2
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
43
Pragma
no-cache
Last-Modified
Wed, 18 Dec 2019 18:55:06 GMT
Server
Omniture DC
xserver
www317
ETag
"3385741845013266432-6379631646911543410"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Mon, 16 Dec 2019 18:55:06 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Dec 2019 18:55:06 GMT
Last-Modified
Wed, 18 Dec 2019 18:55:06 GMT
Server
Omniture DC
xserver
www317
Location
https://sstats.bookingbuddy.com/b/ss/slbbbcom/1/JS-2.17.0/s24434979861042?AQB=1&pccr=true&vidn=2EFC9245053139C0-6000012EA0004846&&ndh=1&pf=1&t=17%2F11%2F2019%2019%3A55%3A6%202%20-60&fid=3C7242EDD70F5D72-3E4748ACE4161966&vmt=485017AC&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=NP_Fare_Details_Route&g=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&cc=USD&ch=air&v0=59&v7=59&v9=59&v22=NP_Fare_Details_Route&v24=air&v25=NP_Fare_Details_Route&v38=en-US&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
X-C
ms-6.11.2
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
Keep-Alive
Content-Type
text/plain
Keep-Alive
timeout=15
Content-Length
0
Expires
Mon, 16 Dec 2019 18:55:06 GMT
bookingbuddy-travel-search-made-simple-logo.svg
landers-static.smartertravel.com/v458.0/img/step1/ 		26 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landers-static.smartertravel.com/v458.0/img/step1/bookingbuddy-travel-search-made-simple-logo.svg
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bad20050d74bf95da688cdf8cf5984b5fc62fa97a077a4748320f820e121e295

Request headers

Referer
https://landers-static.smartertravel.com/v458.0/css/page/tabBrowsing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 05 Dec 2019 15:38:34 GMT
server
AmazonS3
x-amz-request-id
3EA2866BF76AA284
etag
"50440239184964014ee35fdcc7a4d3b6"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=49998
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
7256
x-amz-id-2
hdaJRivQTTaDY7p1us+VjrUll8hrsuAjvwoynBOn8qrdM4DKde67mR2DYf+Py2KiRmWp+1QQCds=
ORD.jpg
landers-static.smartertravel.com/v458.0/img/farePages/destinationImages/ 		394 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landers-static.smartertravel.com/v458.0/img/farePages/destinationImages/ORD.jpg
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e2b94e9347fff9cf4dfe7cdf8422024b7d9464f22a4fb8eb67b0961416663e8c

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
last-modified
Thu, 05 Dec 2019 15:38:30 GMT
server
AmazonS3
x-amz-request-id
4C106EDAF6DC2BA3
etag
"c742e9365b5f3f54fcbb0627de243891"
content-type
image/jpeg
status
200
cache-control
max-age=81584
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
403846
x-amz-id-2
8rjMgrqNSXWEWP402J0hMbdW2NErG/0rUCIR020BdAoSEPohCMapzRhpC9O770sJhnPNxKCSVjc=
chevron-down.svg
landers-static.smartertravel.com/v458.0/img/audience/ 		536 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landers-static.smartertravel.com/v458.0/img/audience/chevron-down.svg
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2394647de97fa3f5c0be2117cd79bcd33e3f9ed83f09fe088b3a42f913755897

Request headers

Referer
https://landers-static.smartertravel.com/v458.0/css/page/tabBrowsing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
last-modified
Thu, 05 Dec 2019 15:38:29 GMT
server
AmazonS3
x-amz-request-id
BDCC0261AD11A844
etag
"376103e752f635520fecac4cdff29e39"
content-type
image/svg+xml
status
200
cache-control
max-age=57837
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
536
x-amz-id-2
QeUPovL2Vx91TU+85l3uxS7G9LfutcThAiFZG6RMVoS2LEB8ZKNEWp8WM80Q4z2gOM0lwUvm2FU=
needAHotel.jpg
landers-static.smartertravel.com/v458.0/img/farePages/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landers-static.smartertravel.com/v458.0/img/farePages/needAHotel.jpg
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
213bb8a677d5ecb614074fc001fd4d1ee7b439535de331fb7e32eff03d99470e

Request headers

Referer
https://landers-static.smartertravel.com/v458.0/css/page/tabBrowsing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
last-modified
Thu, 05 Dec 2019 15:38:31 GMT
server
AmazonS3
x-amz-request-id
71D5CEE07B033AA7
etag
"c95a0edc2abc8b01ea2954ff2f859233"
content-type
image/jpeg
status
200
cache-control
max-age=74453
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
7173
x-amz-id-2
OOYhRdFjSgAspU6NfSsjbW6dtQUOQiOnkqJOYURz/PMkWLLxNcieN1rfyW6WRBKHbTox5Thm7Zo=
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
653b182dabcf7d8c8f9be19c23373c2166429b57945c362bd16425350d3d20f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=US-ASCII
gray_calendar.svg
landers-static.smartertravel.com/v458.0/img/audience/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landers-static.smartertravel.com/v458.0/img/audience/gray_calendar.svg
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
82b71629234af2084f07c199eab47ededa7453bf6e10013c46a16f49c35a5b35

Request headers

Referer
https://landers-static.smartertravel.com/v458.0/css/page/tabBrowsing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 05 Dec 2019 15:38:29 GMT
server
AmazonS3
x-amz-request-id
0EB29A1683F8BFB8
etag
"9686701e4b62c9dd3db43bc31087bb68"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=53687
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
951
x-amz-id-2
BwVsBA6koPmh4Rkz2R/DZEKaUX2SKIOofXKGa36WB4caiylPG377FWAert41+ltoLvBQoHDP+qM=
bb_logo_white.svg
landers-static.smartertravel.com/v458.0/img/bb/icons/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landers-static.smartertravel.com/v458.0/img/bb/icons/bb_logo_white.svg
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.91.208 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-203-91-208.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
73eb4cf07bbf24b2707d11f38c2c4a7b8fac3d6bac098fb4f8ad964d212c3c92

Request headers

Referer
https://landers-static.smartertravel.com/v458.0/css/page/tabBrowsing.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 05 Dec 2019 15:38:30 GMT
server
AmazonS3
x-amz-request-id
3768D62C7556D7FC
etag
"09080f26b79bdee816fa45e2f54aaa3b"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=49982
date
Tue, 17 Dec 2019 18:55:06 GMT
accept-ranges
bytes
content-length
2141
x-amz-id-2
d5mS4Qd1+XlCnAAQW1ZHRjwTSgdp5c1UKyKg/gGynKGxebxkmWY4CYRZCcabsa543jJGqeFcEAs=
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1065234835/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1065234835/?random=1576608906760&cv=9&fst=1576608906760&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&tiba=Compare%20Prices&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ec1e527dbf0472c7d30f0064fde0d550e2db9eb4c49bfc7fa65ff9cdc3b3848d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1112
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"370 / 54 of 1000 / last-modified: 1576520981"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15827
x-xss-protection
0
expires
Tue, 17 Dec 2019 18:55:06 GMT
/
www.google.com/pagead/1p-user-list/1065234835/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1065234835/?random=1576608906760&cv=9&fst=1576605600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&tiba=Compare%20Prices&async=1&fmt=3&is_vtc=1&random=3539100853&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Dec 2019 18:55:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1065234835/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1065234835/?random=1576608906760&cv=9&fst=1576605600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&tiba=Compare%20Prices&async=1&fmt=3&is_vtc=1&random=3539100853&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Dec 2019 18:55:06 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.bookingbuddy.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bookingbuddy.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Tue, 17 Dec 2019 18:55:06 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3883&u=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&pid=xgPtMSgy6hCjQ&cb=0&ws=1600x1200&v=7.45.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F5349%2Fta.bb.com%2Ffare_details%2Fna.us.il.chicago%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bookingbuddy.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Imx8ZMQn3ss887tug351qCXRFK_9H-GlAP9FpeoLhx4mu2OKWUuIDQ==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3883&u=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&pid=RLxXFo0M1A6pD&cb=1&ws=1600x1200&v=7.45.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F5349%2Fta.bb.com%2Ffare_details%2Fna.us.il.chicago%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-90-242.fra50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:06 GMT
via
1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
status
200
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.bookingbuddy.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
9yz96s_BSsWj6xEiw0FES13dGgKQ7RLybSL4THNOSoEpydUnzLXdog==
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=354974006292854&correlator=367069961310756&output=ldjh&impl=fif&adsid=NT&eid=21062833&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191217&iu=%2F5349%2Fta.bb.com%2Ffare_details%2Fna.us.il.chicago&sz=300x250&scp=mode%3Dair%26productType%3Dair%26page%3Dfare_details_route%26source_id%3D59%26rd%3Dbb%26owr%3Dnorthamerica%26oco%3Dunitedstates%26ost%3Dcalifornia%26oct%3Dontario%26oap%3Dont%26awr%3Dnorthamerica%26aco%3Dunitedstates%26ast%3Dillinois%26act%3Dchicago%26aap%3Dchi%26originWorldRegion%3Dnorthamerica%26originCountryName%3Dunitedstates%26originStateName%3Dcalifornia%26originCityName%3Dontario%26originAirportCode%3Dont%26destinationWorldRegion%3Dnorthamerica%26destinationCountryName%3Dunitedstates%26destinationStateName%3Dillinois%26destinationCityName%3Dchicago%26destinationAirportCode%3Dchi%26geo%3D35805%26viewability%3Dhigh%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1576608906&dt=1576608906998&dlt=1576608906155&idt=752&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=1185199678&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&dssz=26&icsg=10920&std=26&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=223973785.1576608907&ga_sid=1576608907&ga_hid=1083250846&fws=128&ohw=0
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
42a9fa4dfe9680e9d3d8a4caa9e5b98df0e3e761de4315f62cd001bf9980c779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5763
x-xss-protection
0
google-lineitem-id
4371333316
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138211617387
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bookingbuddy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Tue, 17 Dec 2019 18:55:07 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=354974006292854&correlator=2304693966422978&output=ldjh&impl=fif&adsid=NT&eid=21062833&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191217&iu=%2F5349%2Fta.bb.com%2Ffare_details%2Fna.us.il.chicago&sz=728x90%7C468x60&scp=mode%3Dair%26productType%3Dair%26page%3Dfare_details_route%26source_id%3D59%26runtime_environment%3DPROD_BB_Fare_Details_Route_Desktop_728_x_90_Header%26rd%3Dbb%26owr%3Dnorthamerica%26oco%3Dunitedstates%26ost%3Dcalifornia%26oct%3Dontario%26oap%3Dont%26awr%3Dnorthamerica%26aco%3Dunitedstates%26ast%3Dillinois%26act%3Dchicago%26aap%3Dchi%26originWorldRegion%3Dnorthamerica%26originCountryName%3Dunitedstates%26originStateName%3Dcalifornia%26originCityName%3Dontario%26originAirportCode%3Dont%26destinationWorldRegion%3Dnorthamerica%26destinationCountryName%3Dunitedstates%26destinationStateName%3Dillinois%26destinationCityName%3Dchicago%26destinationAirportCode%3Dchi%26geo%3D35805%26viewability%3Dhigh%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1576608907&dt=1576608907014&dlt=1576608906155&idt=752&frm=20&biw=1585&bih=1200&oid=3&adx=-12245933&ady=-12245933&adk=4044566745&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&dssz=27&icsg=549755824808&std=26&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=223973785.1576608907&ga_sid=1576608907&ga_hid=1083250846&fws=128&ohw=0
Requested by
Host: landers-static.smartertravel.com
URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
7bc956bfd57d0b32d3860cfbf4918d41caf969871164871d417f428c08170a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Origin
https://www.bookingbuddy.com

Response headers

date
Tue, 17 Dec 2019 18:55:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4264
x-xss-protection
0
google-lineitem-id
4721545587
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138264147096
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bookingbuddy.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trackTimings.gif
www.bookingbuddy.com/ 		42 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bookingbuddy.com/trackTimings.gif?v=1.0.0&c=1576608907075&sbwww.prd.pages.tabs.en.navigationstart=0&sbwww.prd.pages.tabs.en.fetchstart=301&sbwww.prd.pages.tabs.en.domainlookupstart=301&sbwww.prd.pages.tabs.en.domainlookupend=301&sbwww.prd.pages.tabs.en.connectstart=301&sbwww.prd.pages.tabs.en.connectend=348&sbwww.prd.pages.tabs.en.secureconnectionstart=315&sbwww.prd.pages.tabs.en.requeststart=348&sbwww.prd.pages.tabs.en.responsestart=511&sbwww.prd.pages.tabs.en.responseend=526&sbwww.prd.pages.tabs.en.domloading=513&sbwww.prd.pages.tabs.en.dominteractive=848&sbwww.prd.pages.tabs.en.domcontentloadedeventstart=848&sbwww.prd.pages.tabs.en.domcontentloadedeventend=852&sbwww.prd.pages.tabs.en.domcomplete=1432&sbwww.prd.pages.tabs.en.loadeventstart=1432
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.34.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-65.deploy.static.akamaitechnologies.com
Software
Skipper /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=0 ; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=0 ; includeSubDomains
Server
Skipper
Date
Tue, 17 Dec 2019 18:55:07 GMT
P3p
policyref="http://www.bookingbuddy.com/w3c/p3p.xml", CP="CAO DSP COR CURa ADMo DEVo PSAo PSDo IVAo IVDo CONo OUR DELa OTRa IND COM NAV"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-Xss-Protection
1; mode=block
Expires
Tue, 17 Dec 2019 18:55:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99A4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnjR_Y7pl-8sfF39ComRaQHEWUF3rbUbnr90up3WSii-B1IrhUHkHatr5X2UOXW3Qo4ATZTvzBcrMMAT8HqYCUyTS7fLzVe4y3CARYTJpfiVp13sMiXk8T0qinsbL0QHUpihDmU0MbbcVEYXqAdCYUTvzQfaFUE93Sh48zU4-Il1gKwntAVjwDsNa6i1iAiLxdUNaeZ9teq6hl2-2k9kStl6vcQJY7UmGcdA9syexj_3AOlChn5e4eMRxvFHC_wJvJDlcWHiLj8TzG95tVrVhESUouaG5cUqRA5rsWjnTDNRtoH6z8dgGrTbuZ-g&sai=AMfl-YSyCj4FZTjYg2L9uxeBYwwZ2Ic7JGArFy1aeCTiSWTU-2FOs1uHTuiFelM_xiLAYzOl4hf-D0kOAaGGnmretBxung0zYdNY4bA1r4T0D8r9uG-Qry-Vk0FFTWxS0ls&sig=Cg0ArKJSzAOtfnxGDtZ2EAE&adurl=
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Dec 2019 18:55:07 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus.js
tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/ Frame 99A4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20191205/r20110914/client/window_focus.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0b1ace9b39cfa2f3de9ebd25c2b2e2b44816502e53809093d2c53dc2898f4d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Dec 2019 17:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1043260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1126
x-xss-protection
0
server
cafe
etag
5070557177101173266
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 19 Dec 2019 17:07:27 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 99A4 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Tue, 17 Dec 2019 18:55:07 GMT
l
www.google.com/ads/measurement/ Frame 99A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRb9MEiQfrL2Cf6ZYGEctDaEnljuQXQCFEzk7P-c25hfufunojkG0535ORWMix8oeTfvTcf
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
14328360552904521774
tpc.googlesyndication.com/simgad/ Frame 99A4 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14328360552904521774
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
83e911fd69f83f960033d563720ec5e6fa8ab82be7c028545fcf68606c1ccd51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 21 Nov 2019 00:21:02 GMT
x-content-type-options
nosniff
age
2313245
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
83601
x-xss-protection
0
last-modified
Tue, 19 Sep 2017 18:06:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Nov 2020 00:21:02 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Tue, 17 Dec 2019 18:55:07 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011912050130240/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10747
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7140
x-xss-protection
0
server
sffe
date
Tue, 17 Dec 2019 15:56:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d61e8113ad0598ef"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Dec 2020 15:56:00 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011912050130240/ Frame C26F 		200 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10752
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55703
x-xss-protection
0
server
sffe
date
Tue, 17 Dec 2019 15:55:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5d665c0313f255e6"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Dec 2020 15:55:55 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame C26F 		152 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
10665
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41415
x-xss-protection
0
server
sffe
date
Tue, 17 Dec 2019 15:57:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66b88e0b1300c1e3"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Dec 2020 15:57:22 GMT
truncated
/ Frame C26F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c0134310cc58ab33da9e0526028e92c2723bd2c97e72e33c34ab5fd57b0c929

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
4873877938017271672
tpc.googlesyndication.com/simgad/ Frame C26F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4873877938017271672
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2cd05ba8152fe73a2cb0ccf08961bec3508537b3176dcd42c7b3c605bf58f074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 06:59:14 GMT
x-content-type-options
nosniff
age
2375753
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23369
x-xss-protection
0
last-modified
Tue, 12 Mar 2019 17:52:13 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 06:59:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C26F 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYcV935wMCyeuWM8rMAqszyVINBWUbZ4ZbTRNooq8Lhgf-ZHvMJOf7VX9VAzmUmApJJv0aRPjHbvlZMwmqzTqx4Ml91DA8_xKFUJWrTmfiTjT8LRr_wKxYdIXNm2hU38gMVwmkUple7i1uFKIiamXmkyg3siPO0g4lHgcnKGPPXhUlohvh2kz7CUlB-OaK9mRb_ay0qDfS1ERDKe65hh6EhmmwbMP54VTWzfSHhCxWukq1iBczjV-KNNIxOOay5mI7DFypGBhd3wIcpVW5aTiprmChTA6qrmWX4KPY&sig=Cg0ArKJSzKVWkgme1NngEAE&adurl=
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 17 Dec 2019 18:55:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame C26F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6HaQVjvcwZMjNfGrBj1lHsptA8aRUD8X4JXeI-NnzOatIx6rmijl0Pka73v7vWNOBxxXnIun1TNLbUN0hEqjJ2yHLdw
Requested by
Host: www.bookingbuddy.com
URL: https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
truncated
/ Frame 99A4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5636ad7e0d541d19c580a20b9731bcd317ee8c8d42bb5bac4535f4fa67a58ec6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
4873877938017271672
tpc.googlesyndication.com/simgad/ Frame C26F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4873877938017271672
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2cd05ba8152fe73a2cb0ccf08961bec3508537b3176dcd42c7b3c605bf58f074
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 Nov 2019 06:59:14 GMT
x-content-type-options
nosniff
age
2375753
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23369
x-xss-protection
0
last-modified
Tue, 12 Mar 2019 17:52:13 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Nov 2020 06:59:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C26F 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS6qTQ0SzKui1pfnZ-ZyrF5xUResebUXuu4ZRRK7nlyN2KNZXLEghFuqM54KGqRsrt1F3PHkRkWKll8ApH9tVdqSZ4tgzOucR6mwsF5k8&sig=Cg0ArKJSzJI8bh8PXoyuEAE&id=ampim&o=429,84&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=99&tls=1100&g=100&h=100&tt=1100&r=v&adk=4044566745&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Dec 2019 18:55:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 99A4 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvV8RK9FpCb8GD60oX0MhBTk-uOldZCR-_bTQ8iePsFbEHlkrLpSYF43lHE_teZMWilO8VelbaDEYRHx_Z977DKxWGKJe06rJ1AWDp4Wws&sig=Cg0ArKJSzP0zv3Mx4CYfEAE&adk=1185199678&tt=-1&bs=1585%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=877,879,1144,1177&mcvt=1008&rs=0&ht=0&tfs=214&tls=1222&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1576608907092&dlt&rpt=86&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C3472&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-4-13-7-12-12-0-0-0&tvt=1217&is=298%2C267&iframe_loc=https%3A%2F%2Fwww.bookingbuddy.com%2Fen-US%2Ffares%2F57326635%2F%3Fcurrency%3DUSD%26origin%3DONT%26destination%3DORD%26u%3DRBM2K83ZSR%26nltv%3D%26nl_cs%3D51770944%253A%253A%253A%253A%253A%253A%26source%3D59%26mcid%3D20778%26ns%3D1&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=298x267&itpl=3&v=20191206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Dec 2019 18:55:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| convert_temp undefined| loglyjson object| convertData undefined| $ undefined| jQuery object| matched function| REED_$ object| REED object| convert object| _conv_q object| _gaq function| ga object| _kmq string| secure object| mixpanel object| dataLayer function| hj object| _hmt object| _czc object| emosGlobalProperties object| _paq object| _wt1Q object| apstag object| pageData undefined| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__serializeRequest function| MediaAlphaExchange__success function| MediaAlphaExchange__searchError function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__search function| MediaAlphaExchange__disableBackIntercept function| MediaAlphaExchange__launch function| MediaAlphaExchange__showModal function| MediaAlphaExchange__hideModal function| MediaAlphaExchange__pop function| MediaAlphaExchange__popCleanup function| MediaAlphaExchange__displayPops function| MediaAlphaExchange__getHostedUrl function| MediaAlphaExchange__leaveBehind function| MediaAlphaExchange__load undefined| targetID object| headertag object| googletag function| headertag_render object| rubicontag object| evidon object| webpackJsonp object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Metrics function| MetricsTiming function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_c_il number| s_c_in object| s_om object| store object| _pcq boolean| apstagLOADED object| google_tag_manager number| a string| url object| s_i_slbbbcom function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP

15 Cookies

Domain/Path Name / Value
.travelsmarter.net/ Name: st_browser_id
Value: 1455c2fe-2f02-451e-83f6-147c30b4f1c4
.bookingbuddy.com/ Name: s_vi
Value: [CS]v1|2EFC9245053139C0-6000012EA0004846[CE]
www.bookingbuddy.com/ Name: e_Var22
Value: eVar22
www.bookingbuddy.com/ Name: reduxPersistIndex
Value: [%22landers:searchData%22]
.bookingbuddy.com/ Name: s_cc
Value: true
.bookingbuddy.com/ Name: s_fid
Value: 3C7242EDD70F5D72-3E4748ACE4161966
www.bookingbuddy.com/ Name: landers%3AsearchData
Value: {%22date1%22:%222020-01-06T23:00:00.000Z%22%2C%22date2%22:%222020-01-13T23:00:00.000Z%22%2C%22travelers%22:1%2C%22rooms%22:1%2C%22oneWay%22:false%2C%22preferNonstop%22:false%2C%22flightClass%22:%22economy_coach%22%2C%22time1%22:%22anytime%22%2C%22time2%22:%22anytime%22%2C%22originId%22:32823%2C%22destinationId%22:35805}
p.travelsmarter.net/ Name: sa_aud_cmp
Value:
www.bookingbuddy.com/ Name: _stn_uid
Value: 85ec4f4b-f18d-4ed5-a5b3-c4732f5103fd
.bookingbuddy.com/ Name: sub_user_id
Value: RBM2K83ZSR
.bookingbuddy.com/ Name: usrsrc
Value: {%22source%22:%2259%22%2C%22nlid%22:%2251770944%22%2C%22mcid%22:%2220778%22}
.bookingbuddy.com/ Name: _conv_s
Value: si%3A1*sh%3A1576608906328-0.4323961735026707*pv%3A1
.bookingbuddy.com/ Name: uu
Value: 430e070c-6b56-445e-b82f-f56c6c920f8d
.bookingbuddy.com/ Name: uu_persist
Value: 049817a1-7e0f-4cc4-97bd-a0f6cc57f453
.bookingbuddy.com/ Name: _conv_v
Value: vi%3A1*sc%3A1*cs%3A1576608906*fs%3A1576608906*pv%3A1

2 Console Messages

Source Level URL
Text
console-api log URL: https://landers-static.smartertravel.com/v458.0/js/tabBrowsing-page.js(Line 1)
Message:
Evidon -- evidon-notice-link not found on page, cant display the consent link.
console-api info URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412)
Message:
Powered by AMP ⚡ HTML – Version 1912050130240 https://www.bookingbuddy.com/en-US/fares/57326635/?currency=USD&origin=ONT&destination=ORD&u=RBM2K83ZSR&nltv=&nl_cs=51770944%3A%3A%3A%3A%3A%3A&source=59&mcid=20778&ns=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0 ; includeSubDomains
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
aghutv.com
api.rlcdn.com
c.amazon-adsystem.com
c.evidon.com
cdn-3.convertexperiments.com
cdn.ampproject.org
cs.travelsmarter.net
e.bookingbuddy.com
googleads.g.doubleclick.net
idx.liadm.com
js-sec.indexww.com
l.betrad.com
landers-static.smartertravel.com
locations.smartertravel.net
match.adsrvr.org
p.travelsmarter.net
pagead2.googlesyndication.com
pubads.g.doubleclick.net
securepubads.g.doubleclick.net
sstats.bookingbuddy.com
tds.travelsmarter.net
tls.travelsmarter.net
tpc.googlesyndication.com
www.bookingbuddy.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
104.108.40.189
104.108.57.29
104.108.68.242
143.204.90.242
172.217.21.226
185.34.188.113
2.19.34.65
216.58.207.66
23.203.91.208
23.210.249.164
2a00:1450:4001:800::2001
2a00:1450:4001:814::2001
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81e::2008
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2002
2a00:1450:4001:824::2004
35.244.174.68
52.2.9.17
52.203.173.113
52.57.76.10
63.34.164.219
007dacdc5695dd65eadf528531c2dc255f4b449d85eabc3cd85dfa7b9d1850eb
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09c12eac1631e9848e71f1474fd5eb51e9c57c4c6825c60d109b3fcd86e311cf
0b1ace9b39cfa2f3de9ebd25c2b2e2b44816502e53809093d2c53dc2898f4d83
0f144f16507d02eabc67a131e4d54ac36266dcfe3dac263a6971265371eff7b9
16997996bf0d12e3b625a2685ad586fa76bfb86ad1b276183748ea8a9f83916f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
213bb8a677d5ecb614074fc001fd4d1ee7b439535de331fb7e32eff03d99470e
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
2394647de97fa3f5c0be2117cd79bcd33e3f9ed83f09fe088b3a42f913755897
2cd05ba8152fe73a2cb0ccf08961bec3508537b3176dcd42c7b3c605bf58f074
32cf9974553405eee9be807b47766bbbe0bad512bb4461b150f0f749c19b2706
37db4fa647e65650e8c1045fe668d5246d4568e6506792cfebf34c01f5b62f4b
38156720f5bb8461553c4ea6364eb5e93cf7f0665df5dbd2e495bcbb47237c3d
396474839f2a70c184547e7c3f558969a2feb1d2275ca5f945ae087488acc4ec
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
42a9fa4dfe9680e9d3d8a4caa9e5b98df0e3e761de4315f62cd001bf9980c779
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
4c46115bc4d67fce150f998d559507cdcdfbc39022dac83439ec5855f779523f
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
5636ad7e0d541d19c580a20b9731bcd317ee8c8d42bb5bac4535f4fa67a58ec6
60482aaf2ddce94152f2825d227d34130bc5276bda81138993f95847390094c6
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
653b182dabcf7d8c8f9be19c23373c2166429b57945c362bd16425350d3d20f2
701b7e52de00780c275462d0bfb1e4e2c25073385e35d0ef5ead531b78a5d8d0
720cfdb4f6d93e66951fd68576aa189af2a3a7134cfc4ddb7dc8063e4904da83
73eb4cf07bbf24b2707d11f38c2c4a7b8fac3d6bac098fb4f8ad964d212c3c92
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7bc956bfd57d0b32d3860cfbf4918d41caf969871164871d417f428c08170a4b
7c0134310cc58ab33da9e0526028e92c2723bd2c97e72e33c34ab5fd57b0c929
82b71629234af2084f07c199eab47ededa7453bf6e10013c46a16f49c35a5b35
83e911fd69f83f960033d563720ec5e6fa8ab82be7c028545fcf68606c1ccd51
841298bd31b4b7ed89e5d58b3ee63fbbd51dc3ee0ba20f472525ffe7aadd1c1f
858407cb0f460a5061db9875a4c887e0cbe3f62da25be6654ef9754b397475f2
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a633a20f4d3b371a109b6e9d2c9b2278327b5362791055d641c7f155348addb
93bb8cb099d88095a8a58f5465ce34def35b56aef84926064eb04eba1b5ad639
95e3827c1f09de644afd35d3f96ea5b2b3d907f1bd99f20ebff669945efba4b2
9a5637d760ace9a9700f1c5bc5c476e4d603dc7a9d68724f816d30814a376172
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
ad88ca7b2b18f0decee115923f36fa3ecf23bc00a513b633e32600055942b32a
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
bad20050d74bf95da688cdf8cf5984b5fc62fa97a077a4748320f820e121e295
bdb3df895f32ff91a2b717208524e4976764ff4301266602077edd05e3a1bae3
d0d378f718cdfe07950cd3defc61cde457cb233ec22a93c9ac0ce26a1a676a13
e2b94e9347fff9cf4dfe7cdf8422024b7d9464f22a4fb8eb67b0961416663e8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1e527dbf0472c7d30f0064fde0d550e2db9eb4c49bfc7fa65ff9cdc3b3848d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e597b22a973c53babf292fcb1b4ddb5c77fe659accc0507bf0f857776a6f0e
f139f27c6e468b4c04b8438f1f827075c007b754747418375c62959e40640686
f213be31d540e30366635b474daedd9c0b46287d55429ec9ef7a4829361c6f01