www.executivetraveller.com Open in urlscan Pro
104.22.29.127 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.executivetraveller.com/
Effective URL:
https://www.executivetraveller.com/
Submission: On October 23 via api (October 23rd 2021, 5:16:50 pm UTC) from QA — Scanned from DE

Summary HTTP 67 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 17 domains to perform 67 HTTP transactions. The main IP is 104.22.29.127, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.executivetraveller.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time www.executivetraveller.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	104.22.29.127 104.22.29.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
2	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.16.186.58 2.16.186.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
1	2.16.186.19 2.16.186.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.160.16 104.16.160.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	198.145.13.14 198.145.13.14	2044 (DF-PTL01) (DF-PTL01)
6	13.32.121.100 13.32.121.100	16509 (AMAZON-02) (AMAZON-02)
1 1	104.21.192.118 104.21.192.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.70.134 172.67.70.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	104.26.3.70 104.26.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
1	52.222.214.91 52.222.214.91	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1	18.66.97.22 18.66.97.22	16509 (AMAZON-02) (AMAZON-02)
67	24

23 104.22.29.127 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.executivetraveller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.136 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.87.20 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.58 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-58.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com

cdn.publift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.160.16 (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.14 (United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.121.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-100.fra60.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.192.118 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

publift-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.70 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-91.fra56.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.22 (United States)

ASN16509 (AMAZON-02, US)

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	executivetraveller.com 1 redirects www.executivetraveller.com	692 KB
8	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	279 KB
8	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net	155 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	180 KB
4	typekit.net use.typekit.net	112 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	btloader.com btloader.com api.btloader.com	8 KB
2	google.com adservice.google.com www.google.com	2 KB
2	getclicky.com static.getclicky.com in.getclicky.com	6 KB
2	jsdelivr.net cdn.jsdelivr.net	10 KB
1	ad-delivery.net ad-delivery.net	928 B
1	videoplayerhub.com 1 redirects publift-com.videoplayerhub.com	525 B
1	googleadservices.com partner.googleadservices.com	615 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	publift.com cdn.publift.com	32 KB
1	cloudflare.com cdnjs.cloudflare.com	340 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
67	17

	Domain	Requested by
23	www.executivetraveller.com	1 redirects www.executivetraveller.com static.cloudflareinsights.com
6	quantcast.mgr.consensu.org	cdn.publift.com quantcast.mgr.consensu.org
6	pagead2.googlesyndication.com	www.executivetraveller.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	use.typekit.net	www.executivetraveller.com
3	securepubads.g.doubleclick.net	cdn.publift.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cdn.jsdelivr.net	www.executivetraveller.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.com	tpc.googlesyndication.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	api.btloader.com	publift-com.videoplayerhub.com
1	ad-delivery.net	www.executivetraveller.com
1	ad.doubleclick.net	www.executivetraveller.com
1	btloader.com	www.executivetraveller.com
1	publift-com.videoplayerhub.com	1 redirects
1	in.getclicky.com	static.getclicky.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	www.executivetraveller.com
1	static.getclicky.com	www.executivetraveller.com
1	cdn.publift.com	www.executivetraveller.com
1	cdnjs.cloudflare.com	www.executivetraveller.com
1	www.googletagmanager.com	www.executivetraveller.com
67	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
cdn.fuseplatform.net R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.executivetraveller.com/
Frame ID: CD5E85A4424DF8AF9D9319032C3BE951
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 4C3768CB25141F20ACB9D75F27E058BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655481952161096&output=html&adk=1812271804&adf=3025194257&lmt=1635009401&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.executivetraveller.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635009401006&bpp=4&bdt=214&idt=183&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3674523186432&frm=20&pv=2&ga_vid=50261308.1635009401&ga_sid=1635009401&ga_hid=1803815203&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062524&oid=2&pvsid=2009848526035985&pem=669&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=206
Frame ID: 7EFEE08546385AF5E9251AE5077BF120
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6E3A2CD4E9B3FB9A0CC71F2DEE6F0330
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D253D4091CB7C79A3B5D588717D32E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Executive Traveller formerly AusBT | Travel News, Reviews & More

Page URL History Show full URLs

http://www.executivetraveller.com/ HTTP 301
https://www.executivetraveller.com/ Page URL

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

67
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

26
Subdomains

24
IPs

2
Countries

1878 kB
Transfer

5127 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ExecutiveTravellerOfficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/executivetraveller/

Search URL Search Domain Scan URL

URL: https://twitter.com/Exec_Traveller

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.executivetraveller.com/ HTTP 301
https://www.executivetraveller.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://publift-com.videoplayerhub.com/galleryplayer.js HTTP 301
https://btloader.com/tag?h=publift-com&upapi=true

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.executivetraveller.com/
Redirect Chain

http://www.executivetraveller.com/
https://www.executivetraveller.com/

292 KB
48 KB

2506ms
2466ms

Document
text/html

104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a4cc7f5fd6b68cd79e439989eaf6faf002d7dcc972d8ed39e6141a56ad7cc7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.executivetraveller.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 23 Oct 2021 17:16:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; path=/; domain=.executivetraveller.com; secure
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a2c9d44b823278c-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 23 Oct 2021 17:16:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 23 Oct 2021 18:16:38 GMT
Location: https://www.executivetraveller.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a2c9d443c982798-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 96ms
59ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b1f85e58cee9580ee2ad737017f2418d3e73c52bc2d496bbdf747f9aab8fede0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 50981
x-xss-protection: 0
server: cafe
etag: 812972079149984831
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:16:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 41ms
19ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-18413986-1

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

43787e058511b9760c2a385fcabddbbe20e9d765e67854311beeb5cddd9a796c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35713
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Oct 2021 17:16:41 GMT

GET
H2 200 glightbox.min.css
cdn.jsdelivr.net/npm/glightbox/dist/css/ 13 KB
3 KB 53ms
24ms Stylesheet
text/css 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 33626
x-jsd-version: 3.1.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"35d9-XbUPSwoZowTU9Y45y7si598X4l0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6a2c9d54dbfa4138-PRG

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/js/ 1 MB
340 KB 63ms
24ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/js/all.min.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30081cca00d16a1b3e17f364e55cf7f3bc210789122bd357943377c39f0b2ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3615851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 346673
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-11843d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BRVhTPrExkEN9WYZsbuve8W7ohJkyp1n%2FUDzOGo2QYaqlR8h1GzJgu4p%2FUO26nwlEkqsfJ%2B26lbEgj7NPNqS4wENrOOAXork38kPmijZnaPkfrntntSgZRKAerFJXt3LoUI4TzT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a2c9d54fc3e4137-PRG
expires: Thu, 13 Oct 2022 17:16:41 GMT

GET
H2 200 api.js Show response
www.executivetraveller.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 20ms
20ms Script
text/javascript 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6a2c9d54bdf2278c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/7ced03/00000000000000003b9ae8bd/27/ 32 KB
33 KB 85ms
17ms Font
application/font-woff2 2.16.186.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ced03/00000000000000003b9ae8bd/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.58 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-58.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 984d9f2ab036718d920fc1c91c1eb433c3f409bb515fdc94d3808b03a810f842

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
server: nginx
etag: "9a9f920635586e7942c79a5614cc9166338270d4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33260

GET
H2 200 l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 26 KB
26 KB 75ms
8ms Font
application/font-woff2 2.16.186.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.58 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-58.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
server: nginx
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26812

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
13ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-18413986-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4535
date: Sat, 23 Oct 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sat, 23 Oct 2021 18:01:06 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/ 271 KB
97 KB 65ms
50ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b3099a97a0b5afb6b70810bb2fc1486758d2ab006055d11f197356482bdd0e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 99030
x-xss-protection: 0
server: cafe
etag: 12563767464436874777
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:16:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 4C37 10 KB
5 KB 43ms
7ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.executivetraveller.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 23 Oct 2021 04:50:41 GMT
expires: Sat, 06 Nov 2021 04:50:41 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 44760
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1803815203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.executivetraveller.com%2F&ul=en-us&de=UTF-8&dt=Executive%20Traveller%20formerly%20AusBT%20%7C%20Travel%20News%2C%20Reviews%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=641014391&gjid=503287712&cid=50261308.1635009401&tid=UA-18413986-1&_gid=2024497208.1635009401&_r=1&gtm=2ouak0&z=2058264719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 17:16:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
418 B 68ms
21ms XHR
text/plain 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-18413986-1&cid=50261308.1635009401&jid=641014391&gjid=503287712&_gid=2024497208.1635009401&_u=YEBAAUAAAAAAAC~&z=1992945561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Oct 2021 17:16:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fuse.js Show response
cdn.publift.com/fuse/tag/2/1265/ 401 KB
32 KB 661ms
598ms Script
application/x-javascript 2.16.186.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.19 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: aadd5d30062d8bafb042760f9c71ac4bc7ae80741a22fb09e8f5f1a1329dff19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 03:05:09 GMT
server: AkamaiNetStorage
etag: "0c0e02f366f1bd4c744c95e9132796f2:1634612709.463633"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 32268
expires: Sat, 23 Oct 2021 17:46:41 GMT

GET
H3 200 et.chunk.js Show response
www.executivetraveller.com/assets/js/ 164 KB
52 KB 48ms
48ms Script
application/javascript 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.executivetraveller.com/assets/js/et.chunk.js?t1602728945
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f55bb38500ab668a2bd9fa9499ae4b042a65085b75544f28fddf911e5a2fb2bb

Request headers

:path: /assets/js/et.chunk.js?t1602728945
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 733819
cf-polished: origSize=168380
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Oct 2020 02:29:05 GMT
server: cloudflare
etag: W/"5f87b3f1-291bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6a2c9d561d804120-PRG
expires: Sun, 14 Nov 2021 05:26:21 GMT

GET
H3 200 app.min.js Show response
www.executivetraveller.com/assets/js/ 54 KB
14 KB 32ms
31ms Script
application/javascript 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.executivetraveller.com/assets/js/app.min.js?t=1614323765
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8972df9091603fa3a51751e8945d964ebc4ecb80f080e5098ae80d5cd138ee7

Request headers

:path: /assets/js/app.min.js?t=1614323765
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Feb 2021 07:16:05 GMT
server: cloudflare
age: 733819
etag: W/"6038a035-d952"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6a2c9d561d844120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 14 Nov 2021 05:26:21 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 83ms
31ms Script
text/javascript 104.16.160.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.160.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 37188
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 30 Oct 2021 17:16:41 GMT
cache-control: public, max-age=604800
cf-ray: 6a2c9d566a0727b4-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 85ms
52ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6a2c9d564f55f9d6-PRG

GET
H2 200 l
use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/ 26 KB
27 KB 25ms
25ms Font
application/font-woff2 2.16.186.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.58 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-58.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2a955cf83ce3ba3f0e9792da77a8f277e22a27e0fe08e725667fde9bcbb67b23

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
server: nginx
etag: "85cab88f0242c61b2adc4254ad911625e4e89ceb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27128

GET
H2 200 l
use.typekit.net/af/2acd47/00000000000000003b9acb43/27/ 26 KB
26 KB 37ms
37ms Font
application/font-woff2 2.16.186.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2acd47/00000000000000003b9acb43/27/l?fvd=n6&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.58 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-58.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4cd188d23382d53d57e2f83a1f691f7263fc7760cfaff7a258812ce98a6cc4a4

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
server: nginx
etag: "ca4c0c737570ce6afe98a3ebf368b1e97766d127"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26788

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
615 B 76ms
26ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.executivetraveller.com&callback=_gfp_s_&client=ca-pub-7655481952161096

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

49e916e1af3e3a9cedbeca4910a5c505374d8984ef1178519cd41684fd3cd99c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 68ms
26ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.executivetraveller.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7EFE 0
19 B 107ms
82ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655481952161096&output=html&adk=1812271804&adf=3025194257&lmt=1635009401&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.executivetraveller.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635009401006&bpp=4&bdt=214&idt=183&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3674523186432&frm=20&pv=2&ga_vid=50261308.1635009401&ga_sid=1635009401&ga_hid=1803815203&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062524&oid=2&pvsid=2009848526035985&pem=669&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7655481952161096&output=html&adk=1812271804&adf=3025194257&lmt=1635009401&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.executivetraveller.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635009401006&bpp=4&bdt=214&idt=183&shv=r20211020&mjsv=m202110140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3674523186432&frm=20&pv=2&ga_vid=50261308.1635009401&ga_sid=1635009401&ga_hid=1803815203&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062524&oid=2&pvsid=2009848526035985&pem=669&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=206
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.executivetraveller.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 17:16:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 17:31:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 17:16:41 GMT
cache-control: private

GET
H3 200 ls.respimg.min.js Show response
cdn.jsdelivr.net/combine/npm/lazysizes@5.2.0/plugins/bgset/ls.bgset.min.js,npm/lazysizes@5.2.0/lazysizes.min.js,npm/lazysizes@5.2.0/plugins/aspectratio/ls.aspectratio.min.js,npm/lazysizes@5.2.0/plu... 16 KB
7 KB 72ms
54ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/lazysizes@5.2.0/plugins/bgset/ls.bgset.min.js,npm/lazysizes@5.2.0/lazysizes.min.js,npm/lazysizes@5.2.0/plugins/aspectratio/ls.aspectratio.min.js,npm/lazysizes@5.2.0/plugins/respimg/ls.respimg.min.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/assets/js/app.min.js?t=1614323765

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8bddbaf0f33570c0862d0471156046d7f2c33b2ad123ca0a0f7edc71ef3cbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3801067
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19151-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"41bd-s+Vop/sCXgAkl++dbm+rzAC63x8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6a2c9d574deaf9e2-PRG

POST
H3 204 result Show response
www.executivetraveller.com/cdn-cgi/bm/cv/ 0
464 B 19ms
19ms XHR
text/plain 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.executivetraveller.com/cdn-cgi/bm/cv/result?req_id=6a2c9d44b823278c
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://www.executivetraveller.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=6a2c9d44b823278c
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 17:16:41 GMT
server: cloudflare
set-cookie: __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; path=/; expires=Sat, 23-Oct-21 17:46:41 GMT; domain=.executivetraveller.com; HttpOnly; Secure; SameSite=None
cf-ray: 6a2c9d578fcc4120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 in.php Show response
in.getclicky.com/ 227 B
470 B 452ms
147ms Script
text/javascript 198.145.13.14
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=263879&type=pageview&href=%2F&title=Executive%20Traveller%20formerly%20AusBT%20%7C%20Travel%20News%2C%20Reviews%20%26%20More&res=1600x1200&lang=en&jsuid=2154632989&mime=js&x=0.24814090904604713
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.14 , United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: df20c667216a40f4ec33792edf14df253d0085186f416b47117bbaf08be93577

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/ 10 KB
4 KB 39ms
11ms XHR
application/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/choice.js?timestamp=1635009401840
Requested by: Host: cdn.publift.com
URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65a0fec86b8700fa2d1d08cead0088a2ba80bd530188189c5f68eb54c699ffcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://www.executivetraveller.com
last-modified: Thu, 27 May 2021 01:33:15 GMT
server: AmazonS3
etag: W/"7b9f1fb9d2dce18137347bed3c85706d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cache-control: max-age=900
access-control-allow-credentials: true
x-amz-cf-id: 8zEx1T_JKVDrjXSXJ4QVbwkTQTYUtwDMcqDwcNk5Ir3ZM-yD5Gteew==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://publift-com.videoplayerhub.com/galleryplayer.js
https://btloader.com/tag?h=publift-com&upapi=true

26 KB
8 KB

63ms
25ms

Script
application/javascript

172.67.70.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=publift-com&upapi=true
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e19d83bf236f8f49306bebf0265956739d21598b6b26fcae2ef7c5e51ddc0bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5bac8c4126-PRG
date: Sat, 23 Oct 2021 17:16:42 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1471
etag: W/"89453bb05661525280bf98f56417c396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I9qbqjmKiK024sL3Xt6soIYOGZRip3A%2F0IpQIhMJF%2BM2iRofwMGdMpi5nhfDtty%2FtMHo5dUa3IqyUniTCdb0%2F%2Bdmjkm7QcKxmuo1IgyW58K%2F4SjcZu13hU2XVaZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
content-encoding: br

Redirect headers

date: Sat, 23 Oct 2021 17:16:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JySAAhZOf1Xj0CbYbrr3pHx11ATxo4c%2Fm0gCyMF7MIfhml6Ls6PpugUv4VKxFNJu6BTeQTY4lXugVFyCVZ0HX3Ss%2Bf634clIz1A6FnXZBDF2f8sHu0LRctT8PH445P0nYCL%2FUWG4%2FcBSxIIZaS%2FM5w%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=publift-com&upapi=true
cache-control: max-age=3600
cf-ray: 6a2c9d5b4e1af9de-PRG
expires: Sat, 23 Oct 2021 18:16:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 73ms
33ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.publift.com
URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

097fb9439186fc5c09ffc7c2537a8ba20da88c443fa4b725d9a29ff12209de96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1022 / 231 of 1000 / last-modified: 1634854038"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27151
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Oct 2021 17:16:42 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/ 10 KB
4 KB 418ms
402ms Script
application/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/choice.js?timestamp=1635009401840
Requested by: Host: cdn.publift.com
URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65a0fec86b8700fa2d1d08cead0088a2ba80bd530188189c5f68eb54c699ffcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 23 Oct 2021 17:16:43 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 01:33:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"7b9f1fb9d2dce18137347bed3c85706d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5O5hK-nh96zXY4TrwdyVRjoiramEAjdJRuiGVjkRzpd81hXtEe-Hyg==

GET
H3 200 pubads_impl_2021101301.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 30ms
16ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063226

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 124656
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Oct 2021 17:16:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 110 B
119 B 30ms
16ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.executivetraveller.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

27d5e694191764de309f73036f4247f005a274bdfafd92349777b56af84a4636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94
x-xss-protection: 0
expires: Sat, 23 Oct 2021 17:16:42 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
635 B 35ms
10ms Image
image/x-icon 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 09:15:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 09:15:29 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
928 B 59ms
20ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.5143978951140267
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Sat, 23 Oct 2021 17:16:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 673
x-guploader-uploadid: ABg5-UwXkjCiMZcCnzxkg3HxMvN7obGQSYa29h1f56fjJW6-LOWg_OGxiqZ61LVV9hzngbZkRkUtVjI9uRo6f5UZH_VPZZ3w7w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UEXMH7H%2B5RuZlCZ2O4HZIvdDBAI39OxE0QPM8rOO7vUBtcL5R8CCJUboCcp07HQBbPGF9FXSY9dTOP%2F2aizBJVrapUTS5k4HptRZ5zeXgcbh6tmY%2FqTRC38%2BsDmOKEO6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6a2c9d5c2e2b4114-PRG
expires: Sat, 23 Oct 2021 18:05:29 GMT

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 174ms
128ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=6DorXhQC&w=5712353254440960&o=5708166709903360&cv=2.0.2-2-gfdc9054&r=false&pageURL=https%3A%2F%2Fwww.executivetraveller.com%2F&upapi=true
Requested by: Host: publift-com.videoplayerhub.com
URL: https://publift-com.videoplayerhub.com/galleryplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 23 Oct 2021 17:16:42 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
72 KB 7ms
7ms Script
text/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/choice.js?timestamp=1635009401840
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:05 GMT
content-encoding: gzip
age: 37
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: dl5YQImRmXMbvDnwcefHFojwmoj3FuX5W-PnYpySiciCeNR7WqzYDg==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
37 KB 8ms
8ms XHR
application/json 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc5453423408c64912bcee0b8c17daf0a1a046f1bde073600c3a106770212049

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 03:00:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 51373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 23 Oct 2021 03:00:26 GMT
server: AmazonS3
etag: W/"c70cf8156fbfeefb12258748cf539900"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: cf-GCR9BEU7l5T3p1NFHjBA1JSyLndc0_j1vDvzFnQ-CO-UWcU_EJQ==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
21ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8785fa04bd69b43c676e5bb2af69b9151846703de3436f5069e0de546177e36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8629
x-xss-protection: 0

GET
H3 200 58ce1ef6cb6043fb903920c3dd799acd-Boeing-2707-SST-qantas-920.jpg
www.executivetraveller.com/photos/view/size:480,270/ 14 KB
15 KB 1634ms
1632ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/58ce1ef6cb6043fb903920c3dd799acd-Boeing-2707-SST-qantas-920.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdde1f177a91a2cd83e32b0dc274ef9e322e90a5ccebda270bcf4e4ed2250917

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/58ce1ef6cb6043fb903920c3dd799acd-Boeing-2707-SST-qantas-920.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa5e4120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:44 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 61725d672ca44baa930f5acadd799465-sq-mel.jpg
www.executivetraveller.com/photos/view/size:480,270/ 20 KB
20 KB 1628ms
1626ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/61725d672ca44baa930f5acadd799465-sq-mel.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5e1e63acc2af5ff73e9c22cb6346f77fc1949a9c9745e2d50959cc7fbf285a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/61725d672ca44baa930f5acadd799465-sq-mel.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa624120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:44 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 12:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 61726345594c4c8798005fe1dd799465-6007a659eb784f2aa39fa534dd799465-cathay-pacific-b777-first-class-concept-00.jpg
www.executivetraveller.com/photos/view/size:480,270/ 18 KB
19 KB 1691ms
1689ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/61726345594c4c8798005fe1dd799465-6007a659eb784f2aa39fa534dd799465-cathay-pacific-b777-first-class-concept-00.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeace7f834045f2d7e5b09b0a1921277ee1726cdace00854372328018f2b106d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/61726345594c4c8798005fe1dd799465-6007a659eb784f2aa39fa534dd799465-cathay-pacific-b777-first-class-concept-00.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa644120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:44 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 617215373c64415ca50c1563dd799465-qatar-syd-mel-1.jpg
www.executivetraveller.com/photos/view/size:240,135/ 7 KB
7 KB 1390ms
1388ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:240,135/617215373c64415ca50c1563dd799465-qatar-syd-mel-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a10d5b3946f902ad63d293b4d233993037ffe5d162547cddd8f776a319dfaa0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:240,135/617215373c64415ca50c1563dd799465-qatar-syd-mel-1.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa674120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:43 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 6171b5c2fd5843c68e2c7435dd799465-qf787-2000a.jpg
www.executivetraveller.com/photos/view/size:240,135/ 6 KB
6 KB 1330ms
1327ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:240,135/6171b5c2fd5843c68e2c7435dd799465-qf787-2000a.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68b66046846d16292bcaffecdb79ca276c2e590840ea105ff8e9297fb4b31f3d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:240,135/6171b5c2fd5843c68e2c7435dd799465-qf787-2000a.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa6a4120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:43 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 616f6205c8684f428c54836cdd799465-cathay-sydney-1.jpg
www.executivetraveller.com/photos/view/size:240,135/ 7 KB
7 KB 1320ms
1318ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:240,135/616f6205c8684f428c54836cdd799465-cathay-sydney-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff4cd1695a5723f042dd3e93d55647d2d4548742c3546ab0d102f7d71e265daa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:240,135/616f6205c8684f428c54836cdd799465-cathay-sydney-1.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa6c4120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:43 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 616788432d244d0ab1299c8cdd799465-qantas-bag-1600.png
www.executivetraveller.com/photos/view/size:480,270/ 216 KB
216 KB 1727ms
1725ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/616788432d244d0ab1299c8cdd799465-qantas-bag-1600.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75398a9b6d83c7ea61892bdc7ba2cb90159cffa227400ec4e4e37e92a930692a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/616788432d244d0ab1299c8cdd799465-qantas-bag-1600.png
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa6f4120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:44 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 05:28:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 615e9a42fb104b83aef85558dd799465-qatar-business-class-inflight-lounge-1200.jpg
www.executivetraveller.com/photos/view/size:480,270/ 21 KB
22 KB 1686ms
1684ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/615e9a42fb104b83aef85558dd799465-qatar-business-class-inflight-lounge-1200.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31c012d369b5a6dda8435f92bf13ae770a582608e081458859f8efd0dda0ff7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/615e9a42fb104b83aef85558dd799465-qatar-business-class-inflight-lounge-1200.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa704120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:44 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 05:28:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

GET
H3 200 5c4525c6fe084fb7a7b63234dd799463-1500,1500-5926604f616c4eb1a2db2e15dd799acd-qantas-app-main-image-1.jpg
www.executivetraveller.com/photos/view/size:480,270/ 14 KB
14 KB 1687ms
1685ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/5c4525c6fe084fb7a7b63234dd799463-1500,1500-5926604f616c4eb1a2db2e15dd799acd-qantas-app-main-image-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eb8c9a67f2e2ccc04469e833a2c6863e371a9155c832b113f8223a1e97932f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/5c4525c6fe084fb7a7b63234dd799463-1500,1500-5926604f616c4eb1a2db2e15dd799acd-qantas-app-main-image-1.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d5dfa734120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:44 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 05:28:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:29

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=1803815203&t=pageview&_s=1&dl=https%3A%2F%2Fwww.executivetraveller.com%2F&ul=en-us&de=UTF-8&dt=Executive%20Traveller%20formerly%20AusBT%20%7C%20Travel%20News%2C%20Reviews%20%26%20More&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABAAAAAC~&jid=1784997365&gjid=327196164&cid=50261308.1635009401&tid=UA-18413986-1&_gid=2024497208.1635009401&_r=1&_slc=1&did=i5iSjo&_av=2.4.1&_au=122&z=100579838

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 17:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 rum Show response
www.executivetraveller.com/cdn-cgi/ 0
174 B 24ms
23ms XHR
text/plain 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.executivetraveller.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
content-length: 12676
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6a2c9d5e2ab34120-PRG
vary: Origin

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
18ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 23 Oct 2021 17:16:42 GMT

GET
H3 200 logo-large.svg
www.executivetraveller.com/assets/img/ 11 KB
4 KB 29ms
29ms Image
image/svg+xml 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.executivetraveller.com/assets/img/logo-large.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c76dbfdb22da0dd5a84f2c259f3f54b4adb48f3afbd4472ef0783208d232574

Request headers

:path: /assets/img/logo-large.svg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Feb 2020 07:12:44 GMT
server: cloudflare
age: 733818
etag: W/"5e576bec-2c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6a2c9d5e2ab64120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 14 Nov 2021 05:26:23 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 51ms
7ms XHR
application/json 52.222.214.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-91.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 03:00:35 GMT
content-encoding: gzip
age: 51368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 19:52:30 GMT
server: AmazonS3
etag: W/"ce2e4fb9fc40c4c0ec7bab6578115f67"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: Yiey4KudmKN67Y4sDLFJsLRxwfDFqUt8
via: 1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA56-P3
content-type: application/json
x-amz-cf-id: EN8ZM01M591rPP3YCfz3Y9fC4IguRDOXGoisLLnes3AG3OUHcxbtfg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 29ms
14ms XHR
text/plain 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-18413986-1&cid=50261308.1635009401&jid=1784997365&gjid=327196164&_gid=2024497208.1635009401&_u=aGDAAUABAAAAAC~&z=1705496632

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Oct 2021 17:16:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo-large.svg
www.executivetraveller.com/assets/img/ 11 KB
4 KB 36ms
36ms Image
image/svg+xml 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.executivetraveller.com/assets/img/logo-large.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c76dbfdb22da0dd5a84f2c259f3f54b4adb48f3afbd4472ef0783208d232574

Request headers

:path: /assets/img/logo-large.svg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Feb 2020 07:12:44 GMT
server: cloudflare
age: 733818
etag: W/"5e576bec-2c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6a2c9d5e6b084120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 14 Nov 2021 05:26:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6E3A 12 KB
5 KB 23ms
7ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.executivetraveller.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 23 Oct 2021 16:36:55 GMT
expires: Sun, 23 Oct 2022 16:36:55 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D25 783 B
1 KB 41ms
16ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

0f13e9ed41851512c2372177a058ad8a128b8c14c7802de3cb2409807e9c53de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VK2Eev+7u3Nc5414btkSCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.executivetraveller.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Oct 2021 17:16:42 GMT
date: Sat, 23 Oct 2021 17:16:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VK2Eev+7u3Nc5414btkSCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 290 KB
34 KB 8ms
7ms XHR
application/json 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 03:00:35 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 51368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 23 Oct 2021 03:00:31 GMT
server: AmazonS3
etag: W/"245785af8ba94b258aadfcb233c26a42"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: J4ubvWaocLmZrGihH5pE4LMl4J_3JUeGiUKpuZyzFKJfw0cX7S9FVw==

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 469 KB
124 KB 8ms
8ms Script
text/javascript 13.32.121.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:27:41 GMT
content-encoding: br
age: 172142
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
server: AmazonS3
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 4SzvmachIpd-UdXawruAdRbbjZWsFDvY_mSDe9JoX1m1-whnHKU9rQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D25 0
0 64ms
63ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=2009848526035985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E3A 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 22:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 22 Oct 2022 22:58:36 GMT

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
516 B 36ms
9ms XHR
text/html 18.66.97.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22www.executivetraveller.com%22%2C%22publisher%22%3A%22Executive%20Traveller%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22dkiJgbRltVehu3eafVxaOw%22%2C%22clientTimestamp%22%3A1635009402564%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-z60mzjuimg274fw29y2c%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 05:38:33 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
vary: Origin
age: 41890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: -62txUQSKNQpRSQT11NW0zCO85SmwGPc3rrJzh2DpIbHwLkQ_yzuFQ==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=2009848526035985&bg=!cHOlczfNAAbUs_yW1LM7ACkAdvg8WpY_L5jsylmzwpO8QtxU0cuwdnE_diaJpFRNTzI0FuqQ4NFfKQIAAAB6UgAAAA1oAQeZAsGMFxcSiV751tm2B70cmryVFH9-YkW61j7MShFlZ5Lo4ZkL8uUpXDffCdgTOtKWqZ_XsfYumQVAEl0KER3d-gwuLn8XfVG8P4QWnV91HUy6QF1lRh7m7gFaW4JUZmegG2Pu-usRKUYlLv07p_MtYj0UJZVlKDh7SNMYUTTLq8HBQ2XzfvbcmsU40fcRyXZ8P8Xvj9TBYOpZHk5NI50oGSgPyx497fvWQHYCsVyCp_2NYuOiDILPZlQR6qgDJhiruAIU3jncx6s_V5EdHgyxVaxdx7cnZXuTPt1UyTXdhcNOOvXvT9zeo7TGcxtRsRM3rLvUdqk-xpMOpjIRB7AsLZ1ozIM_OvmrztPxvv-pXSlUqEq0J-DeaCcPqMa-_4_pHqLvuCl9fcCVSUt86Mbvmq_IcA8cDxgaQFCkoC0p11pmL3-lhsAV2Zp9oZZqgeoFv2qwJ3Bxx5M1VGAVQYbClnalb75ejSkTRWBMTKjNxFGdXJEu2c9ALnC1C7gHELT4nckiEPTzmjA9jhRCl1dPBUaxMz6S7esbSHgT7cnq0SHR21ErmBUAZcbvITWH2cLnt5NcA6y0ff4k0xs-hDkzi8qegDgBuBmvNeoGqXqAd6eCmWQc35lb7IiJizQ7yZxB20Qid71JbyAV7mWHGMDLuSoalhFkD7Y5bT6jBPIQvPSPJ33o5aohbv7ax-I35RbSuwPNxgGfvcdF9rVONtc5cJF39fIi-oS9VJGswyIKheZx6wWHL6DQqUGjT_rm81z91hA5IMFapzD_pKAGis9apPMCqSsfb1p5_rWrcGhEsemqRfVZyeki8VbvK-4Zyf0kMm2Id-ebJRfJMIWJHlRd71kUCgQfypqiFqj-68t7HJEv_pCUgWM5Ih0OlzTd80mcuy_VjqX5e5yUXX2jR7S3DFppgw_i5aSG3D2Hh6VGjz0zcYs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 17:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5de71637a154493fadd7648bdd799463-qf-mel-first-cover-brandon-2500px.jpg
www.executivetraveller.com/photos/view/size:480,270/ 20 KB
20 KB 1641ms
1640ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/5de71637a154493fadd7648bdd799463-qf-mel-first-cover-brandon-2500px.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8add51e3f82cffe3410164e4c30a7324c4e70ae7b1ea304fe3eb0d01af04eee7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/5de71637a154493fadd7648bdd799463-qf-mel-first-cover-brandon-2500px.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d6668d54120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:45 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 05:28:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:31

GET
H3 200 6171248d12ec403dbf69b6a0dd799465-melbourne-airport-free-parking-2000b-3.png
www.executivetraveller.com/photos/view/size:240,135/ 47 KB
48 KB 1938ms
1937ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:240,135/6171248d12ec403dbf69b6a0dd799465-melbourne-airport-free-parking-2000b-3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c5a7c89c201d0de84b0283dc5c9d0cedc809496d25fda8bf6752afd58c988b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:240,135/6171248d12ec403dbf69b6a0dd799465-melbourne-airport-free-parking-2000b-3.png
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d684c1c4120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:46 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:31

GET
H3 200 6172239054b84e26b39122a5dd799465-singapore-rooftop-pool-2000a.jpg
www.executivetraveller.com/photos/view/size:720,405/ 31 KB
32 KB 1636ms
1635ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:720,405/6172239054b84e26b39122a5dd799465-singapore-rooftop-pool-2000a.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8203783d2976e1020cbba30672bb1701304c519977509d421d680db522cdc5ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:720,405/6172239054b84e26b39122a5dd799465-singapore-rooftop-pool-2000a.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d684c1f4120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:45 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:31

GET
H3 200 5ef19c7c73ac456b82c92cffdd799465-qantas-credit-card.jpg
www.executivetraveller.com/photos/view/size:300,169/ 11 KB
11 KB 1332ms
1332ms Image
image/jpeg 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:300,169/5ef19c7c73ac456b82c92cffdd799465-qantas-credit-card.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0266e2841c61fbb5fad0252f65925b6c9a351807ba0dbf1725638849e3d9c9db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:300,169/5ef19c7c73ac456b82c92cffdd799465-qantas-credit-card.jpg
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6a2c9d684c214120-PRG
pragma: public
date: Sat, 23 Oct 2021 17:16:45 GMT
cf-cache-status: EXPIRED
last-modified: Sat, 23 Oct 2021 10:05:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 23 Oct 22 23:05:31

GET
H3 200 616e1948a4b84278a240adfcdd799465-oneworld-airlines-2000a-2.png
www.executivetraveller.com/photos/view/size:480,270/ 122 KB
123 KB 275ms
275ms Image
image/webp 104.22.29.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:480,270/616e1948a4b84278a240adfcdd799465-oneworld-airlines-2000a-2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.29.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

941c29f981154671c4ec72127c8f3897f912a5af011de628e26c1ad1227035b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /photos/view/size:480,270/616e1948a4b84278a240adfcdd799465-oneworld-airlines-2000a-2.png
pragma: no-cache
cookie: executivetraveller=3dbfeeepkd1hjeok4o1no2aid4; _ga=GA1.2.50261308.1635009401; _gid=GA1.2.2024497208.1635009401; _gat_gtag_UA_18413986_1=1; __gads=ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ; __cf_bm=TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==; _first_pageview=1; _jsuid=2154632989; heatmaps_g2g_263879=no; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.executivetraveller.com
referer: https://www.executivetraveller.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 17:16:46 GMT
cf-cache-status: HIT
age: 4029
cf-polished: origFmt=png, origSize=159973
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-disposition: inline; filename="616e1948a4b84278a240adfcdd799465-oneworld-airlines-2000a-2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
last-modified: Sat, 23 Oct 2021 16:09:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 23 Oct 22 21:58:22
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 6a2c9d761b884120-PRG
cf-bgj: imgq:100,h2pri

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.executivetraveller.com/	1969-12-31 23:59:59	Name: executivetraveller Value: 3dbfeeepkd1hjeok4o1no2aid4
.executivetraveller.com/	1970-01-20 15:41:21	Name: _ga Value: GA1.2.50261308.1635009401
.executivetraveller.com/	1970-01-19 22:11:35	Name: _gid Value: GA1.2.2024497208.1635009401
.executivetraveller.com/	1970-01-19 22:10:09	Name: _gat_gtag_UA_18413986_1 Value: 1
.executivetraveller.com/	1970-01-20 07:31:45	Name: __gads Value: ID=1aae19104d6232cf-220bcc6cfdca0080:T=1635009401:RT=1635009401:S=ALNI_MZG47N97WNNa0r-p5pAyECkex_ILQ
.doubleclick.net/	1970-01-19 22:10:10	Name: test_cookie Value: CheckForPermission
.executivetraveller.com/	1970-01-19 22:10:11	Name: __cf_bm Value: TZmJW_p38tZUhGIDDdebt9nAdPgIv0L2lG3rFfBLZkc-1635009401-0-AUCjMPmuNXL4YrSKhUt4I6+bscI/oJvKj9JCdDyU4kCwoMkV7rojKQZVdCJMqAA4a7CKo9Ar+8i1EX9hiWVT6vSTuQYOuqTJa0FU7+cFXDV8x+HnDEnEBWJyUvC9TjZtSQ==
.executivetraveller.com/	1970-01-19 22:10:10	Name: _first_pageview Value: 1
.executivetraveller.com/	1970-01-20 06:55:45	Name: _jsuid Value: 2154632989
cdn.publift.com/	1970-01-19 22:53:21	Name: akacd_exectrav Value: 1637601401~rv=98~id=ff6be932a1163fdd0ce1178e6abff000
in.getclicky.com/	1970-01-20 06:55:45	Name: cluid Value: 2154632989
.executivetraveller.com/	1970-01-19 22:10:13	Name: heatmaps_g2g_263879 Value: no
.executivetraveller.com/	1970-01-19 22:10:09	Name: _gat Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
adservice.google.com
api.btloader.com
audit-tcfv2.quantcast.mgr.consensu.org
btloader.com
cdn.jsdelivr.net
cdn.publift.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
in.getclicky.com
pagead2.googlesyndication.com
partner.googleadservices.com
publift-com.videoplayerhub.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.getclicky.com
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
use.typekit.net
www.executivetraveller.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.16.160.16
104.16.18.94
104.16.87.20
104.16.95.65
104.21.192.118
104.22.29.127
104.26.3.70
13.32.121.100
130.211.23.194
142.250.181.226
142.250.185.65
142.250.185.66
142.250.185.70
142.250.186.100
142.250.186.162
172.217.16.142
172.67.70.134
18.66.97.22
198.145.13.14
2.16.186.19
2.16.186.58
216.58.212.130
216.58.212.136
52.222.214.91
74.125.133.154
0266e2841c61fbb5fad0252f65925b6c9a351807ba0dbf1725638849e3d9c9db
097fb9439186fc5c09ffc7c2537a8ba20da88c443fa4b725d9a29ff12209de96
0a4cc7f5fd6b68cd79e439989eaf6faf002d7dcc972d8ed39e6141a56ad7cc7b
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f13e9ed41851512c2372177a058ad8a128b8c14c7802de3cb2409807e9c53de
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1eb8c9a67f2e2ccc04469e833a2c6863e371a9155c832b113f8223a1e97932f6
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
27d5e694191764de309f73036f4247f005a274bdfafd92349777b56af84a4636
2a1b760ffaaad5194e4918dc27bf1938a3e53328bffb83df2bcaf6482c86e1d2
2a955cf83ce3ba3f0e9792da77a8f277e22a27e0fe08e725667fde9bcbb67b23
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
30081cca00d16a1b3e17f364e55cf7f3bc210789122bd357943377c39f0b2ead
31c012d369b5a6dda8435f92bf13ae770a582608e081458859f8efd0dda0ff7d
3c5a7c89c201d0de84b0283dc5c9d0cedc809496d25fda8bf6752afd58c988b9
3c5e1e63acc2af5ff73e9c22cb6346f77fc1949a9c9745e2d50959cc7fbf285a
43787e058511b9760c2a385fcabddbbe20e9d765e67854311beeb5cddd9a796c
49e916e1af3e3a9cedbeca4910a5c505374d8984ef1178519cd41684fd3cd99c
4c76dbfdb22da0dd5a84f2c259f3f54b4adb48f3afbd4472ef0783208d232574
4cd188d23382d53d57e2f83a1f691f7263fc7760cfaff7a258812ce98a6cc4a4
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
65a0fec86b8700fa2d1d08cead0088a2ba80bd530188189c5f68eb54c699ffcd
68b66046846d16292bcaffecdb79ca276c2e590840ea105ff8e9297fb4b31f3d
6a10d5b3946f902ad63d293b4d233993037ffe5d162547cddd8f776a319dfaa0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75398a9b6d83c7ea61892bdc7ba2cb90159cffa227400ec4e4e37e92a930692a
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
8203783d2976e1020cbba30672bb1701304c519977509d421d680db522cdc5ca
8785fa04bd69b43c676e5bb2af69b9151846703de3436f5069e0de546177e36b
8add51e3f82cffe3410164e4c30a7324c4e70ae7b1ea304fe3eb0d01af04eee7
8e19d83bf236f8f49306bebf0265956739d21598b6b26fcae2ef7c5e51ddc0bb
941c29f981154671c4ec72127c8f3897f912a5af011de628e26c1ad1227035b1
984d9f2ab036718d920fc1c91c1eb433c3f409bb515fdc94d3808b03a810f842
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc179995cc5c8bfe5b358466cfd5a871821bc1d4e64723ccf16da6f3edd387
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aadd5d30062d8bafb042760f9c71ac4bc7ae80741a22fb09e8f5f1a1329dff19
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1f85e58cee9580ee2ad737017f2418d3e73c52bc2d496bbdf747f9aab8fede0
b3099a97a0b5afb6b70810bb2fc1486758d2ab006055d11f197356482bdd0e89
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
c8972df9091603fa3a51751e8945d964ebc4ecb80f080e5098ae80d5cd138ee7
c9d2748d96fd95c196d8324e1d54a6687b9c457200743595296311f1355207bf
cdde1f177a91a2cd83e32b0dc274ef9e322e90a5ccebda270bcf4e4ed2250917
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8bddbaf0f33570c0862d0471156046d7f2c33b2ad123ca0a0f7edc71ef3cbd6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dc5453423408c64912bcee0b8c17daf0a1a046f1bde073600c3a106770212049
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df20c667216a40f4ec33792edf14df253d0085186f416b47117bbaf08be93577
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeace7f834045f2d7e5b09b0a1921277ee1726cdace00854372328018f2b106d
f55bb38500ab668a2bd9fa9499ae4b042a65085b75544f28fddf911e5a2fb2bb
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
ff4cd1695a5723f042dd3e93d55647d2d4548742c3546ab0d102f7d71e265daa

www.executivetraveller.com Open in urlscan Pro 104.22.29.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

0 %IPv6

17 Domains

26 Subdomains

24 IPs

2 Countries

1878 kBTransfer

5127 kBSize

13 Cookies

3 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.executivetraveller.com Open in urlscan Pro
104.22.29.127 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

0 %
IPv6

17
Domains

26
Subdomains

24
IPs

2
Countries

1878 kB
Transfer

5127 kB
Size

13
Cookies

67 HTTP transactions
0 data transactions