booking.intelliness.ca Open in urlscan Pro
2606:4700:3030::6815:3e60  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

• https://en.intui.travel/widget/pop_countries?p_site=287737&subID=aff3f6b214284182a249ef58f-467064&pbi=0&color=undefined&currency=USD HTTP 301
• https://en.intui.travel/widget/pop_countries/?p_site=287737&subID=aff3f6b214284182a249ef58f-467064&pbi=0&color=undefined&currency=USD

Request Chain 42

• https://wegotrip.com/en/widgets/?perPage=6&showMore=true&cityId=7&sub_id=be1c5a8381db4388b70d16f26-467064&random=true HTTP 301
• https://wegotrip.com/widgets/?perPage=6&showMore=true&cityId=7&sub_id=be1c5a8381db4388b70d16f26-467064&random=true

Request Chain 78

• https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%22whitelabel_en%22%2C%22trace_id%22%3A%22Zz5bf73eaa53144db9ba74c0c-467064%22%2C%22promo_id%22%3A%224238%22%7D%7D%5D%7D HTTP 302
• https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5bf73eaa53144db9ba74c0c-467064%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 81

• https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=14c2f1fa3bab4f8da0f8a8fb7-467064&destinationType=city&language=en&currency=USD&cityId=260932&cardsLayout=responsive&widgetIndex=0&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F HTTP 308
• https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=14c2f1fa3bab4f8da0f8a8fb7-467064&destinationType=city&language=en&currency=USD&cityId=260932&cardsLayout=responsive&widgetIndex=0&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F

Request Chain 82

• https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=debc6c56315d4100ab0f382ad-467064&destinationType=city&language=en&currency=USD&cityId=67458&cardsLayout=responsive&widgetIndex=1&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F HTTP 308
• https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=debc6c56315d4100ab0f382ad-467064&destinationType=city&language=en&currency=USD&cityId=67458&cardsLayout=responsive&widgetIndex=1&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F

Request Chain 83

• https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=89d3b5f3ce944eadb2a389391-467064&destinationType=city&language=en&currency=USD&cityId=60005&cardsLayout=responsive&widgetIndex=2&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F HTTP 308
• https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=89d3b5f3ce944eadb2a389391-467064&destinationType=city&language=en&currency=USD&cityId=60005&cardsLayout=responsive&widgetIndex=2&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F

Request Chain 84

• https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=779bfd68526b4817aaff6f8d1-467064&destinationType=city&language=en&currency=USD&cityId=79079&cardsLayout=responsive&widgetIndex=3&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F HTTP 308
• https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=779bfd68526b4817aaff6f8d1-467064&destinationType=city&language=en&currency=USD&cityId=79079&cardsLayout=responsive&widgetIndex=3&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response booking.intelliness.ca/	55 KB 13 KB	697ms 332ms	Document text/html	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec3f7f451ca09e3d524918c9940b4621615442545e83da904e2e00d85179e52f Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8753265bea4b3702-YYZ content-encoding br content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8ESdSEr%2B21%2FQq5iKAmnItnSG6Q5aG38Dq8WhzyDpNoLhyxzo0wxhDxw9BVnSI7mCOQkRrb8rvtRe%2FJfe4EkahBjfebnVJT0JlGQKMW34W%2FMW95kuJcpD%2BQiK2eZAiLQNO5deyltnG1Al1308WRWZfLDrc76"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-request-id 02a3fb6aa459e97be371e897d0bf688a
GET H2	200	whitelabel_en.js Show response booking.intelliness.ca/widgets/	7 KB 2 KB	341ms 336ms	Script application/javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/widgets/whitelabel_en.js?v=002&rtl=false&locale=en Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40294c15ffa5f8e48ce184606806a4b23ca2eb41144d84bc1cb79aeb22c487a4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-promo-id 4238 alt-svc h3=":443"; ma=86400 x-request-id f257785004895c37c6d8b3c4f6ac9611, f257785004895c37c6d8b3c4f6ac9611 server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFmEv1Fb%2BQ0ZmdcqIZDNBVMjQ0AffGRLYH%2Fbf19jMwNiSGpfQFuVo%2Fe5l4ZYi6mWNfAtgi%2B8ikMbThkXSh0etBOxHcI09IgQJEwma6Echlodx0S9lAVahO%2FVdYeFXDpcSzC4Q55slIPwepEc7SDnjGR722iS"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control private, max-age=0 cf-ray 8753265e0bb43702-YYZ timing-allow-origin * link </mewtwo/styles.css?locale=en&rtl=false&v=002>; rel=preload; as=style, </widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002>; rel=preload; as=script x-robots-tag noindex
GET H2	200	main.en.js Show response booking.intelliness.ca/	786 KB 174 KB	697ms 693ms	Script application/javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/main.en.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf1ce4af51cd6f61c6ed3e342d8cf0cfcaa3f42c8fed9eae148956441e6be21a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding br cf-cache-status MISS last-modified Tuesday, 16-Apr-2024 09:29:15 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66167df2-c4616" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVm9mGSEH90Hoht562IV5eDmElj6Wa0EG1vOc0B1yowkyj6%2BpjYxC6CngDwO1FQxPX8HWTNsGveWlhSYXdcFjQWrzMevrRzCk1mLBLr%2FLMRkFuE6DPbHoZ%2F3tQgySwQ89u0PW68qXKhAsvCSByL4DmxWj68A"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 8753265e0bb63702-YYZ alt-svc h3=":443"; ma=86400 x-request-id d140d58459a6e151ad3511f38c38383a expires Tue, 16 Apr 2024 09:59:15 GMT
GET H2	200	main.css booking.intelliness.ca/	2 MB 449 KB	781ms 778ms	Stylesheet text/css	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/main.css Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6a65995d7bba8bd213f762de09336de1adf9da139b46c64b5ad3cee83898e1d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding br cf-cache-status MISS last-modified Tuesday, 16-Apr-2024 09:29:15 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66167d02-1b90e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3714YW%2BxykjUgme%2F4X45U4MBla6sD8xU2fDH0lUEZGep%2BRz7n3V4Yb36HCxhP0i3OUfEgw21aOOYZqZZgcB7rUZHDCJVLyRBv3jaeB6VrLwNsLUwu9eIUyR5sju2HpqEOsAKwG%2BZan46Jgvet3IaAPHYwJj9"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8753265e0bb23702-YYZ alt-svc h3=":443"; ma=86400 x-request-id 28f8f3660743ae8c19c3cbbe0e9b07a2 expires Tue, 16 Apr 2024 09:59:15 GMT
GET		js www.googletagmanager.com/gtag/	0 0
GET H2	200	entrypoint.js Show response tp-em.com/	3 KB 2 KB	1204ms 299ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tp-em.com/entrypoint.js?marker=467064 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash fbe332a69019e20ce6511f23deb4e5e897904594908ca9b7fa83bffb5de77055 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control no-store x-robots-tag noindex content-length 1596 x-request-id 37d3d40afad226c89c1e30bc53c7b349
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/	158 KB 26 KB	442ms 92ms	Stylesheet text/css	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 Apr 2024 09:29:15 GMT x-content-type-options nosniff content-encoding br age 1740923 x-jsd-version 4.6.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 26391 x-served-by cache-fra-eddf8230108-FRA, cache-yyz4535-YYZ x-jsd-version-type version etag W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3	200	all.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/	68 KB 11 KB	420ms 105ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a62a847fb029ec2329b3c92b0d0b1239366017e314ff430fc8f5b67a78f9238d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 24444 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 10228 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-111e5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jf5nLf9HSz8JjqhkF5O%2Fgx5SLLbpTglqeoBDzJXdlJI33yO1G29SFtPAz7%2F5heP0aUClbTRDBfyjM6KZOc6PYtOK6hYjfMaFWOdgEw9JDas%2BK%2FJO47feDEL13aQ5GFWREmCANY8OmKDT75EzCzMuVdIZ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 875326600b2b54af-YYZ expires Sun, 06 Apr 2025 09:29:15 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	215 KB 76 KB	551ms 155ms	Script application/javascript	2607:f8b0:4004:c1f::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 629fb3017c853e06afcfd5b680db48d0be6d5f097b69acee7a5c38880120eebe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77589 x-xss-protection 0 last-modified Tue, 16 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Apr 2024 09:29:16 GMT
GET H2	200	pa.umd.production.min.js Show response widget.getyourguide.com/dist/	52 KB 17 KB	495ms 114ms	Script application/javascript	2606:4700:4400::6812:2262 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.getyourguide.com/dist/pa.umd.production.min.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83c3e96c0eaa794e5031bdbeb8a59e5bce51e7a79e629bbe91d79a0818a31237 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800} x-amz-request-id 26XH9VSSYDBYF4T6 age 1979 x-amz-server-side-encryption AES256 x-amz-id-2 lXgDpfxI89Dktx4JwG2qRYYDT10DJNmx0nbuctX4+cU+2Cg3j/vyuBl3XObPTdnziqRsFyUaBXg= last-modified Thu, 14 Mar 2024 09:10:22 GMT server cloudflare etag W/"b47fa212354121926b3dbbe722730e81" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tsA2Wfdzd%2BLcpjHL%2FrtBsBQ%2FrLObKVJe0VVn3%2BsN8MLMc%2FnVXKDbp%2FxvKnGFcOoWe10A4vHeBoY%2FCXQ%2FhpONpxyFnRt7DDshUXcPqkFGOafzjAD%2FWFzdI00tXZnmTsrN21iQfQDeb4Q%2BKHvvBSutb9JYqW5"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=3600, public, must-revalidate cf-ray 87532663ab2ea1e6-YYZ
GET H2	200	css fonts.googleapis.com/	2 KB 1002 B	534ms 151ms	Stylesheet text/css	2607:f8b0:4004:c06::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 16 Apr 2024 09:29:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 16 Apr 2024 08:54:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 16 Apr 2024 09:29:15 GMT
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	456ms 94ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 5178252 x-cache HIT, HIT content-length 30638 x-served-by cache-lga21965-LGA, cache-yyz4583-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1713259756.598144,VS0,VE0 etag W/"28feccc0-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 6, 43591
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/	21 KB 8 KB	416ms 93ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 Apr 2024 09:29:15 GMT x-content-type-options nosniff content-encoding br age 19089961 x-jsd-version 1.16.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 7831 x-served-by cache-fra-eddf8230124-FRA, cache-yyz4535-YYZ x-jsd-version-type version etag W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/	61 KB 16 KB	416ms 93ms	Script application/javascript	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.min.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 16 Apr 2024 09:29:15 GMT x-content-type-options nosniff content-encoding br age 1122740 x-jsd-version 4.6.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 16536 x-served-by cache-fra-eddf8230043-FRA, cache-yyz4535-YYZ x-jsd-version-type version etag W/"f3e8-JKkAvfzv1Sy8/zvDZECvm4fNUGc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	intelliness-Flight-Hotel-Logo.png intelliness.ca/wp-content/uploads/2024/03/	9 KB 10 KB	281ms 251ms	Image image/png	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://intelliness.ca/wp-content/uploads/2024/03/intelliness-Flight-Hotel-Logo.png Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 620edebc800194571cb0a5e1c5ec5e3184a39ea1c66dd9d1b21e1266ed7da92a Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT cf-cache-status MISS last-modified Fri, 15 Mar 2024 12:19:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "820e89-2579-613b206461718" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3i02n0NIbgRUJk1OA7myhTLyxtpJzBJ5kKFgQhSL3plyUv947%2FT7EvfMKa0k3ItuPWynlIqSOBFn6ueJu%2BAzTnC5qcEe7OAVncWQAgaWSpfPWtedMUJJW7B%2BkMredOWVlNj530UA9hZ5pv4doA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8753265e6bf03702-YYZ alt-svc h3=":443"; ma=86400 content-length 9593
GET H2	200	money_script.js Show response www.travelpayouts.com/money_script/	5 KB 2 KB	819ms 310ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://www.travelpayouts.com/money_script/money_script.js?marker=467064&exclude=yyy,zzz Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c4bda9cf2240b77bf0f3150f0b616357797ca45c18c0e4860fa3166753840646 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br last-modified Wed, 28 Dec 2022 10:40:28 GMT server nginx etag W/"63ac1d1c-133e" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-request-id 6b63106e466fc8deaf7442502cec651b
GET H2	200	content Show response c89.travelpayouts.com/	44 KB 15 KB	1018ms 514ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://c89.travelpayouts.com/content?currency=USD&trs=308636&shmarker=467064&language=en&locale=260932&layout=responsive&cards=8&powered_by=false&promo_id=3947 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 0d70f73eaa5d4be30249295f2fe31588ea04ae5a21b892baf16cc51d1e79ec9b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=0 timing-allow-origin * x-promo-id 3947 x-robots-tag noindex x-request-id 5a5801cad2ea54fdc3fa457ca6abf638
GET H2	200	content Show response c89.travelpayouts.com/	44 KB 15 KB	904ms 400ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://c89.travelpayouts.com/content?currency=USD&trs=308636&shmarker=467064&language=en&locale=67458&layout=responsive&cards=8&powered_by=false&promo_id=3947 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 8c19ce9f6d44a45d89f91b202b13227b3090949eb8392aaf87cee4cb867370a6 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=0 timing-allow-origin * x-promo-id 3947 x-robots-tag noindex x-request-id 01a9100e81d70fd6527608e4f7f8eec4
GET H2	200	content Show response c89.travelpayouts.com/	44 KB 15 KB	1006ms 502ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://c89.travelpayouts.com/content?currency=USD&trs=308636&shmarker=467064&language=en&locale=60005&layout=responsive&cards=8&powered_by=false&promo_id=3947 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2770db3970a98d9c16b6a177fb97aa35d1f5424e1836514446f19094843b81dd Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=0 timing-allow-origin * x-promo-id 3947 x-robots-tag noindex x-request-id 7b6f4f74263aaafc3246cfaadafaee4c
GET H2	200	content Show response c89.travelpayouts.com/	44 KB 15 KB	917ms 414ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://c89.travelpayouts.com/content?currency=USD&trs=308636&shmarker=467064&language=en&locale=79079&layout=responsive&cards=8&powered_by=false&promo_id=3947 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c11ed777cb80d7e3bf0e8d97cf09cd90ca4f122fbb7a22d01ed1dbd6efbe0349 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=0 timing-allow-origin * x-promo-id 3947 x-robots-tag noindex x-request-id d1af5dca164ce3b217c2b693f8245ac5
GET H2	200	content Show response c22.travelpayouts.com/	43 KB 15 KB	916ms 413ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://c22.travelpayouts.com/content?currency=USD&trs=308347&shmarker=467064&locale=en&powered_by=false&promo_id=8598 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash b950dc4ac913c95c32f55de22ed84ba06dcfa6b9ec1ca324f833c7bf53d96b2c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=0 timing-allow-origin * x-promo-id 8598 x-robots-tag noindex x-request-id 846b2710d6ccd800ab771d4c860611ce
GET H2	200	content Show response c150.travelpayouts.com/	44 KB 15 KB	320ms 286ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://c150.travelpayouts.com/content?trs=308347&shmarker=467064&locale=en&tours=6&powered_by=false&promo_id=4489 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 3edd91cb21e77cbe46bfb36592840a526f046fcd6a29946d69733427ed1d261e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript cache-control private, max-age=0 timing-allow-origin * x-promo-id 4489 x-robots-tag noindex x-request-id bdc8a6013f0e55a85ebdec09244fcdb9
GET H2	200	hotellook-new.png travel.intelliness.ca/wp-content/uploads/2023/07/	23 KB 24 KB	258ms 248ms	Image image/webp	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travel.intelliness.ca/wp-content/uploads/2023/07/hotellook-new.png Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b534cc0c86c40cc0cc6353fbf54c646796138a7b4cc6b3f3680bba7d1900f02 Security Headers Name Value Content-Security-Policy object-src 'none' Strict-Transport-Security max-age=15768000;includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT strict-transport-security max-age=15768000;includeSubdomains x-content-type-options nosniff content-security-policy object-src 'none' cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 17 Aug 2023 09:05:53 GMT x-wpo-webp Redirected directly to existing webp server cloudflare etag W/"805ca8-5d1c-6031ab819de40-br" vary Accept,Accept-Encoding,User-Agent report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHCB9rHXcaztyblanFQEVVzwF%2BlsBsg%2BByCg8apfUrd2Py8kdGrNpHBBoTf%2FsGT859FZARBEtqjwLsNmxFQSWsBiJEMA6EZL3EjFFPV6TwwGc%2FFMpShKuksP7tVHyHyYxtJAyRfsYAqaoixZWW5tEk0KwXc%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 cf-ray 8753265e4bdc3702-YYZ
GET H2	200	kiwitaxi_logo_hor_sp.png travel.intelliness.ca/wp-content/uploads/2023/07/	9 KB 9 KB	100ms 99ms	Image image/png	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://travel.intelliness.ca/wp-content/uploads/2023/07/kiwitaxi_logo_hor_sp.png Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1563b81fb805736a6b3dc16634dcc936aa6ad59efecd872cb7e4c8f0235ace55 Security Headers Name Value Content-Security-Policy object-src 'none' Strict-Transport-Security max-age=15768000;includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT strict-transport-security max-age=15768000;includeSubdomains x-content-type-options nosniff content-security-policy object-src 'none' nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 1319 alt-svc h3=":443"; ma=86400 content-length 8907 x-xss-protection 1; mode=block last-modified Thu, 17 Aug 2023 09:05:49 GMT server cloudflare etag "805ca0-22cb-6031ab7dcd540" vary User-Agent,Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YygLY6EDJKUV8lrCAmqJq8uwnNFlJoDMim6%2BXWIaPO307ZnuzdG2VhJo%2BG4ZraJSTbXDSRtrOo%2B6AgHCBON6E9RNjmnf3JBmqik5kRSFuhMKau9wJcXTBGAJqslW7ZfIZg2ffpEvaR%2B1jCBh6van2xE%2FwYM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8753265ffcd93702-YYZ
GET H2	200	v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response static.cloudflareinsights.com/beacon.min.js/	20 KB 7 KB	499ms 137ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding gzip last-modified Mon, 15 Apr 2024 22:09:58 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 87532668aa3ba1f3-YYZ
GET H2	200	styles.css booking.intelliness.ca/mewtwo/	167 KB 16 KB	436ms 435ms	Stylesheet text/css	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/mewtwo/styles.css?locale=en&rtl=false&v=002 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding br cf-cache-status MISS last-modified Tuesday, 16-Apr-2024 09:29:15 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf09-29ce6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxU8qt6RGzXAD3ir%2FKyMe4SWvQnrE0EaTXMzAsRvaKXRuiQzaPRHZjeac%2BgmxG1oqJ4HDywK5xpQ2GHh348eQA7bJhzfvIgzFBBZwqGzOwB7BROYuOE0iFrkGVoKTseOGpSYxD32Arj5Ussa1oh5BsgPVk%2Bv"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 875326602cf63702-YYZ alt-svc h3=":443"; ma=86400 x-request-id 7607c0af4903593748e5f9352a96000d expires Tue, 16 Apr 2024 09:59:15 GMT
GET H2	200	whitelabel_en.js Show response booking.intelliness.ca/widgets_static/	309 KB 57 KB	556ms 556ms	Script application/javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/widgets_static/whitelabel_en.js?locale=en&rtl=false&v=002 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br cf-cache-status MISS last-modified Tuesday, 16-Apr-2024 09:29:15 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6548cf0c-4d278" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Xr4YALTBzAXngAgjYRAFBZo6ZjhC5s6vL8LsbFQ38DU5e6yRlUKKGiWWJJRu1TLOOrhW0o8Wzg6UAKQz4iHeDKmvbsqThd0CGQm9WA%2FW9%2Bltj%2FDpiyRT9%2B%2FUOi96K9IVOdF90pOmDUBEdOLuzMXDFlsQ5W4"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 875326602cf83702-YYZ alt-svc h3=":443"; ma=86400 x-request-id a6e55aadebcfff6c110f9ebfe1c12852 expires Tue, 16 Apr 2024 09:59:15 GMT
GET H2	200	MzA4NjM2.js Show response emrld.cc/	3 KB 2 KB	855ms 300ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://emrld.cc/MzA4NjM2.js?t=308636 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 39cad373da115a5543e6abe6e49c15dc3995549e54db57e6c0535d58e43cb80c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control no-store x-robots-tag noindex content-length 1597 x-request-id cf6ec91693694fcc1f58f8b6d515fba4
GET H3	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/	74 KB 74 KB	416ms 102ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1087809 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 75408 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-12690" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4cYcc0wlHjewCE0rg%2FgoTd6ToWJRTUGYWGTEnBUrTTm8nqDz5noOwf86Kp3MvfN1dbiiKAruwAjsa7n0e4GxXj6Cn4xsWOl4i8REhmo0%2F05wVML11j2ApTnUEddrTTwvRH3LO0yE8yXTI94FpPHcsWXN"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 87532663b9e05419-YYZ expires Sun, 06 Apr 2025 09:29:16 GMT
GET H3	200	fa-regular-400.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/	13 KB 14 KB	602ms 288ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-regular-400.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.css Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 26713 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 13584 last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-3510" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9VbTGJ6PMQqMAUn4ZgN%2BpGRrORM%2FZhJSvLWdD2sB%2Feqx0%2BT5rnv1bzNLrXrqk%2BgbBmBIq413p44XmjnBGdsTKozHjBFlSFxF5y7H8nZXjO5ugzPyoEGV8FBYJkSptoc13IUoJ2reD15TOqZ%2BN1evmmHB"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 87532663b9e15419-YYZ expires Sun, 06 Apr 2025 09:29:16 GMT
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 277 B	891ms 249ms	Image text/plain	188.42.198.44 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-04-16T09%3A29%3A16.007Z Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
GET H2	200	main.css booking.intelliness.ca/	2 MB 0	0ms 0ms	Stylesheet text/css	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/main.css Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6a65995d7bba8bd213f762de09336de1adf9da139b46c64b5ad3cee83898e1d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:15 GMT content-encoding br cf-cache-status MISS last-modified Tuesday, 16-Apr-2024 09:29:15 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66167d02-1b90e0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3714YW%2BxykjUgme%2F4X45U4MBla6sD8xU2fDH0lUEZGep%2BRz7n3V4Yb36HCxhP0i3OUfEgw21aOOYZqZZgcB7rUZHDCJVLyRBv3jaeB6VrLwNsLUwu9eIUyR5sju2HpqEOsAKwG%2BZan46Jgvet3IaAPHYwJj9"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8753265e0bb23702-YYZ alt-svc h3=":443"; ma=86400 x-request-id 28f8f3660743ae8c19c3cbbe0e9b07a2 expires Tue, 16 Apr 2024 09:59:15 GMT
GET H2	200	widget.js Show response widget.getyourguide.com/pw/latest/client-loader/	19 KB 8 KB	114ms 114ms	Script application/javascript	2606:4700:4400::6812:2262 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.getyourguide.com/pw/latest/client-loader/widget.js Requested by Host: widget.getyourguide.com URL: https://widget.getyourguide.com/dist/pa.umd.production.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0e0ee67ed32972e21363025f8d420026523e2c72041b1f89f0a1a90f450fa1d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800} x-amz-request-id XDYSXMS5MDWM3TPF age 35 x-amz-server-side-encryption AES256 x-amz-id-2 s32y5JWqgA606W8kgWPRbMwtESdhaeBdLWmPFruTPg8GRg6onkSf/rgcoXfoNyYPJIfZHU1QlmE= last-modified Wed, 10 Apr 2024 10:00:32 GMT server cloudflare etag W/"de0cbb0613910dbc2462b9fedce1cbe5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYLAhEIjiZg2i2z1NxfpGbAXg53i4LkqkGAxiF1QId9fMZJ63YRtyVSs9zMz55ytcFaycujg2%2BgCxy45t10Y693oj4xccpnIVaFp5pPYceWBALB%2B4VSR4nX%2FmgHIVkJ6Ugu0Bl1DcBaPglfs%2Bb9LsOjVm3jh"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=100, public, must-revalidate cf-ray 875326681e56a1e6-YYZ
GET H2	200	js Show response www.googletagmanager.com/gtag/	274 KB 94 KB	131ms 130ms	Script application/javascript	2607:f8b0:4004:c1f::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1c6c3507cf981767ccee6288f3866ff35a65f2803e5a65ab27219d14fc1cd640 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:16 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95961 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 Apr 2024 09:29:16 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	462ms 95ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-M47KB56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 16 Apr 2024 07:30:48 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 7110 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 16 Apr 2024 09:30:48 GMT
GET		js www.googletagmanager.com/gtag/	0 0
GET H2	200	script_brands Show response brand.travelpayouts.com/api/money_script/	2 KB 1 KB	843ms 362ms	XHR application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://brand.travelpayouts.com/api/money_script/script_brands?marker=467064 Requested by Host: www.travelpayouts.com URL: https://www.travelpayouts.com/money_script/money_script.js?marker=467064&exclude=yyy,zzz Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 8483ff58876b51e75011a3486de30a1447ada73116589d50be1cdda857c8b711 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' *.travelpayouts.com Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT access-control-request-method * content-encoding br content-security-policy frame-ancestors 'self' *.travelpayouts.com x-permitted-cross-domain-policies none strict-transport-security max-age=31536000 cross-origin-embedder-policy unsafe-none cross-origin-resource-policy cross-origin content-length 388 x-request-id deaa7ab483f5684d990bab5b82449733 x-runtime 0.026083 referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy cross-origin etag W/"8483ff58876b51e75011a3486de30a14" x-download-options noopen vary Accept-Encoding, Accept access-control-allow-methods POST, PUT, DELETE, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=0, private, must-revalidate permissions-policy geolocation=(), microphone=(), camera=(), display-capture=*,, fullscreen=*, publickey-credentials-get=(self) x-robots-tag noindex access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Authorization
GET H2	200	loader.js Show response widgets.tiqets.com/	16 KB 7 KB	756ms 330ms	Script application/javascript	2600:9000:250a:1600:18:278d:b500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.tiqets.com/loader.js Requested by Host: c89.travelpayouts.com URL: https://c89.travelpayouts.com/content?currency=USD&trs=308636&shmarker=467064&language=en&locale=67458&layout=responsive&cards=8&powered_by=false&promo_id=3947 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:250a:1600:18:278d:b500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 5ea2cf8e61f61b5302f31ab5a7d1c9a4eaa12df16bfeb38ae2a4299f29ea2cce Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT content-encoding gzip via 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront) strict-transport-security max-age=15724800 last-modified Tue, 16 Apr 2024 08:34:48 GMT x-amz-cf-pop IAD12-P3 etag W/"661e3828-3f4f" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=300 alt-svc h3=":443"; ma=86400 x-amz-cf-id g92N6z-c37zt-afmyrS2hPpvCfssDVY61DaFORg_bdQANXpS8SksIQ== expires Tue, 16 Apr 2024 09:34:18 GMT
GET H2	200	sp.js Show response static.aviasales.com/snowplow/19.20.1/	43 KB 14 KB	476ms 133ms	Script application/x-javascript	18.160.41.109 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.aviasales.com/snowplow/19.20.1/sp.js Requested by Host: c89.travelpayouts.com URL: https://c89.travelpayouts.com/content?currency=USD&trs=308636&shmarker=467064&language=en&locale=67458&layout=responsive&cards=8&powered_by=false&promo_id=3947 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.160.41.109 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-41-109.iad55.r.cloudfront.net Software / Resource Hash 5b7961e43ba73a1ec7a400060934040077aef584ce1a6ab0185d9c41ce029d32 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 06 Jul 2023 05:08:11 GMT content-encoding gzip via 1.1 6e44ac4753bea102fe3aae286f68acfe.cloudfront.net (CloudFront) last-modified Wed, 03 May 2023 09:21:11 GMT x-amz-cf-pop IAD55-P1 age 24639667 etag W/"56c168eae5c685d285eeaf940c1f21d5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control public,max-age=31536000 alt-svc h3=":443"; ma=86400 x-amz-cf-id z7V6M-IIFtPTfxs2ZSrAM5OqGuYEcmHwQi2IGJrQOLrEQHs1dBTE8Q==
GET H2	200	tp.png www.travelpayouts.com/powered_by/img/	4 KB 4 KB	177ms 177ms	Image image/png	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://www.travelpayouts.com/powered_by/img/tp.png Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT last-modified Mon, 13 Nov 2023 11:56:56 GMT server nginx content-type image/png cache-control no-store, no-cache accept-ranges bytes x-robots-tag noindex content-length 3584 x-request-id 4f6c42582089a6caf09f085f654e789b
GET H2	200	iframeResizer.js Show response www.intui.travel/public/js/jquery/	16 KB 5 KB	881ms 206ms	Script application/javascript	89.108.116.233 AS-REG
General Check archive.org Show headers Download Go to Full URL https://www.intui.travel/public/js/jquery/iframeResizer.js Requested by Host: c22.travelpayouts.com URL: https://c22.travelpayouts.com/content?currency=USD&trs=308347&shmarker=467064&locale=en&powered_by=false&promo_id=8598 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d54035.azlk.regrucolo.ru Software nginx / Resource Hash 5ee0da95c6ee395ed2c49524952dc9a526eb15a7b627c444ea1259db6f608bb2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 10:08:19 GMT server nginx etag W/"63721393-4100" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	/ en.intui.travel/widget/pop_countries/ Frame BD39 Redirect Chain https://en.intui.travel/widget/pop_countries?p_site=287737&subID=aff3f6b214284182a249ef58f-467064&pbi=0&color=undefined&currency=USD https://en.intui.travel/widget/pop_countries/?p_site=287737&subID=aff3f6b214284182a249ef58f-467064&pbi=0&color=undefined&currency=USD	0 0	223ms 222ms	Document text/html	89.108.116.233 AS-REG
General Check archive.org Show headers Download Go to Full URL https://en.intui.travel/widget/pop_countries/?p_site=287737&subID=aff3f6b214284182a249ef58f-467064&pbi=0&color=undefined&currency=USD Requested by Host: c22.travelpayouts.com URL: https://c22.travelpayouts.com/content?currency=USD&trs=308347&shmarker=467064&locale=en&powered_by=false&promo_id=8598 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.108.116.233 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS d54035.azlk.regrucolo.ru Software nginx / PHP/8.0.15 Resource Hash Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html;charset=UTF-8; date Tue, 16 Apr 2024 09:29:18 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding x-powered-by PHP/8.0.15 Redirect headers content-length 357 content-type text/html; charset=iso-8859-1 date Tue, 16 Apr 2024 09:29:17 GMT location https://en.intui.travel/widget/pop_countries/?p_site=287737&subID=aff3f6b214284182a249ef58f-467064&pbi=0&color=undefined&currency=USD server nginx
GET H2	200	widgetManager.js Show response wegotrip.com/helpers/	28 KB 10 KB	776ms 269ms	Script application/javascript	178.62.236.150 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wegotrip.com/helpers/widgetManager.js Requested by Host: c150.travelpayouts.com URL: https://c150.travelpayouts.com/content?trs=308347&shmarker=467064&locale=en&tours=6&powered_by=false&promo_id=4489 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 178.62.236.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS wegotrip.com Software nginx / Resource Hash 1154870e3902cdc1d84fc1a4bc14cbfb6fcfa3481ec07b5a04635174c8469f81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Thu, 01 Dec 2022 11:24:03 GMT server nginx content-encoding gzip etag W/"63888ed3-6ea2" vary Accept-Encoding content-type application/javascript x-xss-protection 1; mode=block
GET H2	200	/ wegotrip.com/widgets/ Frame EDA6 Redirect Chain https://wegotrip.com/en/widgets/?perPage=6&showMore=true&cityId=7&sub_id=be1c5a8381db4388b70d16f26-467064&random=true https://wegotrip.com/widgets/?perPage=6&showMore=true&cityId=7&sub_id=be1c5a8381db4388b70d16f26-467064&random=true	0 0	347ms 347ms	Document text/html	178.62.236.150 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://wegotrip.com/widgets/?perPage=6&showMore=true&cityId=7&sub_id=be1c5a8381db4388b70d16f26-467064&random=true Requested by Host: c150.travelpayouts.com URL: https://c150.travelpayouts.com/content?trs=308347&shmarker=467064&locale=en&tours=6&powered_by=false&promo_id=4489 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 178.62.236.150 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS wegotrip.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:17 GMT etag W/"25327-Fk6twvoR7QfF8pQS0W3Z68MknCc" referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block Redirect headers content-length 276 content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:17 GMT location /widgets/?perPage=6&showMore=true&cityId=7&sub_id=be1c5a8381db4388b70d16f26-467064&random=true referrer-policy no-referrer-when-downgrade server nginx strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	main.a0e182f6.js Show response tp-em.com/	107 KB 36 KB	760ms 291ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tp-em.com/main.a0e182f6.js Requested by Host: tp-em.com URL: https://tp-em.com/entrypoint.js?marker=467064 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 3698b9759a3dec1692ad2106d92a5b9b125b59d7a87fff22768c9807610e4a6d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable x-robots-tag noindex x-request-id 56d7b350b00dc61c0a46911b812b1407
GET H2	200	link-switcher.js Show response tp-em.com/	3 KB 1 KB	194ms 193ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tp-em.com/link-switcher.js?trace_id=Zz2058df24f0f14e46bc2e905-467064 Requested by Host: tp-em.com URL: https://tp-em.com/entrypoint.js?marker=467064 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash ab93733381ce87cbca73d048c757f6ba8b5f14b8dacdd7ce62b1a50cd24acf1d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-robots-tag noindex content-length 1150 x-request-id a81178da5289da89270794ce45f48248
GET H2	200	gnikcart Show response widget.getyourguide.com/	61 B 1 KB	216ms 216ms	Fetch application/json	2606:4700:4400::6812:2262 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.getyourguide.com/gnikcart?q=eyJwYXJ0bmVyX2lkIjoiVjRKQjEyTSIsInVybCI6ImJvb2tpbmcuaW50ZWxsaW5lc3MuY2EvIn0%3D Requested by Host: widget.getyourguide.com URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4af288052f6b7bf939c8b199ef8d85fe83d7480438c9fe8afc02a32fc7358ee1 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT content-security-policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800} content-encoding br x-powered-by Express x-envoy-upstream-service-time 9 x-xss-protection 1; mode=block x-request-id f351e1c2-e4fc-9ee9-bb09-4d99c51ecf2f referrer-policy strict-origin-when-cross-origin server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BhJBqLy7hfYOoq369m63IWzRYb3vCYRE0Dh1FOlz4pjOVuKsbhUZbczBVSA3KtVGwfgRVgUj1bMhbcYC3brktd5RDTXSIk10tqV0LoFJynNbYG%2BLhvwg0Ypg6EqRLiN%2B7UiXN6moA7m0i9YAip369yhXpoe"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://booking.intelliness.ca cache-control private access-control-allow-credentials true cf-ray 87532668cebfa1e6-YYZ
GET H3	200	whitelabel_en.js Show response booking.intelliness.ca/widgets/	7 KB 3 KB	316ms 316ms	Script application/javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/widgets/whitelabel_en.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/main.en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8cc387fd1e71910754bfdbb08bbc6e56d8becfc19928a9e9fef2cfff1212871 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-promo-id 4238 alt-svc h3=":443"; ma=86400 x-request-id e020129876e9259c8bb1917c917020ec, e020129876e9259c8bb1917c917020ec server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXe1nRERUigV2KGAv0WVEAS5gY3DJNfcQehlbw8U36CagZJ7gjeMZZkmrJEnwEHgs7YCCs6oCne0yX4bCNQR0w0bYrZuc2UQZ0Mj9HObZ8H8Oma40myV9ZtocPcWO85%2FIQ6Y1Ejeitz%2Fqvx72fnAEWCTfSW9"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control private, max-age=0 cf-ray 8753267288b8a22f-YYZ timing-allow-origin * link </mewtwo/styles.css>; rel=preload; as=style, </widgets_static/whitelabel_en.js>; rel=preload; as=script x-robots-tag noindex priority u=3,i=?0
GET DATA	200 OK	truncated /	863 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9ceddb5c380cb8111a0beb07fcf991cc290b7a8d8afbe21c8a9831d419d6b467 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	currency-regular-webfont.woff2 www.travelpayouts.com/currency_fonts/	4 KB 4 KB	249ms 248ms	Font application/octet-stream	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://www.travelpayouts.com/currency_fonts/currency-regular-webfont.woff2 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/main.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 4ba3cac275ae4d06824607aa55da87e077a60cc9608aa0d6d8b6004922573d2e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT last-modified Tue, 02 Apr 2024 12:57:48 GMT server nginx etag "660c00cc-e08" content-type application/octet-stream access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 3592 x-request-id 78bf45ddc45a14b03d2e53cc9568414d expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	tp.png www.travelpayouts.com/powered_by/img/	4 KB 4 KB	180ms 179ms	Image image/png	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://www.travelpayouts.com/powered_by/img/tp.png Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT last-modified Mon, 13 Nov 2023 11:56:56 GMT server nginx content-type image/png cache-control no-store, no-cache accept-ranges bytes x-robots-tag noindex content-length 3584 x-request-id 02d96f033d5cb3e7c2ef841265dea40b
GET H3	200	s.js Show response booking.intelliness.ca/cdn-cgi/zaraz/	6 KB 4 KB	192ms 191ms	Script text/javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQ2hlYXAlMjBIb3RlbHMlMkMlMjBGbGlnaHRzJTJDJTIwVmFjYXRpb25zJTIwJTI2JTIwVHJhdmVsJTIwRGVhbHMlMjIlMkMlMjJ4JTIyJTNBMC4wNTM1OTk5OTkzNzY1ODQ1NSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGYm9va2luZy5pbnRlbGxpbmVzcy5jYSUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBNDIwJTJDJTIycSUyMiUzQSU1QiU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMCUyMiUyQyUyMi0lMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q= Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dbea1984a684e6504e00491c49723b0faf0131889251d75b0c3ad13b85325d5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server cloudflare access-control-max-age 600 vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS access-control-allow-origin https://booking.intelliness.ca report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxgF1Zw5yb08MYyLTyDV40WxQNaUJxDxh8bCkTk13pP5pCEuokLLq%2B56ONY55sFA9yyrbBT4KNfqvIlQ8XsDhxBti2cu65omZTFZQjdtkZqwo6djbOBKHxLKI9Muban4EFyyFPNviVS0468wa%2Bz3fmE2Uf%2Bc"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 access-control-allow-credentials true x-robots-tag none access-control-allow-headers Content-Type, Set-Cookie, Cache-Control priority u=3,i=?0 cf-ray 875326775c6fa22f-YYZ
GET H/1.1	200 OK	city--1-min-min.jpg s3-us-west-2.amazonaws.com/s.cdpn.io/537051/	328 KB 328 KB	665ms 227ms	Image image/jpeg	52.218.217.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/s.cdpn.io/537051/city--1-min-min.jpg Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.218.217.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 6b7e9119bbec95526202f27b63274e7a2b41f8157484801cda64203d7d4b6d8e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 09:29:18 GMT x-amz-version-id null Last-Modified Thu, 06 Oct 2016 20:47:35 GMT Server AmazonS3 x-amz-request-id 60Q9KBE3666HN24M ETag "018e34eab255a3e7c3e0deebc13b055e" Content-Type image/jpeg Cache-Control public Accept-Ranges bytes Content-Length 335794 x-amz-id-2 PfqEbf/vqzDo1S3qlJN8Suyko7P71KzUsmmoRwB4iUnB3JtIiZ9LjGPLQ9BTzju+PTsbCGHHYlw=
GET H/1.1	200 OK	city--2-min-min.jpg s3-us-west-2.amazonaws.com/s.cdpn.io/537051/	392 KB 393 KB	610ms 167ms	Image image/jpeg	52.218.217.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/s.cdpn.io/537051/city--2-min-min.jpg Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.218.217.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 26aa1124d99ba8ca22c98f64d1edc3b0b793e32e140311b3abed8d085bd6a946 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 09:29:18 GMT x-amz-version-id null Last-Modified Thu, 06 Oct 2016 20:47:35 GMT Server AmazonS3 x-amz-request-id 60Q8ENTGWQ160DKS ETag "4487242e6de403e26440d576b45c2c69" Content-Type image/jpeg Cache-Control public Accept-Ranges bytes Content-Length 401863 x-amz-id-2 sO9OKHiMozS/8OAOdYU4Ic7Rr2NAHNVMmTLkpH/Hwtc3ZvWRSfgFquexFmwQ2NV7JX+LayZIZR4=
GET H/1.1	200 OK	city--3-min-min.jpg s3-us-west-2.amazonaws.com/s.cdpn.io/537051/	407 KB 408 KB	163ms 162ms	Image image/jpeg	52.218.217.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/s.cdpn.io/537051/city--3-min-min.jpg Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.218.217.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 22bfa400a0c4482b7ef304a7d262226524e2b7dce4a0578177f97d2e91fc9f2f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 09:29:20 GMT x-amz-version-id null Last-Modified Thu, 06 Oct 2016 20:47:35 GMT Server AmazonS3 x-amz-request-id 2M6D63D9ZKVJKCAC ETag "f3e91d4f49503942ff8756e6b5303bc4" Content-Type image/jpeg Cache-Control public Accept-Ranges bytes Content-Length 416904 x-amz-id-2 crmac6KC+WttUpsRrugwBsgIFKuZw2OQk2tmgyq978n9GrQRNoVha4m2vFGaEowOc3zFFh5Dm/U=
GET H/1.1	200 OK	city--4-min-min.jpg s3-us-west-2.amazonaws.com/s.cdpn.io/537051/	397 KB 397 KB	162ms 161ms	Image image/jpeg	52.218.217.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/s.cdpn.io/537051/city--4-min-min.jpg Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.218.217.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash d493a6f835a5404f071cc545081902975ccae7f3fec63355685952c8c7beac7e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 09:29:20 GMT x-amz-version-id null Last-Modified Thu, 06 Oct 2016 20:47:35 GMT Server AmazonS3 x-amz-request-id 2M6FKNRG7FW7757H ETag "486d751e54129aa67bda1aa01c3e8b61" Content-Type image/jpeg Cache-Control public Accept-Ranges bytes Content-Length 406624 x-amz-id-2 mvYtg6VAmHVza5f32RcMM8mCzgiD2MVhdVSl1iNlFjK4yT1dAOemdlZmVapW7VIC1/3XCAiIiIY=
GET H/1.1	200 OK	city--5-min-min.jpg s3-us-west-2.amazonaws.com/s.cdpn.io/537051/	491 KB 492 KB	207ms 164ms	Image image/jpeg	52.218.217.80 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-us-west-2.amazonaws.com/s.cdpn.io/537051/city--5-min-min.jpg Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.218.217.80 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 8daf7e3980df661e0443ef781f7c63b002e75ad36720bf0963f0428ac74fa3aa Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 16 Apr 2024 09:29:20 GMT x-amz-version-id null Last-Modified Thu, 06 Oct 2016 20:47:35 GMT Server AmazonS3 x-amz-request-id 2M6D7GXKCSNDVWS5 ETag "48a5fe54a6d6aa160ce4e3498a274bde" Content-Type image/jpeg Cache-Control public Accept-Ranges bytes Content-Length 503015 x-amz-id-2 TqtRoa9n/lNGaxpUCckmpMRIlxiw3O4HyOv44/uPegO0i+UM2HZ373v/wCeWTrq/3tuGRvnRxaA=
GET DATA	200 OK	truncated /	348 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0cd533223411d5bab615e57af6eab20ecd15e20bc76f12487a38c0daf82e54cc Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
POST H3	204	collect www.google-analytics.com/g/	0 17 B	114ms 112ms	Ping text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-6C1GFWKMT9&gtm=45je44f0v893968163z878526466za200&_p=1713259755192&gcd=13l3l3l3l1&npa=0&dma=0&cid=705404818.1713259757&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713259757&sct=1&seg=0&dl=https%3A%2F%2Fbooking.intelliness.ca%2F&dt=Cheap%20Hotels%2C%20Flights%2C%20Vacations%20%26%20Travel%20Deals&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2701 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-6C1GFWKMT9&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:20 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.intelliness.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	normal.woff2 booking.intelliness.ca/cf-fonts/s/open-sans/5.0.20/latin/600/	18 KB 19 KB	115ms 115ms	Font application/octet-stream	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/cf-fonts/s/open-sans/5.0.20/latin/600/normal.woff2 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stUt4Gev8fRA1ZdzY8tgPpUycu5ZSDR%2B7c2iieIidOfoX7Bom2IZ%2FY0dA%2BUK43nC1qOWa4a0g3LkUrjw65yMQW7YGekscmm5jJKTK1TxwTqdy1G4IT0oQkVuFzPyrOBH%2BLaYApmglzxkXHCFwHqCTv95gA9R"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 8753266bcb2ba22f-YYZ alt-svc h3=":443"; ma=86400 content-length 18628 priority u=0,i=?0
GET H2	200	main.a0e182f6.js Show response emrld.cc/	107 KB 36 KB	883ms 425ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://emrld.cc/main.a0e182f6.js Requested by Host: emrld.cc URL: https://emrld.cc/MzA4NjM2.js?t=308636 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 3698b9759a3dec1692ad2106d92a5b9b125b59d7a87fff22768c9807610e4a6d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable x-robots-tag noindex x-request-id 6d7d1fb459d8d17f387aa373450eb1a8
GET H2	200	link-switcher.js Show response emrld.cc/	3 KB 1 KB	223ms 222ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://emrld.cc/link-switcher.js?trace_id=Zz36d1d69507644c3fabf940f-467064 Requested by Host: emrld.cc URL: https://emrld.cc/MzA4NjM2.js?t=308636 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash ab93733381ce87cbca73d048c757f6ba8b5f14b8dacdd7ce62b1a50cd24acf1d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-robots-tag noindex content-length 1150 x-request-id eb08a3f02920dd554b26d8073e6d8a37
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 276 B	180ms 180ms	Image text/plain	188.42.198.44 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-04-16T09%3A29%3A17.692Z&mamka_attempts=1 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
GET H2	200	chunk.56900d8d.js Show response tp-em.com/	78 KB 25 KB	253ms 253ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tp-em.com/chunk.56900d8d.js Requested by Host: tp-em.com URL: https://tp-em.com/main.a0e182f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 8397d8d2a6e76f0ba836a1327983bd942cc5b7463694bb0a274ca38033d447eb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://tp-em.com/main.a0e182f6.js Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable x-robots-tag noindex x-request-id 41d0b8f2ec070eee72451e18ed4bd2e3
GET H2	200	css2 fonts.googleapis.com/	2 KB 720 B	139ms 139ms	Stylesheet text/css	2607:f8b0:4004:c06::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400..600&family=Roboto:wght@400..600&display=swap Requested by Host: tp-em.com URL: https://tp-em.com/main.a0e182f6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 754d88bd0efb35e3ce2fbca299686c8f5e1c1646251b1e00288c47c385e1ea64 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 16 Apr 2024 09:29:17 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 16 Apr 2024 09:20:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 16 Apr 2024 09:29:17 GMT
GET H2	200	config Show response tp-em.com/	366 B 288 B	220ms 220ms	Fetch application/json	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tp-em.com/config?page_url=https%3A%2F%2Fbooking.intelliness.ca%2F&marker=467064&trs=308636 Requested by Host: tp-em.com URL: https://tp-em.com/main.a0e182f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash bc28ede16e7c60a21c01347adb920d4e14eaafbde25c419c0a212ec38e910c43 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:17 GMT content-encoding br server nginx vary Accept-Encoding content-type application/json access-control-allow-origin * content-length 130 x-request-id e8516f508285f1105ed01d2050ea8604
POST H2	204	collect tp-em.com/	0 0	219ms 219ms	Fetch	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://tp-em.com/collect Requested by Host: tp-em.com URL: https://tp-em.com/main.a0e182f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 16 Apr 2024 09:29:18 GMT server nginx allow POST, OPTIONS x-request-id 8600007f2d848bd15e7acecba31cc385
GET BLOB	200 OK	87825d0c-744e-4148-a5d3-850e936561d7 https://booking.intelliness.ca/	199 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://booking.intelliness.ca/87825d0c-744e-4148-a5d3-850e936561d7 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6a2d3b6a566e15e522724189232d367eedd027bf18bf4879d74cbbef87ae188a Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Length 199 Content-Type text/javascript;charset=utf-8
GET H2	200	chunk.56900d8d.js Show response emrld.cc/	78 KB 25 KB	213ms 213ms	Script application/javascript	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://emrld.cc/chunk.56900d8d.js Requested by Host: emrld.cc URL: https://emrld.cc/main.a0e182f6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 8397d8d2a6e76f0ba836a1327983bd942cc5b7463694bb0a274ca38033d447eb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://emrld.cc/main.a0e182f6.js Origin https://booking.intelliness.ca Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT content-encoding br server nginx vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable x-robots-tag noindex x-request-id c0e0c0de3234657dd822655b72ca9e69
GET H2	200	config Show response emrld.cc/	366 B 289 B	341ms 341ms	Fetch application/json	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://emrld.cc/config?page_url=https%3A%2F%2Fbooking.intelliness.ca%2F&marker=467064&trs=308636 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash bc28ede16e7c60a21c01347adb920d4e14eaafbde25c419c0a212ec38e910c43 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT content-encoding br server nginx vary Accept-Encoding content-type application/json access-control-allow-origin * content-length 130 x-request-id 95e2e7c7a2e4d931f6068620ca52df95
POST H2	204	collect emrld.cc/	0 0	304ms 303ms	Fetch	188.42.198.252 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://emrld.cc/collect Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.252 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 16 Apr 2024 09:29:18 GMT server nginx allow POST, OPTIONS x-request-id 1181a845b90cf4f530d474a82a397da8
GET BLOB	200 OK	ae09f82d-c621-4148-8af9-f4134757edbe https://booking.intelliness.ca/	199 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://booking.intelliness.ca/ae09f82d-c621-4148-8af9-f4134757edbe Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6a2d3b6a566e15e522724189232d367eedd027bf18bf4879d74cbbef87ae188a Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Length 199 Content-Type text/javascript;charset=utf-8
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 226 B	115ms 115ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1537098781&t=pageview&_s=1&dl=https%3A%2F%2Fbooking.intelliness.ca%2F&ul=en-ca&de=UTF-8&dt=Cheap%20Hotels%2C%20Flights%2C%20Vacations%20%26%20Travel%20Deals&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2031496684&gjid=818573604&cid=705404818.1713259757&tid=UA-70090146-9&_gid=1578955428.1713259759&_r=1&_slc=1&gtm=45He44f0n81M47KB56v78526466za200&gcd=13l3l3l3l1&dma=0&z=1750681358 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 478e24551e2c62c09dad71685f8ffcb22a0e3d6d3d4d4274d4a6b337b56189fc Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.intelliness.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	convert api.travelpayouts.com/link-switch/v1/ Frame	0 0	288ms 283ms	Preflight application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://api.travelpayouts.com/link-switch/v1/convert?location=https%3A%2F%2Fbooking.intelliness.ca%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-affiliate-marker Access-Control-Request-Method POST Origin https://booking.intelliness.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers accept application/json access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods GET, POST, PUT, OPTIONS access-control-allow-origin * content-length 4 content-type application/json; charset=utf-8 date Tue, 16 Apr 2024 09:29:18 GMT server nginx x-request-id 55c2af269ddf3570af74e463cf378e59 x-robots-tag noindex
OPTIONS H2	200	convert api.travelpayouts.com/link-switch/v1/ Frame	0 0	182ms 177ms	Preflight application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://api.travelpayouts.com/link-switch/v1/convert?location=https%3A%2F%2Fbooking.intelliness.ca%2F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-affiliate-marker Access-Control-Request-Method POST Origin https://booking.intelliness.ca Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers accept application/json access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods GET, POST, PUT, OPTIONS access-control-allow-origin * content-length 4 content-type application/json; charset=utf-8 date Tue, 16 Apr 2024 09:29:18 GMT server nginx x-request-id a18794b8eb1e03eb3d995af7d46d1f0d x-robots-tag noindex
POST H2	200	convert Show response api.travelpayouts.com/link-switch/v1/	14 B 280 B	215ms 215ms	Fetch application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://api.travelpayouts.com/link-switch/v1/convert?location=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 03b7df9e792f71647a3f207087e8734dd21031c57048e10f9ced4b5ac04e32f4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 X-Affiliate-Marker 467064 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Referer https://booking.intelliness.ca/ sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT server nginx access-control-allow-methods GET, POST, PUT, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * accept application/json access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers * content-length 14 x-request-id ed180f7615c62c5cde3c9b187b01d60c
POST H2	200	convert Show response api.travelpayouts.com/link-switch/v1/	14 B 280 B	252ms 252ms	Fetch application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://api.travelpayouts.com/link-switch/v1/convert?location=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 03b7df9e792f71647a3f207087e8734dd21031c57048e10f9ced4b5ac04e32f4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 X-Affiliate-Marker 467064 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Referer https://booking.intelliness.ca/ sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:18 GMT server nginx access-control-allow-methods GET, POST, PUT, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * accept application/json access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers * content-length 14 x-request-id 52e2d3289b9802ef8c3859520be15920
GET H3	200	styles.css booking.intelliness.ca/mewtwo/	167 KB 16 KB	444ms 443ms	Stylesheet text/css	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/mewtwo/styles.css Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-request-id e843db62cb622a3fad8513eabc8d7e92 last-modified Tuesday, 16-Apr-2024 09:29:18 UTC server cloudflare etag W/"6548cf09-29ce6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9lSYcz2kf7xEA3kgCvAuaQG8A5tBOgHVgheiMxzRVj6HjtWhUxGqKKu10MOkXS2r6u3uD4Jcd8rOeMKNIcu38RFUV9XO7QfsEPp3Z84L1Ls64pcrsDHCR9JW7nLuu3Pn6oOLGVK24uoQJ2pA2QfaMHzvo7A"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 875326748a2ba22f-YYZ priority u=0,i=?0 expires Tue, 16 Apr 2024 09:59:18 GMT
GET H3	200	whitelabel_en.js Show response booking.intelliness.ca/widgets_static/	309 KB 57 KB	507ms 507ms	Script application/javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/widgets_static/whitelabel_en.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e52b29ccac7ffce1e5f4d5dd23f016d2dfd9080830d83f1c227cfa69f56e1438 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-request-id c8f7d326fb93d5a6cee783a7ae9b7343 last-modified Tuesday, 16-Apr-2024 09:29:18 UTC server cloudflare etag W/"6548cf0c-4d278" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4INrHuzxwYqlqbTbLsplGTZ153RAbvni4xIWMhs%2BVhooCaWIv6boj51AhRxs%2FAyS8j4Q3VV%2FryCrO4SNFpgYT27EdazSb%2FEiOncH%2BnjuLOua3pYBKme%2FxpIOC6TLOn%2Fe4c7CJ1noNmfSKgFrF%2FMWfMuuT2zP"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 cf-ray 875326748a2ca22f-YYZ priority u=1,i=?0 expires Tue, 16 Apr 2024 09:59:18 GMT
GET H2	200	j.gif avsplow.com/a/ Redirect Chain https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2... https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5bf73eaa...	43 B 388 B	174ms 173ms	Image image/gif	185.106.81.236 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5bf73eaa53144db9ba74c0c-467064%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Server 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers date Tue, 16 Apr 2024 09:29:20 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO" access-control-allow-origin * content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 43 Redirect headers date Tue, 16 Apr 2024 09:29:20 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO" location https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%22whitelabel_en%22,%22trace_id%22:%22Zz5bf73eaa53144db9ba74c0c-467064%22,%22promo_id%22:%224238%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 353 B	630ms 205ms	XHR text/plain	2607:f8b0:4004:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-70090146-9&cid=705404818.1713259757&jid=2031496684&gjid=818573604&_gid=1578955428.1713259759&_u=YADAAEAAAAAAACAAI~&z=1907530864 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 16 Apr 2024 09:29:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.intelliness.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	262 KB 91 KB	131ms 130ms	Script application/javascript	2607:f8b0:4004:c1f::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 08b376739b190d2f28ac3977932db60714ccf3e4158e15fe7c9f46c9c7c3d03e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93381 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 16 Apr 2024 09:29:19 GMT
GET H2	200	/ www.tiqets.com/widgets/discovery/ Frame 3249 Redirect Chain https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=14c2f1fa3bab4f8da0f8a8fb7-467064&destinationType=city&language=en&currency=USD&cityId=260932&cardsLayout=responsive&wid... https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=14c2f1fa3bab4f8da0f8a8fb7-467064&destinationType=city&language=en&currency=USD&cityId=260932&cardsLayout=responsive&wi...	0 0	931ms 930ms	Document text/html	2600:9000:21dd:9c00:12:ff18:1880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=14c2f1fa3bab4f8da0f8a8fb7-467064&destinationType=city&language=en&currency=USD&cityId=260932&cardsLayout=responsive&widgetIndex=0&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: widgets.tiqets.com URL: https://widgets.tiqets.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:9c00:12:ff18:1880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:20 GMT strict-transport-security max-age=15724800 vary Accept-Encoding via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id JCHIVHqB02Gx4BlL-pVp40EYS6_jUkI0TNxsJTL7He-h_o6MeBU_QQ== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront x-robots-tag noindex, nofollow Redirect headers alt-svc h3=":443"; ma=86400 content-length 945 content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:19 GMT location https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=14c2f1fa3bab4f8da0f8a8fb7-467064&destinationType=city&language=en&currency=USD&cityId=260932&cardsLayout=responsive&widgetIndex=0&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F strict-transport-security max-age=15724800 via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id BbiFb1xcZ2H2gYpbfe5qELMOscE1J02qZb2I50H8t_qDkgeRXlyQLg== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront
GET H2	200	/ www.tiqets.com/widgets/discovery/ Frame 804A Redirect Chain https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=debc6c56315d4100ab0f382ad-467064&destinationType=city&language=en&currency=USD&cityId=67458&cardsLayout=responsive&widg... https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=debc6c56315d4100ab0f382ad-467064&destinationType=city&language=en&currency=USD&cityId=67458&cardsLayout=responsive&wid...	0 0	389ms 388ms	Document text/html	2600:9000:21dd:9c00:12:ff18:1880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=debc6c56315d4100ab0f382ad-467064&destinationType=city&language=en&currency=USD&cityId=67458&cardsLayout=responsive&widgetIndex=1&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: widgets.tiqets.com URL: https://widgets.tiqets.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:9c00:12:ff18:1880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:19 GMT strict-transport-security max-age=15724800 vary Accept-Encoding via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id 1jVBvQfSCUWrSGUsOqeVTXLf6Ar91dYZrO3Jco-OVhYe9B-fZYUU6A== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront x-robots-tag noindex, nofollow Redirect headers alt-svc h3=":443"; ma=86400 content-length 943 content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:19 GMT location https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=debc6c56315d4100ab0f382ad-467064&destinationType=city&language=en&currency=USD&cityId=67458&cardsLayout=responsive&widgetIndex=1&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F strict-transport-security max-age=15724800 via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id nSWxMdC6MLZKWPmo6AmR8w1D_HY4VsDWucfoipjT7L-xOCPGEbOdFw== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront
GET H2	200	/ www.tiqets.com/widgets/discovery/ Frame 4AA0 Redirect Chain https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=89d3b5f3ce944eadb2a389391-467064&destinationType=city&language=en&currency=USD&cityId=60005&cardsLayout=responsive&widg... https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=89d3b5f3ce944eadb2a389391-467064&destinationType=city&language=en&currency=USD&cityId=60005&cardsLayout=responsive&wid...	0 0	306ms 306ms	Document text/html	2600:9000:21dd:9c00:12:ff18:1880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=89d3b5f3ce944eadb2a389391-467064&destinationType=city&language=en&currency=USD&cityId=60005&cardsLayout=responsive&widgetIndex=2&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: widgets.tiqets.com URL: https://widgets.tiqets.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:9c00:12:ff18:1880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:19 GMT strict-transport-security max-age=15724800 vary Accept-Encoding via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id DVkBQyDgQGZp4pT1JsMQLh487YLHj5ATAyDHzhR5oykZQhD9UrruUg== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront x-robots-tag noindex, nofollow Redirect headers alt-svc h3=":443"; ma=86400 content-length 943 content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:19 GMT location https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=89d3b5f3ce944eadb2a389391-467064&destinationType=city&language=en&currency=USD&cityId=60005&cardsLayout=responsive&widgetIndex=2&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F strict-transport-security max-age=15724800 via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id RoRDW-uLoPq8dm4mTJO8j1gtLjwLcbpDS-vR_lq4TmORVI7nIztMTg== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront
GET H2	200	/ www.tiqets.com/widgets/discovery/ Frame C437 Redirect Chain https://www.tiqets.com/widgets/discovery?partner=travelpayouts.com&tqCampaign=779bfd68526b4817aaff6f8d1-467064&destinationType=city&language=en&currency=USD&cityId=79079&cardsLayout=responsive&widg... https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=779bfd68526b4817aaff6f8d1-467064&destinationType=city&language=en&currency=USD&cityId=79079&cardsLayout=responsive&wid...	0 0	519ms 519ms	Document text/html	2600:9000:21dd:9c00:12:ff18:1880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=779bfd68526b4817aaff6f8d1-467064&destinationType=city&language=en&currency=USD&cityId=79079&cardsLayout=responsive&widgetIndex=3&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: widgets.tiqets.com URL: https://widgets.tiqets.com/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21dd:9c00:12:ff18:1880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 content-encoding gzip content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:20 GMT strict-transport-security max-age=15724800 vary Accept-Encoding via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id 15ehQCutE1b8qiKMUXAnPNcI6MUzBJYzROipS2coa4HEBq5qN3Av9g== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront x-robots-tag noindex, nofollow Redirect headers alt-svc h3=":443"; ma=86400 content-length 943 content-type text/html; charset=utf-8 date Tue, 16 Apr 2024 09:29:19 GMT location https://www.tiqets.com/widgets/discovery/?partner=travelpayouts.com&tqCampaign=779bfd68526b4817aaff6f8d1-467064&destinationType=city&language=en&currency=USD&cityId=79079&cardsLayout=responsive&widgetIndex=3&altVi=0&altGyg=1&itemCount=8&tiqetsVf=DiscoveryWidget_pHzZ30ULb0sfY9PFW_v59&origin=https%3A%2F%2Fbooking.intelliness.ca%2F strict-transport-security max-age=15724800 via 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront) x-amz-cf-id G2Nx9L660gj4eo1bujbkP4GaLMeUVtq5bfekjhb5I3y68Ue_ExqM9g== x-amz-cf-pop EWR53-C2 x-cache Miss from cloudfront
GET H3	200	styles.css booking.intelliness.ca/mewtwo/	167 KB 16 KB	339ms 338ms	Stylesheet text/css	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/mewtwo/styles.css?v=002 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/widgets_static/whitelabel_en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-request-id b5c1bda3baf6e70d930b02c6db6a607e last-modified Tuesday, 16-Apr-2024 09:29:19 UTC server cloudflare etag W/"6548cf09-29ce6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crkx7%2BVnlKkC3CfQoLpSAR3RmyTAxDkyaeSdytF5vZqGHOcxpLFAQxNlKmUIK9pB29yhpgjO9GlTQeWd%2BJ21p%2BXksIhgHqbTlSYL%2B328u1fuLPagUV%2BEIFtomO5k9VyIQhnnXLPRqUhXxXq2RNwLxTRduLdn"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 875326789d60a22f-YYZ priority u=0,i=?0 expires Tue, 16 Apr 2024 09:59:19 GMT
GET H3	200	whereami Show response booking.intelliness.ca/	124 B 646 B	325ms 324ms	Script application/x-javascript	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/whereami?locale=en&callback=mewtwoForms.geoIPSetter.lang_en Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/widgets_static/whitelabel_en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09bb678b8050d79c9165ac3ac9060c58eb436092da00594fa15e66c4ae577354 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kINYb64UgW8eVsjW3JHUug6toF8ZKXWjodwZfCABZ3TB9diRPRN9VrZix%2BW0gKcFMrdt2gIHOOmGJTXfEN8iIZ535SQJ%2BRtmBKrhNShFXEgWzIy516YDUGcE34%2FrwaCdZRW9%2FSEboiW6qyi7W%2B9D9BEbF7xK"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cf-ray 8753267aef04a22f-YYZ alt-svc h3=":443"; ma=86400 priority u=3,i=?0 x-request-id f648619f665d176f01397b43a6e6df99, f648619f665d176f01397b43a6e6df99
GET H2	200	places2 Show response autocomplete.travelpayouts.com/	2 KB 973 B	219ms 213ms	XHR application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://autocomplete.travelpayouts.com/places2?term=ONT&locale=en&types[]=city&types[]=airport&max=7 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c65dc5c8ee3f78704b8c7355df74058e434eeee8738a063dddd2e52edb380dc6 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding gzip via 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront) age 832 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 521 x-request-id cf1d2173b67622e7ce45e871097832e6 server nginx vary Origin,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30, s-maxage=86400, stale-if-error=60, stale-while-revalidate=30 access-control-allow-headers * x-amz-cf-id 2LWnEMLyA0ZppgIb0NkgakN6xD2bDf4mc93rSihnZ4Skfkn_DduI3w==
GET H2	200	places2 Show response autocomplete.travelpayouts.com/	2 KB 1 KB	248ms 243ms	XHR application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://autocomplete.travelpayouts.com/places2?term=NYC&locale=en&types[]=city&types[]=airport&max=7 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 0e2719f198746021f2f5a4987c1876f3a37773007b6b8832267add8b928608da Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding gzip via 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront) age 832 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 660 x-request-id 6f3f3032366347cd6eed741eeab66f59 server nginx vary Origin,Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30, s-maxage=86400, stale-if-error=60, stale-while-revalidate=30 access-control-allow-headers * x-amz-cf-id RA8kaSDwmYqjSWdNbwfyKLL44T-9Vh41UCzoO_4s1nNvrmyd0fMowg==
GET H2	200	powered_by.js Show response travelpayouts.com/powered_by/	40 KB 14 KB	210ms 209ms	Script application/javascript	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://travelpayouts.com/powered_by/powered_by.js Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/widgets_static/whitelabel_en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 1da316975270755e27f6558b9a5f979d30e6e981d98354c84f171e59bb2b55fc Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT content-encoding br last-modified Mon, 13 Nov 2023 11:56:56 GMT server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control no-store, no-cache x-robots-tag noindex x-request-id f569e50d25b4fda27881422bd82da689
GET H2	200	tp_white.png www.travelpayouts.com/powered_by/img/	3 KB 3 KB	180ms 179ms	Image image/png	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://www.travelpayouts.com/powered_by/img/tp_white.png Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2b987833855741a74ca43f6003d83d784ed04ff8a496ea912ea48a1433f87f84 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT last-modified Thu, 23 Nov 2023 12:39:16 GMT server nginx content-type image/png cache-control no-store, no-cache accept-ranges bytes x-robots-tag noindex content-length 2672 x-request-id 3f0af6a96a290c4fb5c6df2d707ae1b2
POST H2	200	convert Show response api.travelpayouts.com/link-switch/v1/	14 B 280 B	312ms 311ms	Fetch application/json	172.255.224.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://api.travelpayouts.com/link-switch/v1/convert?location=https%3A%2F%2Fbooking.intelliness.ca%2F Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 03b7df9e792f71647a3f207087e8734dd21031c57048e10f9ced4b5ac04e32f4 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 X-Affiliate-Marker 467064 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Referer https://booking.intelliness.ca/ sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:19 GMT server nginx access-control-allow-methods GET, POST, PUT, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * accept application/json access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers * content-length 14 x-request-id 40633e6e4895e2f352a14f34e4e26076
POST H2	204	collect Show response stats.g.doubleclick.net/g/	0 56 B	139ms 138ms	XHR text/plain	2607:f8b0:4004:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-306529404&cid=f2ffb769-726a-400e-b509-619d152790f4&_u=KGDAAEADQAAAAC%7E&z=223574606 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.intelliness.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 0	545ms 126ms	Fetch image/gif	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-306529404&cid=f2ffb769-726a-400e-b509-619d152790f4&_u=KGDAAEADQAAAAC%7E&z=223574606&slf_rd=1 Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin https://booking.intelliness.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	539ms 124ms	Image image/gif	2607:f8b0:4004:c06::93 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70090146-9&cid=705404818.1713259757&jid=2031496684&_u=YADAAEAAAAAAACAAI~&z=479465148 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::93 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	559ms 133ms	Image image/gif	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-70090146-9&cid=705404818.1713259757&jid=2031496684&_u=YADAAEAAAAAAACAAI~&z=479465148 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	611 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ada9bbc8b55dce25949582537d3d8e6dc668ca772846f867c4c65d7746a64553 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	381 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 96fdb53e3da2403d564486a97b3a5a510bdaa5817e28ebdf69468ca82dd2eab6 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	129 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c142f2fab39527c1b3c9c2752f3e16864e341b9dc594df45f1939f739a791a5 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	903 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c68573d57af2167a699c645236af00bf91e103bca25e851b7e6245605fdcacda Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	196 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8b07169adb5265b1f2475ebfd8d8d9b28b2eee9a283a263be746a484384d1ad7 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
POST		collect analytics.google.com/g/	0 0
POST H3	204	collect stats.g.doubleclick.net/g/	0 17 B	120ms 120ms	Ping text/plain	2607:f8b0:4004:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1HXW6H26GB&cid=705404818.1713259757&gtm=45je44f0v9126237212za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1HXW6H26GB&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:20 GMT server Golfe2 content-type text/plain access-control-allow-origin https://booking.intelliness.ca cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	451ms 133ms	Image image/gif	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1HXW6H26GB&cid=705404818.1713259757&gtm=45je44f0v9126237212za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&z=1157254189 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 16 Apr 2024 09:29:20 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 276 B	180ms 180ms	Image text/plain	188.42.198.44 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-04-16T09%3A29%3A20.136Z&mamka_attempts=2 Requested by Host: booking.intelliness.ca URL: https://booking.intelliness.ca/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:20 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
POST H3	204	rum Show response booking.intelliness.ca/cdn-cgi/	0 145 B	99ms 98ms	XHR text/plain	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://booking.intelliness.ca/cdn-cgi/rum? Requested by Host: tp-em.com URL: https://tp-em.com/chunk.56900d8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 content-type application/json Response headers date Tue, 16 Apr 2024 09:29:22 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://booking.intelliness.ca x-frame-options DENY access-control-allow-credentials true cf-ray 8753268d4ce1a22f-YYZ
GET H3	200	cropped-big-icon.png intelliness.ca/wp-content/uploads/2024/03/	43 KB 44 KB	258ms 257ms	Other image/png	2606:4700:3030::6815:3e60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intelliness.ca/wp-content/uploads/2024/03/cropped-big-icon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::6815:3e60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1647a2a189c977a6c414fa1bf3cfdc893abdddf2d279189c4aac4239ed9ac3a2 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:22 GMT cf-cache-status MISS last-modified Mon, 04 Mar 2024 03:24:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "822fbd-ad27-612cd4411313a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBwf%2B7PbMVVWfC6Fd43m9JnDYTT0P%2FzAlLA6DWVFLKaJkfOmvFAYyNTDqGQplhBvelma8iWgcY3NrNgtS8C0CNKtZO8dfa%2FKq%2FX8OGVsX1f9RQGkTrgPIGF%2BG1TmRkClAYkqVanc4%2FOc0UDMgw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8753268d4b1c369c-YYZ alt-svc h3=":443"; ma=86400 content-length 44327 priority u=1,i
GET H2	200	set mamka.aviasales.ru/third_party_cookies/	0 276 B	184ms 179ms	Image text/plain	188.42.198.44 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://mamka.aviasales.ru/third_party_cookies/set?mamka_version=0.0.13&mamka_utc_datetime=2024-04-16T09%3A29%3A22.818Z&mamka_attempts=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.198.44 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://booking.intelliness.ca/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 16 Apr 2024 09:29:22 GMT server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type text/plain charset=UTF-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 0
GET H2	200	activities.frame widget.getyourguide.com/default/ Frame 8D40	0 0	1237ms 899ms	Document text/html	2606:4700:4400::6812:2262 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.getyourguide.com/default/activities.frame?sha=4318d3c0-058a-53e1-a179-be06b4322306&locale_code=en-US&widget=activities&number_of_items=8&partner_id=V4JB12M&widget_created=1713259763175&host_font_family=Arial%2C%20sans-serif&website=https%3A%2F%2Fbooking.intelliness.ca%2F&visitor_id=58CD9BB326D4480FBA1A6440F94A09CB Requested by Host: widget.getyourguide.com URL: https://widget.getyourguide.com/pw/latest/client-loader/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2262 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://booking.intelliness.ca/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control private cf-cache-status DYNAMIC cf-ray 875326944d003a00-YYZ content-encoding br content-security-policy default-src 'self'; script-src 'self' 'sha256-C+MFT9uMJPIBROzgRJWxmbJwinQwPQcN4v02Ao5gdvA=' 'sha256-ye56Ygssi7+/97rT6VWWDR9vrRVD2yo2O1+J+kEv/0Y=' 'sha256-wNXVXjDcN+jq6b+wDVEO7vmRjRuKMgbFD6ygaSW4Ckk=' 'sha256-dgRdhO0l3b8wc+M/BFd4VHSrjqBLaZS7EAnZGOM5+6c=' https://cdn.getyourguide.com https://static.cloudflareinsights.com https://challenges.cloudflare.com https://widget.getyourguide.com; style-src 'self' 'unsafe-inline' https://cdn.getyourguide.com https://fonts.googleapis.com data:; img-src 'self' https://cdn.getyourguide.com https://api.maptiler.com data:; font-src 'self' https://cdn.getyourguide.com https://cdn.ek.aero/shared/fonts/emirates/* https://fonts.gstatic.com https://fonts.googleapis.com data:; connect-src 'self' *.getyourguide.com *.gygtest.com; frame-src 'self' https://widget.getyourguide.com/ https://challenges.cloudflare.com content-type text/html date Tue, 16 Apr 2024 09:29:24 GMT nel {"success_fraction":0.02,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtiuKUrlf%2BUyGRUIC831jmb4LUhulMbJyRV25oowT%2B%2BjBe9V2r5Vy7xhZmqABKgzyAPy3HkUW%2F%2BVIvslcSe0uzhflDMEopKRUHXF6PBI0O1h4Yh%2Fhzyd7EB905FOBF3%2BWozojqNTgDFxxGySSif4T2ZCo7w2"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff x-envoy-upstream-service-time 681 x-powered-by Express x-request-id 2a14e459-c17f-9312-957b-40f5f301c2f3 x-xss-protection 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-0H44P503KY

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-0H44P503KY&l=dataLayer&cx=c

Domain

analytics.google.com

URL

https://analytics.google.com/g/collect?v=2&tid=G-1HXW6H26GB&gtm=45je44f0v9126237212za200&_p=1713259755192&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-ca&sr=1600x1200&cid=705404818.1713259757&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fbooking.intelliness.ca%2F&dt=Cheap%20Hotels%2C%20Flights%2C%20Vacations%20%26%20Travel%20Deals&sid=1713259760&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5665