www.northstarmeetingsgroup.com Open in urlscan Pro
2606:4700::6810:7716  Public Scan

Submitted URL: https://www3.gbta.org/e/5572/ons-business-travel-incentives/6dqsv8/2729069869?h=33BrGdlmjXBYw7XkfqRHQ5Jnf2xLUi7tUgoLd6...
Effective URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Submission: On February 05 via api from US

Summary

This website contacted 32 IPs in 6 countries across 28 domains to perform 115 HTTP transactions. The main IP is 2606:4700::6810:7716, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.northstarmeetingsgroup.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 10th 2019. Valid for: 6 months.
This is the only time www.northstarmeetingsgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.202.69.186 ()
22 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:fe0... 20940 (AKAMAI-ASN1)
1 147.75.32.105 54825 (PACKET)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.35.254.99 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
3 2a03:2880:f12... 32934 (FACEBOOK)
2 147.75.33.229 54825 (PACKET)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2a05:f500:11:... 14413 (LINKEDIN)
1 35.172.5.45 14618 (AMAZON-AES)
6 204.180.130.159 53866 (QTS-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 216.58.207.34 15169 (GOOGLE)
2 52.55.105.83 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 52.86.85.63 14618 (AMAZON-AES)
3 3 34.225.65.136 14618 (AMAZON-AES)
3 3 185.33.223.100 29990 (ASN-APPNEX)
2 2 172.217.18.102 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 204.180.130.165 53866 (QTS-AS)
115 32
Apex Domain
Subdomains
Transfer
21 northstarmeetingsgroup.com
www.northstarmeetingsgroup.com
268 KB
10 adventive.com
ads.adventive.com
111 KB
9 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
140 KB
9 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
103 KB
8 omeda.com
olytics.omeda.com
oqs.omeda.com
262 KB
7 adventivecdn.com
assets.adventivecdn.com
serve.adventivecdn.com
video.adventivecdn.com
431 KB
7 google-analytics.com
www.google-analytics.com
18 KB
6 cloudflare.com
cdnjs.cloudflare.com
36 KB
5 googletagservices.com
www.googletagservices.com
97 KB
5 gstatic.com
fonts.gstatic.com
78 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 arrivalist.com
dc.arrivalist.com
2 KB
3 ampproject.org
cdn.ampproject.org
89 KB
3 parsely.com
srv-2020-02-05-18.config.parsely.com
srv-2020-02-05-18.pixel.parsely.com
1 KB
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
3 facebook.com
www.facebook.com
441 B
3 facebook.net
connect.facebook.net
167 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
72 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
38 KB
2 google.com
adservice.google.com
280 B
2 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
19 KB
2 twitter.com
platform.twitter.com
29 KB
2 googletagmanager.com
www.googletagmanager.com
58 KB
1 2mdn.net
s0.2mdn.net
50 KB
1 google.de
adservice.google.de
778 B
1 bizographics.com
sjs.bizographics.com
2 KB
1 northstartravelmedia.com
ai.northstartravelmedia.com
1 KB
1 gbta.org
www3.gbta.org
1 KB
115 28
Domain Requested by
21 www.northstarmeetingsgroup.com www.northstarmeetingsgroup.com
10 ads.adventive.com securepubads.g.doubleclick.net
ads.adventive.com
www.northstarmeetingsgroup.com
7 www.google-analytics.com 1 redirects www.northstarmeetingsgroup.com
6 olytics.omeda.com ai.northstartravelmedia.com
olytics.omeda.com
6 cdnjs.cloudflare.com www.googletagmanager.com
ads.adventive.com
srcdoc
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.northstarmeetingsgroup.com
tpc.googlesyndication.com
cdn.ampproject.org
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.northstarmeetingsgroup.com
5 www.googletagservices.com www.northstarmeetingsgroup.com
securepubads.g.doubleclick.net
olytics.omeda.com
5 fonts.gstatic.com www.northstarmeetingsgroup.com
4 pagead2.googlesyndication.com www.northstarmeetingsgroup.com
olytics.omeda.com
3 serve.adventivecdn.com srcdoc
3 ib.adnxs.com 3 redirects
3 dc.arrivalist.com 3 redirects
3 cdn.ampproject.org securepubads.g.doubleclick.net
3 www.facebook.com www.northstarmeetingsgroup.com
connect.facebook.net
3 connect.facebook.net www.northstarmeetingsgroup.com
connect.facebook.net
2 oqs.omeda.com olytics.omeda.com
2 video.adventivecdn.com srcdoc
2 assets.adventivecdn.com srcdoc
2 ad.doubleclick.net 2 redirects
2 srv-2020-02-05-18.pixel.parsely.com www.northstarmeetingsgroup.com
2 adservice.google.com www.googletagservices.com
www.northstarmeetingsgroup.com
2 px.ads.linkedin.com 1 redirects www.northstarmeetingsgroup.com
2 d1z2jf7jlzjs58.cloudfront.net www.northstarmeetingsgroup.com
d1z2jf7jlzjs58.cloudfront.net
2 platform.twitter.com www.northstarmeetingsgroup.com
platform.twitter.com
2 ajax.googleapis.com www.northstarmeetingsgroup.com
srcdoc
2 www.googletagmanager.com www.northstarmeetingsgroup.com
1 s0.2mdn.net securepubads.g.doubleclick.net
1 googleads4.g.doubleclick.net www.northstarmeetingsgroup.com
1 vars.hotjar.com static.hotjar.com
1 adservice.google.de www.googletagservices.com
1 stats.g.doubleclick.net www.northstarmeetingsgroup.com
1 srv-2020-02-05-18.config.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 www.linkedin.com 1 redirects
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 sjs.bizographics.com www.googletagmanager.com
1 fonts.googleapis.com www.northstarmeetingsgroup.com
1 ai.northstartravelmedia.com www.northstarmeetingsgroup.com
1 www3.gbta.org 1 redirects
115 40
Subject Issuer Validity Valid
ssl391070.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-10 -
2020-06-17
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
*.google.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA
2018-04-13 -
2020-04-17
2 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2020-02-03 -
2020-05-03
3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2020-02-03 -
2020-05-03
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years crt.sh
*.config.parsely.com
Amazon
2020-01-28 -
2021-02-28
a year crt.sh
*.omeda.com
SSL.com RSA SSL subCA
2019-10-29 -
2020-08-28
10 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2020-02-03 -
2020-05-03
3 months crt.sh
*.pixel.parsely.com
Let's Encrypt Authority X3
2020-01-31 -
2020-04-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
misc-sni.google.com
GTS CA 1O1
2020-01-14 -
2020-04-07
3 months crt.sh
*.adventive.com
Amazon
2019-09-21 -
2020-10-21
a year crt.sh
adventivecdn.com
CloudFlare Inc ECC CA-2
2019-10-12 -
2020-10-09
a year crt.sh

This page contains 8 frames:

Primary Page: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Frame ID: 03788A4740F787E772FD85645ECCAE01
Requests: 87 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=https%3A%2F%2Fwww.northstarmeetingsgroup.com
Frame ID: ED9008186157F63EBAB1A5E0BA72F5BA
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 3BAF48CA15397A0309253115CF53CECC
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua0MWsdZazipFbXsB5zuzjV7ZiGA1Gh3Uk1-rzJ0iMtSwxzfLm0jlMGte9amD_JiYaDRpNJ2ugHJ-b7_5VLgfzfNxj0wsC45B-9BSDMIdZ1j2wjKTaE-z_xgD1lD_bGz_k8FiK0Evy69jCau13XbwRbA701WV-uyOFEkkWUUqzp69wi3oNioF7G5aNRgD_sWIxB9Q4rhG5oSjYZ0h3YU9WWnkcsJj_vK7K8MD8ar50xQybgEu_Nt5ZRU07CqvocnZUjWivlkYztjw46gXv7aPHp2chOWnmS1LbMlGy_5cyvZRduV1d7LOzrFTqnlzmZ2u9w2yGCEsR&sai=AMfl-YS2NVWKFd6Bsql9FryydCDKkne1h_KzEEuFtzl7y2Qjmplg7GpZhHB9En5_BmIJhN22pfJEBX1XDCS-LIPfOAWBBR4fbeusSGy9uwyo&sig=Cg0ArKJSzJQ_rkGVhOwhEAE&urlfix=1&adurl=
Frame ID: DABDF7B70EF45FFC9E51A04A6BEF932E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Frame ID: 9F26AC4FB66336747559005BF4046A3B
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsum3jmantsbdtSK4JsylkXQfxS6RoSHnJayVeDYTyij-TmvWELIAeL9OmwnVd7CzModid2cCKdQZ4DYFxaN84c5So9FJzlISfSBdns6sTgG-40uA-okmz7osKhwkLIc6BuxJ5yYZqfqybCjOlfkBjIQJ_6rW9XZa2hYee0d4_-8NlPNndFo2PvC5bqdRLB5v5JHhao0k86Sexw8u3k59mIaV-2OXD6gJjBUYeJMGmUQCkywZj5-s8R-r2yPfnqt2VOGnnxzrNsHV1S9Zi8RJ9cLoJ1DBg&sai=AMfl-YTWi95NmoBiXfnThW1CeFrytzY6zgCzQZedPCDX21NnqnBh_2-P8jLOLSkt4RFX3Q54SiRLqrW6855HkxYaxFGZYHD2jZKRDKt1MMto&sig=Cg0ArKJSzDy7f_aIoSNnEAE&urlfix=1&adurl=
Frame ID: E0CD01AAED35B489364D4C0E52A56F6B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CD84F684F4817856FFDBADECF180B6A5
Requests: 1 HTTP requests in this frame

Frame: https://assets.adventivecdn.com/434/b198083c-a0d7-494c-8aa7-f3a7b2b83e06
Frame ID: D40E12160248689CC2B1EF227D64AE32
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www3.gbta.org/e/5572/ons-business-travel-incentives/6dqsv8/2729069869?h=33BrGdlmjXBYw7Xkfq... HTTP 301
    https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Page Statistics

115
Requests

100 %
HTTPS

61 %
IPv6

28
Domains

40
Subdomains

32
IPs

6
Countries

2072 kB
Transfer

5280 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www3.gbta.org/e/5572/ons-business-travel-incentives/6dqsv8/2729069869?h=33BrGdlmjXBYw7XkfqRHQ5Jnf2xLUi7tUgoLd6DItcc HTTP 301
    https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=438009&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&time=1580927033005 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D438009%26url%3Dhttps%253A%252F%252Fwww.northstarmeetingsgroup.com%252Fnews%252Findustry%252Fcoronavirus-disruptions-business-travel-incentives%26time%3D1580927033005%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=438009&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&time=1580927033005&liSync=true
Request Chain 47
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=226042127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&ul=en-us&de=UTF-8&dt=GBTA%20Survey%3A%20Coronavirus%20Likely%20to%20Cause%20Massive%20Disruption%20to%20Business%20Travel%20%7C%20Northstar%20Meetings%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAAAB~&jid=1658560096&gjid=785552771&cid=1368592154.1580927033&tid=UA-119786102-2&_gid=1532960115.1580927033&_r=1&cd3=News&cd2=News%7C%20Industry%7C%20(25468)%20Coronavirus%20Disruptions%20Business%20Travel%20Incentives&cd4=Industry&cd5=Article%20Standard&cd6=News&cd1=25468%20%7C%202020%2F02%2F04%20%7C%20Article%20%7C%2055268605&cd11=false&z=1342063978 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119786102-2&cid=1368592154.1580927033&jid=1658560096&_gid=1532960115.1580927033&gjid=785552771&_v=j80&z=1342063978
Request Chain 79
  • https://dc.arrivalist.com/px/?pixel_id=1401&a_source=Northstar&a_medium=Display&a_campaign=2020&a_content=Destination_Guide&a_type=Paid HTTP 302
  • https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260 HTTP 302
  • https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260 HTTP 302
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdc.arrivalist.com%2Fpj%2Fproc.php%3Fauid%3D%24UID%26rk%3Dckip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260 HTTP 302
  • https://dc.arrivalist.com/pj/proc.php?auid=5387173137895718051&rk=ckip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260 HTTP 302
  • https://ib.adnxs.com/seg?add=10296138&redir=https://ad.doubleclick.net/ddm/activity/src=8205987;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1? HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8205987;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

115 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request coronavirus-disruptions-business-travel-incentives
www.northstarmeetingsgroup.com/news/industry/
Redirect Chain
  • https://www3.gbta.org/e/5572/ons-business-travel-incentives/6dqsv8/2729069869?h=33BrGdlmjXBYw7XkfqRHQ5Jnf2xLUi7tUgoLd6DItcc
  • https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
54 KB
12 KB
Document
General
Full URL
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37631d346c18e78e0e4064404ef1f5d3b9ca1a9a0d008fbdbb3bd6f7242daaef

Request headers

:method
GET
:authority
www.northstarmeetingsgroup.com
:scheme
https
:path
/news/industry/coronavirus-disruptions-business-travel-incentives
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 05 Feb 2020 18:23:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dab3b1a4e712ebb6bc56f758afa5638d81580927032; expires=Fri, 06-Mar-20 18:23:52 GMT; path=/; domain=.northstarmeetingsgroup.com; HttpOnly; SameSite=Lax; Secure ASP.NET_SessionId=jhslif02ze3basgy0vfworhj; path=/; HttpOnly; SameSite=Lax EktGUID=a2c87243-174a-473e-9c15-fc2e3ce26d30; expires=Fri, 05-Feb-2021 18:23:46 GMT; path=/ NMGTrackUser4=P=1; domain=www.northstarmeetingsgroup.com; path=/ ecm=user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.northstarmeetingsgroup.com&SiteLanguage=1033; path=/ __cflb=02DiuHfL3rSTH6JwLWKBjK97WDGptfUMmLuiZdVXbEXNc; Secure; SameSite=Lax; path=/; expires=Thu, 06-Feb-20 18:23:52 GMT; HttpOnly
cache-control
private
vary
Accept-Encoding
x-aspnet-version
4.0.30319
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5606eafddeffdff3-FRA
content-encoding
br

Redirect headers

Date
Wed, 05 Feb 2020 18:23:51 GMT
Set-Cookie
pardot=n2tmfpjfqb6t1kh8bofr1l3g17; path=/ visitor_id5572=1335148873; expires=Sat, 02-Feb-2030 18:23:51 GMT; Max-Age=315360000; path=/; SameSite=None; secure visitor_id5572-hash=b101954d66057ca93a487f7e3ccaedf6607b79bd88ded829e25064542d65ef0eb8d43119ab6bab96035b0bd575f24db072ad1f9c; expires=Sat, 02-Feb-2030 18:23:51 GMT; Max-Age=315360000; path=/; SameSite=None; secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
150
Content-Type
text/html; charset=UTF-8
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
Server
PardotServer
X-Pardot-LB
4208770abb36eec2b2f3a1c951758cc1
Connection
keep-alive
style.css
www.northstarmeetingsgroup.com/dist/css/
342 KB
47 KB
Stylesheet
General
Full URL
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ed3b2067e143140eb330c86e2df1d6aeffb76636687a5752c1f847a25301c4

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Jan 2020 20:06:14 GMT
server
cloudflare
age
1171770
etag
W/"983ce667a8ccd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
5606eb02bfa3dff3-FRA
ntmserve.min.js
www.northstarmeetingsgroup.com/dist/js/
4 KB
1 KB
Script
General
Full URL
https://www.northstarmeetingsgroup.com/dist/js/ntmserve.min.js?20191002b
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d33be0acecd4db38e8ef5ccdb3a8ff23a27406e9cda4d92105fd812e2eab845

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Sep 2019 00:51:16 GMT
server
cloudflare
age
131129
etag
W/"01ae9814d6fd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5606eb02bfa8dff3-FRA
adsbygoogle.js
www.northstarmeetingsgroup.com/js/
29 B
165 B
Script
General
Full URL
https://www.northstarmeetingsgroup.com/js/adsbygoogle.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f7b877f5e26e9418a42d1e7f4fc09c36b6c6ce80fcee4fd2eadc785e9fda7ea

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jan 2016 23:10:45 GMT
server
cloudflare
age
4192
etag
W/"112cce1d215ad11:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5606eb02bfacdff3-FRA
js
www.googletagmanager.com/gtag/
75 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-6628166
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b2f8078a6c1c931ce9fae5f3c3e9829daaa6ee02fe4bbd8b4e3674f4f391e62
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
status
200
strict-transport-security
max-age=300; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28467
x-xss-protection
0
last-modified
Wed, 05 Feb 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Feb 2020 18:23:52 GMT
/
ai.northstartravelmedia.com/track/
2 KB
1 KB
Script
General
Full URL
https://ai.northstartravelmedia.com/track/?s=&oid=a096c672423f4f0b959219cb6a289904
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd34c7ec71f911de4caa4052dc5f38ffbf2eefef7066ca1a0e02ebb117c2f2c0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="Potato"
status
200
cache-control
private
cf-ray
5606eb02e83cdff3-FRA
content-type
text/plain; charset=utf-8
s_code.js
www.northstarmeetingsgroup.com/js/
55 KB
20 KB
Script
General
Full URL
https://www.northstarmeetingsgroup.com/js/s_code.js?20180427
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d95fa8b2c4e62bdfe9a9b17cfd9897f35987a1c620abc31651d1c18ae13b4dd3

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Apr 2018 14:57:22 GMT
server
cloudflare
age
4191
etag
W/"6dc1618e25d7d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5606eb02bfaedff3-FRA
Michael-Shapiro-Northstar-Meetings-Group.jpg
www.northstarmeetingsgroup.com/uploadedImages/Editors/
2 KB
2 KB
Image
General
Full URL
https://www.northstarmeetingsgroup.com/uploadedImages/Editors/Michael-Shapiro-Northstar-Meetings-Group.jpg?width=44&height=44&scale=both&mode=crop
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c58e4185c05af217c3ad3b1d3ac9228559da901e2aa37e415eed6b6a631520

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Oct 2019 13:46:50 GMT
server
cloudflare
age
4191
etag
"b7e9f751a889d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5606eb02bfb0dff3-FRA
content-length
1893
grounded-planes-GettyImages.jpg
www.northstarmeetingsgroup.com/uploadedImages/Articles/News/Industry/
56 KB
56 KB
Image
General
Full URL
https://www.northstarmeetingsgroup.com/uploadedImages/Articles/News/Industry/grounded-planes-GettyImages.jpg?origwidth=1366&origheight=700&origmode=crop&Anchor=MiddleCenter&width=920&scale=both&mode=crop
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406062364066f8d3dbca9ba2fa740d6e1a757d3e3179ba72876705d1d9dd2e3f

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 18:13:23 GMT
server
cloudflare
age
4191
etag
"433dcbc986dbd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5606eb03393fdff3-FRA
content-length
57088
US-China-flags-GettyImages-1126991813.jpg
www.northstarmeetingsgroup.com/uploadedImages/Articles/How_To/Event_Planning/Contracts_and_Legal_Issues/
8 KB
8 KB
Image
General
Full URL
https://www.northstarmeetingsgroup.com/uploadedImages/Articles/How_To/Event_Planning/Contracts_and_Legal_Issues/US-China-flags-GettyImages-1126991813.jpg?origwidth=1366&origheight=700&origmode=crop&Anchor=MiddleCenter&width=160&height=107&scale=both&mode=crop
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e93721c8c8c91a0655ae1618a2dec27dfbf5c1374685b099798fa36529e75d8

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 20:38:20 GMT
server
cloudflare
age
4191
etag
"e5ef7d99bdbd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5606eb033941dff3-FRA
content-length
7956
meeting-menu-sustainable.jpg
www.northstarmeetingsgroup.com/uploadedImages/Articles/How_To/Sustainability/
11 KB
11 KB
Image
General
Full URL
https://www.northstarmeetingsgroup.com/uploadedImages/Articles/How_To/Sustainability/meeting-menu-sustainable.jpg?origwidth=1366&origheight=700&origmode=crop&Anchor=MiddleCenter&width=160&height=107&scale=both&mode=crop
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21b288ef19cb562997c86ac9e8aba0899faee3374d68aa781017656dd8a27a9

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 19:40:11 GMT
server
cloudflare
age
4191
etag
"df7c42406ed8d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5606eb033942dff3-FRA
content-length
11479
CSR-Program-Design.jpg
www.northstarmeetingsgroup.com/uploadedImages/Articles/How_To/Event_Planning/Event_Programming/
8 KB
8 KB
Image
General
Full URL
https://www.northstarmeetingsgroup.com/uploadedImages/Articles/How_To/Event_Planning/Event_Programming/CSR-Program-Design.jpg?origwidth=1366&origheight=700&origmode=crop&Anchor=MiddleCenter&width=160&height=107&scale=both&mode=crop
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c1cfc90fea6655eb4b3a3aaa8f20aa645b2d8196ef322e0c65ed5454932bd0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 14:58:38 GMT
server
cloudflare
age
4191
etag
"4fb78eb46d8d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5606eb033944dff3-FRA
content-length
8236
email-decode.min.js
www.northstarmeetingsgroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
816 B
Script
General
Full URL
https://www.northstarmeetingsgroup.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 15:35:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e3054ce-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5606eb02e839dff3-FRA
expires
Fri, 07 Feb 2020 18:23:52 GMT
jquery-ui.min.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/
30 KB
7 KB
Stylesheet
General
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/base/jquery-ui.min.css
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0419faf03242236e04c1c062d52b7f011bf5f0222342fc4006f51cec7dd6ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 02:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576009
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7546
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Jan 2021 02:23:43 GMT
scripts.min.js
www.northstarmeetingsgroup.com/dist/js/
341 KB
95 KB
Script
General
Full URL
https://www.northstarmeetingsgroup.com/dist/js/scripts.min.js?20200122
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ea5ce4b8dfc0ed2fd60722543a2e621a6a71e4a890d0b927de343e07180b8e

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Jan 2020 22:14:46 GMT
server
cloudflare
age
131129
etag
W/"08fab5a71d1d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5606eb02f890dff3-FRA
panel-logic.min.js
www.northstarmeetingsgroup.com/dist/js/
2 KB
665 B
Script
General
Full URL
https://www.northstarmeetingsgroup.com/dist/js/panel-logic.min.js?20191002
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53a644e8465589433b379f0677d56c90a236bcb36509eaa172a8944acbcb9f64

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Sep 2019 00:46:26 GMT
server
cloudflare
age
8501170
etag
W/"ac5d90d54c6fd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=31536000
cf-ray
5606eb0308a6dff3-FRA
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40DB) /
Resource Hash
4dced00354b099d831f860145bbd0149f99889d4c45632e4d9e849f008123866

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:23:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jan 2020 22:50:12 GMT
Server
ECS (fcn/40DB)
Age
19
Etag
"09356930f7674f04e767f5b1203faeb7+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28838
css
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:400,700,800|Roboto:300,400,500,700,800|Roboto+Slab:400,700
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c911a1f5f7dac1d1af787741e05eb5351442579e175bdb352315f706b9e99e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 05 Feb 2020 18:23:52 GMT
server
ESF
access-control-allow-origin
*
date
Wed, 05 Feb 2020 18:23:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:52 GMT
gtm.js
www.googletagmanager.com/
96 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M6TMX4S
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe0c71b818cd04ebf2ff7804e99ebdcbbfd35e8e674f052b872695ae2817db00
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
status
200
strict-transport-security
max-age=300; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Wed, 05 Feb 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Feb 2020 18:23:52 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700,800|Roboto:300,400,500,700,800|Roboto+Slab:400,700
Origin
https://www.northstarmeetingsgroup.com

Response headers

date
Sat, 01 Feb 2020 11:35:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
370100
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Sun, 31 Jan 2021 11:35:32 GMT
insight.min.js
sjs.bizographics.com/
3 KB
2 KB
Script
General
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6TMX4S
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fe00:182::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:23:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=10907
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
hotjar-1303427.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1303427.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6TMX4S
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.105 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress5
Software
/
Resource Hash
39529b45c6df9347a20a9846967fd3dbc18b62f84ae552f59b769e408cc0986d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
215
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1618
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/b73a41eae57719c7f107f364354ccddb
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.079
accept-ranges
bytes
section-io-id
4751a3c863c63028dfc9eb4dcfafc9b3
section-origin-responded
true
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6TMX4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
age
8421259
cf-ray
5606eb038c19dfdb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 25 Jan 2021 18:23:52 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M6TMX4S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT
content-encoding
br
cf-cache-status
HIT
age
16886168
cf-ray
5606eb038c1cdfdb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 Jan 2021 18:23:52 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
p.js
d1z2jf7jlzjs58.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-99.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 04:17:42 GMT
Content-Encoding
gzip
Age
50797
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Fri, 07 Mar 2014 00:45:07 GMT
Server
nginx
ETag
W/"53191693-19c1"
Content-Type
application/x-javascript
Via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
SjVax9uOK_-dIvmntzMa_tE5MzLeihvWBJI2iuH2_RL0p83mQbkkCw==
Expires
Thu, 06 Feb 2020 04:17:14 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
rR3V1pxa890v7URUirZTCe2GsE5x9OrUticUcJ9BrSSCUo/EVFIIYb/gZBhrcK3uhCKihpujm3EKAgtLj/cdFQ==
x-fb-trip-id
1850256238
date
Wed, 05 Feb 2020 18:23:52 GMT, Wed, 05 Feb 2020 18:23:52 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
404850849656984
connect.facebook.net/signals/config/
100 KB
25 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/404850849656984?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bbd385b461e4e6b301696257fe70b40f6418f005d905aa1f918db1d69f74bd4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
25011
x-xss-protection
0
pragma
public
x-fb-debug
8DEaorIKcDINXjc0wxynenjDxo/VPxB2bgpWki2kVkdXliQWvCRtkZ1yQWiX4fjQbgqvN4iF7yoKk/GhytK/CA==
x-fb-trip-id
1850256238
date
Wed, 05 Feb 2020 18:23:52 GMT, Wed, 05 Feb 2020 18:23:52 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
940113352863095
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/940113352863095?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fe579b8dfb3e283c9a3a4f5997f06b3c17d65829e15fbaaebe28d97e2d10200
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114917
x-xss-protection
0
pragma
public
x-fb-debug
/CYLH/l2Q3IejRwxaWuQGeSbPN4p8hw41+LjYN+rY+LrpWZHtxGOgQpjakxKpJsBTwRH4PWJ4iuckdAntPruIQ==
x-fb-trip-id
1850256238
date
Wed, 05 Feb 2020 18:23:52 GMT, Wed, 05 Feb 2020 18:23:52 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
259 B
Image
General
Full URL
https://www.facebook.com/tr/?id=404850849656984&ev=PageView&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&rl=&if=false&ts=1580927032916&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=28&fbp=fb.1.1580927032916.1206571098&it=1580927032903&coo=false&rqm=GET
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT, Wed, 05 Feb 2020 18:23:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Wed, 05 Feb 2020 18:23:52 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=940113352863095&ev=PageView&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&rl=&if=false&ts=1580927032945&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1580927032916.1206571098&it=1580927032903&coo=false&rqm=GET
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:52 GMT, Wed, 05 Feb 2020 18:23:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Wed, 05 Feb 2020 18:23:52 GMT
modules.476511378c8b8a7af7c3.js
script.hotjar.com/
401 KB
70 KB
Script
General
Full URL
https://script.hotjar.com/modules.476511378c8b8a7af7c3.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1303427.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash
bc3f8cdc95a54a80b02793a7ff9de6e93da400f75805cb34423de7e55e707ae3

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
content-type
application/javascript
age
26664
status
200
section-io-cache
Hit
content-length
71337
last-modified
Wed, 05 Feb 2020 10:56:21 GMT
etag
"1d1a80201700bbe4d082ae416ad7272c"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.025
accept-ranges
bytes
section-io-id
d8f0b60bafcaa81f35e5a652803453e7
section-origin-responded
true
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=438009&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&time=1580927033005
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D438009%26url%3Dhttps%253A%252F%252Fwww.northstarmeetingsgroup.com%252Fnews%252Fin...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=438009&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&time=1580927033005&...
0
40 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=438009&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&time=1580927033005&liSync=true
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
XvHUucKU8BWQXaliVisAAA==

Redirect headers

date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-li-uuid
4xrLs8KU8BUg2UZr5yoAAA==
server
Play
pragma
no-cache
x-li-pop
prod-tln1
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=438009&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&time=1580927033005&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
northstarmeetingsgroup.com
srv-2020-02-05-18.config.parsely.com/config/
453 B
871 B
Script
General
Full URL
https://srv-2020-02-05-18.config.parsely.com/config/northstarmeetingsgroup.com
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.5.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-5-45.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e8ebc52070e4f1aa4c83f40c912bb12037dc5938891b5284008c109a68d74015

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:23:53 GMT
Cache-Control
private, no-cache
Connection
keep-alive
X-Powered-By
Express
ETag
W/"1c5-bNjJbvVU9OzCXMIzH1A09g"
Content-Length
453
Content-Type
text/javascript; charset=utf-8
olytics.css
olytics.omeda.com/olytics/css/v3/p/
17 KB
2 KB
Stylesheet
General
Full URL
https://olytics.omeda.com/olytics/css/v3/p/olytics.css
Requested by
Host: ai.northstartravelmedia.com
URL: https://ai.northstartravelmedia.com/track/?s=&oid=a096c672423f4f0b959219cb6a289904
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
4e3bbb8f68c4f8f1f06510e5272fdd319a0bb4e75d619629dc481266dc2b6e61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:23:53 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 31 Aug 2019 22:54:46 GMT
Server
Apache
ETag
W/"17382-1567292086000"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Transfer-Encoding
chunked
Accept-Ranges
bytes
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 05 Feb 2020 20:23:53 GMT
olytics.min.js
olytics.omeda.com/olytics/js/v3/p/
256 KB
257 KB
Script
General
Full URL
https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Requested by
Host: ai.northstartravelmedia.com
URL: https://ai.northstartravelmedia.com/track/?s=&oid=a096c672423f4f0b959219cb6a289904
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
928275713ac9809d685b61a27ada8d3d35cc64e8ac92a22eb37017dee54c653d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:23:53 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 04 Feb 2020 23:01:05 GMT
Server
Apache
ETag
W/"262001-1580857265083"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Wed, 05 Feb 2020 18:33:53 GMT
gpt.js
www.googletagservices.com/tag/js/
48 KB
15 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/dist/js/ntmserve.min.js?20191002b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f1690d8cf2a0b218fa81cc5395fc7d448aafd865448ff5362f2115ebefefcc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"419 / 976 of 1000 / last-modified: 1580868138"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15170
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 Jan 2020 01:10:36 GMT
server
Golfe2
age
6621
date
Wed, 05 Feb 2020 16:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17926
expires
Wed, 05 Feb 2020 18:33:32 GMT
arrow-down.svg
www.northstarmeetingsgroup.com/src/images/icons/
346 B
298 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/arrow-down.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8426f652c3e474d7da204119940bd1b2f40b9b58bedc0320aaf405ccf6ff79

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
5818305
etag
W/"d06413ed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04ce0bdff3-FRA
northstar-logo.svg
www.northstarmeetingsgroup.com/src/images/
9 KB
3 KB
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/northstar-logo.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daa67413e56cd99d4d284e2a3e123b1cd748f27291691f60b59b8a10f5493d05

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
9085998
etag
W/"99171ced4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04ce0fdff3-FRA
compass.svg
www.northstarmeetingsgroup.com/src/images/icons/
1 KB
515 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/compass.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fcfe1c1a8c72431fd81b15f05cfd03a9c8586e78912376d5e6612178ec5414

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
47377
etag
W/"68e17ed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04ce12dff3-FRA
search.svg
www.northstarmeetingsgroup.com/src/images/icons/
874 B
562 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/search.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1715c69d96b06e564b7e0edfb215bf75a80528c602a4b3dc09b9a042b43459

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
9084088
etag
W/"de691aed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04ce14dff3-FRA
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700,800|Roboto:300,400,500,700,800|Roboto+Slab:400,700
Origin
https://www.northstarmeetingsgroup.com

Response headers

date
Sat, 01 Feb 2020 01:49:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:04 GMT
server
sffe
age
405281
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13428
x-xss-protection
0
expires
Sun, 31 Jan 2021 01:49:12 GMT
1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700,800|Roboto:300,400,500,700,800|Roboto+Slab:400,700
Origin
https://www.northstarmeetingsgroup.com

Response headers

date
Tue, 04 Feb 2020 03:48:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:42 GMT
server
sffe
age
138914
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13228
x-xss-protection
0
expires
Wed, 03 Feb 2021 03:48:39 GMT
fancy-arrow.svg
www.northstarmeetingsgroup.com/src/images/icons/
425 B
341 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/fancy-arrow.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b29c1fab63fb081098db0587875d1819afbf8e06818a5bc917dd20dae4b1c8d

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
131072
etag
W/"bdd117ed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04feaddff3-FRA
bubble.svg
www.northstarmeetingsgroup.com/src/images/icons/
402 B
326 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/bubble.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee48455f8a91b4e6a64efc5732414ea7fbde37711e7e505fcc1678d337db9ec

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
9084088
etag
W/"247216ed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04feb1dff3-FRA
bookmark.svg
www.northstarmeetingsgroup.com/src/images/icons/
341 B
292 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/bookmark.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8dfe4cca159863eb9aadd51f9a69062abc5b449622b0416856d69192c69da8

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
8419478
etag
W/"f1fc15ed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb04feb3dff3-FRA
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700,800|Roboto:300,400,500,700,800|Roboto+Slab:400,700
Origin
https://www.northstarmeetingsgroup.com

Response headers

date
Tue, 04 Feb 2020 02:00:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
145380
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Wed, 03 Feb 2021 02:00:53 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v11/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotoslab/v11/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Raleway:400,700,800|Roboto:300,400,500,700,800|Roboto+Slab:400,700
Origin
https://www.northstarmeetingsgroup.com

Response headers

date
Wed, 05 Feb 2020 00:32:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 22:48:34 GMT
server
sffe
age
64265
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
30940
x-xss-protection
0
expires
Thu, 04 Feb 2021 00:32:48 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j80&a=226042127&t=pageview&_s=1&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incenti...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119786102-2&cid=1368592154.1580927033&jid=1658560096&_gid=1532960115.1580927033&gjid=785552771&_v=j80&z=1342063978
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119786102-2&cid=1368592154.1580927033&jid=1658560096&_gid=1532960115.1580927033&gjid=785552771&_v=j80&z=1342063978
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Wed, 05 Feb 2020 18:23:53 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:53 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-119786102-2&cid=1368592154.1580927033&jid=1658560096&_gid=1532960115.1580927033&gjid=785552771&_v=j80&z=1342063978
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
420
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=226042127&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&ul=en-us&de=UTF-8&dt=GBTA%20Survey%3A%20Coronavirus%20Likely%20to%20Cause%20Massive%20Disruption%20to%20Business%20Travel%20%7C%20Northstar%20Meetings%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Content&ea=Template&el=Article%20Standard&_u=IEBAAAAB~&jid=&gjid=&cid=1368592154.1580927033&tid=UA-119786102-2&_gid=1532960115.1580927033&z=542957898
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:08:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
494111
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=226042127&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&ul=en-us&de=UTF-8&dt=GBTA%20Survey%3A%20Coronavirus%20Likely%20to%20Cause%20Massive%20Disruption%20to%20Business%20Travel%20%7C%20Northstar%20Meetings%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Content&ea=Topic&el=News&_u=IEBAAAAB~&jid=&gjid=&cid=1368592154.1580927033&tid=UA-119786102-2&_gid=1532960115.1580927033&z=1495079919
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:08:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
494111
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=226042127&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&ul=en-us&de=UTF-8&dt=GBTA%20Survey%3A%20Coronavirus%20Likely%20to%20Cause%20Massive%20Disruption%20to%20Business%20Travel%20%7C%20Northstar%20Meetings%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Content&ea=Parms&el=%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&_u=IEBAAAAB~&jid=&gjid=&cid=1368592154.1580927033&tid=UA-119786102-2&_gid=1532960115.1580927033&z=1545976428
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:08:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
494111
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=226042127&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&ul=en-us&de=UTF-8&dt=GBTA%20Survey%3A%20Coronavirus%20Likely%20to%20Cause%20Massive%20Disruption%20to%20Business%20Travel%20%7C%20Northstar%20Meetings%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=User&ea=&el=b7ca68df-b2a8-44d0-9536-1c3053a4511a&_u=IEBAAAAB~&jid=&gjid=&cid=1368592154.1580927033&tid=UA-119786102-2&_gid=1532960115.1580927033&z=210518831
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:08:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
494111
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
106 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j80&a=226042127&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&ul=en-us&de=UTF-8&dt=GBTA%20Survey%3A%20Coronavirus%20Likely%20to%20Cause%20Massive%20Disruption%20to%20Business%20Travel%20%7C%20Northstar%20Meetings%20Group&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=User&ea=Ads%20Blocked&el=N&_u=IEBAAAAB~&jid=&gjid=&cid=1368592154.1580927033&tid=UA-119786102-2&_gid=1532960115.1580927033&z=340744696
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:08:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
494111
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html
platform.twitter.com/widgets/ Frame ED90
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.4f8aea4342a4ada72cba2bdffcff6b4d.html?origin=https%3A%2F%2Fwww.northstarmeetingsgroup.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40AE) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2316706
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 05 Feb 2020 18:23:53 GMT
Etag
"4b563298f37eb3ef2a2f8897be83c714+gzip"
Last-Modified
Thu, 09 Jan 2020 22:38:16 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40AE)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
integrator.js
adservice.google.de/adsid/
109 B
778 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.northstarmeetingsgroup.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.northstarmeetingsgroup.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020020310.js
securepubads.g.doubleclick.net/gpt/
167 KB
61 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020310.js?21065508
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
b77f487aeb58b2ea7e227ec1cec0100d60a7efb538a324ebe87d570a90f04b7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Feb 2020 16:59:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
62165
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 3BAF
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1303427.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.229 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives

Response headers

status
200
date
Wed, 05 Feb 2020 18:23:53 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.030
section-origin-responded
true
age
625841
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
10249778ff68cb4e26fb54f0fca46782
ptrack-v1.4.0-engagedtime-slots.js
d1z2jf7jlzjs58.cloudfront.net/code/
39 KB
16 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.4.0-engagedtime-slots.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-254-99.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
5c66cbe33a007920cdea231069727d9420e5e4a751378d2adb7777a03fe716bd

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Thu, 19 Sep 2019 21:16:07 GMT
Content-Encoding
gzip
Age
11999266
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Thu, 19 Sep 2019 16:47:30 GMT
Server
nginx
ETag
W/"5d83b122-9c0d"
Content-Type
application/x-javascript
Via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, public
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
PV63WouyNZ2xeAICg9gVQGjG24qx0O7ReugCgb77PTtqbzYXA9A2RQ==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
srv-2020-02-05-18.pixel.parsely.com/plogger/
43 B
229 B
Image
General
Full URL
https://srv-2020-02-05-18.pixel.parsely.com/plogger/?rand=1580927033442&plid=77923206&idsite=northstarmeetingsgroup.com&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22122184fa-542f-472c-9586-81eaa20949eb%22%2C%22parsely_site_uuid%22%3A%22fdd0cfa3-47e4-4ed1-a3af-8782b5206517%22%7D&sid=1&surl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&sref=&sts=1580927033440&slts=0&title=GBTA+Survey%3A+Coronavirus+Likely+to+Cause+Massive+Disruption+to+Business+Travel+%7C+Northstar+Meetings+Group&date=Wed+Feb+05+2020+19%3A23%3A53+GMT%2B0100+(Central+European+Standard+Time)&action=pageview&pvid=69295363&u=fdd0cfa3-47e4-4ed1-a3af-8782b5206517
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.105.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-105-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:23:54 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/
0
81 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Origin
https://www.northstarmeetingsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryS1iroFB4e77mDaAN

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://www.northstarmeetingsgroup.com
date
Wed, 05 Feb 2020 18:23:53 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
ads
securepubads.g.doubleclick.net/gampad/
39 KB
17 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3798198792682206&correlator=3004671655011223&output=ldjh&impl=fifs&adsid=NT&eid=21065508%2C21065390&vrg=2020020310&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200205&iu_parts=94102080%2Cnmg%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=100x600%7C200x800%2C100x600%7C200x800%2C728x90%7C970x250%2C970x66%7C970x90%2C280x49%2C1x1%2C300x250%7C300x600%2C300x250%7C1x1%2C970x250%2C728x90&prev_scp=position%3DPanel%2520Ad%25201%7Cposition%3DPanel%2520Ad%25202%7Cposition%3DTop%7Cposition%3DTop1%7Cposition%3DArticle%2520Sponsor%7Cposition%3D360e-Outstream%7Cposition%3DRight1%7Cposition%3DRight2%7Cposition%3DBillboard%7Cposition%3DBottom&cust_params=URL%3Dnews%252Findustry%252Fcoronavirus-disruptions-business-travel-incentives&cookie_enabled=1&bc=31&abxe=1&lmt=1580927033&dt=1580927033480&dlt=1580927032737&idt=729&frm=20&biw=1585&bih=1200&oid=3&adxs=33%2C1353%2C429%2C238%2C360%2C-9%2C1048%2C1048%2C238%2C238&adys=420%2C420%2C54%2C355%2C498%2C-9%2C1542%2C1812%2C3107%2C3377&adks=3103090089%2C3103090090%2C2766064113%2C3073945173%2C1180343138%2C1953966690%2C1666263551%2C1376519056%2C2921416518%2C2067164064&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&dssz=52&icsg=1017643772&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0%7C1585x0%7C1585x100%7C1110x66%7C1110x364%7C0x-1%7C300x270%7C300x270%7C1110x250%7C1110x110&msz=200x600%7C200x600%7C1585x100%7C1110x66%7C865x49%7C0x-1%7C300x270%7C300x270%7C1110x250%7C1110x110&ga_vid=1368592154.1580927033&ga_sid=1580927033&ga_hid=226042127&fws=4%2C4%2C0%2C0%2C0%2C2%2C0%2C0%2C0%2C0&ohw=200%2C200%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
f604b04b3bdb8a427f6aa131773979ecbae3f664902966bc4002b9c934152601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Origin
https://www.northstarmeetingsgroup.com

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16399
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,5051902516,5031508713,5289164355,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,138288052064,138267050090,138302229732,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.northstarmeetingsgroup.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020020310.js
securepubads.g.doubleclick.net/gpt/
66 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
sffe /
Resource Hash
80cca1779fa9577f2d9bfa407f1cb0de0f97df9e12d0b1ed22c5a160203b8b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 03 Feb 2020 16:59:10 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24918
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3798198792682206&r=100x600%7C200x800&w=160&h=600
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3798198792682206&r=280x49&w=0&h=0
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
49 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3798198792682206&r=1x1&w=0&h=0
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame DABD
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsua0MWsdZazipFbXsB5zuzjV7ZiGA1Gh3Uk1-rzJ0iMtSwxzfLm0jlMGte9amD_JiYaDRpNJ2ugHJ-b7_5VLgfzfNxj0wsC45B-9BSDMIdZ1j2wjKTaE-z_xgD1lD_bGz_k8FiK0Evy69jCau13XbwRbA701WV-uyOFEkkWUUqzp69wi3oNioF7G5aNRgD_sWIxB9Q4rhG5oSjYZ0h3YU9WWnkcsJj_vK7K8MD8ar50xQybgEu_Nt5ZRU07CqvocnZUjWivlkYztjw46gXv7aPHp2chOWnmS1LbMlGy_5cyvZRduV1d7LOzrFTqnlzmZ2u9w2yGCEsR&sai=AMfl-YS2NVWKFd6Bsql9FryydCDKkne1h_KzEEuFtzl7y2Qjmplg7GpZhHB9En5_BmIJhN22pfJEBX1XDCS-LIPfOAWBBR4fbeusSGy9uwyo&sig=Cg0ArKJSzJQ_rkGVhOwhEAE&urlfix=1&adurl=
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame DABD
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 12:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 May 2018 20:45:00 GMT
server
sffe
age
20650
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
expires
Thu, 04 Feb 2021 12:39:43 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame DABD
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b424ec6465b6e0dd6e6b9ece3fa59da2a273e14ce3cebfd444ad5b661fba16b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1580907112712234"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27618
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
300x250_Desert_Skyline.jpg
s0.2mdn.net/8402563/ Frame DABD
50 KB
50 KB
Image
General
Full URL
https://s0.2mdn.net/8402563/300x250_Desert_Skyline.jpg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4acf2b56cc6b265f73e61d5ecd05dffd0ed6bad69bed7857732939543286c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 17:19:42 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Dec 2019 19:25:38 GMT
server
sffe
age
3851
content-type
image/jpeg
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=86400
accept-ranges
bytes
access-control-allow-origin
*
content-length
50997
x-xss-protection
0
expires
Thu, 06 Feb 2020 17:19:42 GMT
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3a6506e100053cd9f6fc054c722ce7dfbab8c7048771d2c40b1bcf96f359462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1580744964772619"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27910
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012001251659540/
20 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012001251659540/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
23505
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7150
x-xss-protection
0
server
sffe
date
Wed, 05 Feb 2020 11:52:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7e98551560828916"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 11:52:08 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012001251659540/ Frame 9F26
200 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
23569
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55740
x-xss-protection
0
server
sffe
date
Wed, 05 Feb 2020 11:51:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"73c5733c238bea88"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 11:51:04 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012001251659540/v0/ Frame 9F26
91 KB
27 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012001251659540/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
23523
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28005
x-xss-protection
0
server
sffe
date
Wed, 05 Feb 2020 11:51:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"72f52e45b57a11ad"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 11:51:50 GMT
truncated
/ Frame 9F26
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be1cd23fd71254e68b3bcbb41558819e53c8b74b4e88e96a412d1eaa0ed49046

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame E0CD
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsum3jmantsbdtSK4JsylkXQfxS6RoSHnJayVeDYTyij-TmvWELIAeL9OmwnVd7CzModid2cCKdQZ4DYFxaN84c5So9FJzlISfSBdns6sTgG-40uA-okmz7osKhwkLIc6BuxJ5yYZqfqybCjOlfkBjIQJ_6rW9XZa2hYee0d4_-8NlPNndFo2PvC5bqdRLB5v5JHhao0k86Sexw8u3k59mIaV-2OXD6gJjBUYeJMGmUQCkywZj5-s8R-r2yPfnqt2VOGnnxzrNsHV1S9Zi8RJ9cLoJ1DBg&sai=AMfl-YTWi95NmoBiXfnThW1CeFrytzY6zgCzQZedPCDX21NnqnBh_2-P8jLOLSkt4RFX3Q54SiRLqrW6855HkxYaxFGZYHD2jZKRDKt1MMto&sig=Cg0ArKJSzDy7f_aIoSNnEAE&urlfix=1&adurl=
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
ad
ads.adventive.com/ Frame E0CD
282 KB
54 KB
Script
General
Full URL
https://ads.adventive.com/ad?j&pid=cd895049-42bb-40f4-a31b-5e75c58b960b&type=4&cb=404956001&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvwNkXsFXUh1QWmY8R_GenJ2BafugtoMuL2wLQwuh7-4YDTTUa7EH20YvtsCBf9gOa90oWYyE0u9BS0llNFpV85M7RtFl0WlqfU0OacCnFwqIqMlF34VO-8dr2z_kooLWbSfyGK8e3-hZXu1EYs3kboflv6HS3outJZ1AyuVjW0kM1Jgf0F_eyDYhGmBhhVjlYd9zGp8TBnWNINUaIhBKq1Sc2XwHKZaUR2vP3bjRAK6esyDRO9y6cUHXwoWtIgsdioEcS2KjEvCwoQfP01yZRKPQ%2526sai%253DAMfl-YS6XN3JCUg-SVvC8NbjBSDoCm-Tof4yfagrTJ4Yh1ph1pWBUI0qkn9iA3ePzx8LJcFybGumFU5FtisNgnXpBEWAbqZZ6Jj_OiqYnfif%2526sig%253DCg0ArKJSzOzsI2-muQwvEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=northstarmeetingsgroup.com&oop=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
875691181b581aea329619eae2a463f7c930c7cd9d1a7ba7d66d80ed4be8d225
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 05 Feb 2020 18:23:54 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-ua-compatible
IE=edge
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame E0CD
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020020310.js?21065508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9648b301ed4c48cf2fdd0fb932a1536c80881b0a73fb2852033b810c2ae1544c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1580744964772619"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27635
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
adservice.google.com/ddm/fls/z/ Frame DABD
Redirect Chain
  • https://dc.arrivalist.com/px/?pixel_id=1401&a_source=Northstar&a_medium=Display&a_campaign=2020&a_content=Destination_Guide&a_type=Paid
  • https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260
  • https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdc.arrivalist.com%2Fpj%2Fproc.php%3Fauid%3D%24UID%26rk%3Dckip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260
  • https://dc.arrivalist.com/pj/proc.php?auid=5387173137895718051&rk=ckip-10-0-1-1385e3b083a1b67f0.773220135e3b083a1be071.31806260
  • https://ib.adnxs.com/seg?add=10296138&redir=https://ad.doubleclick.net/ddm/activity/src=8205987;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=8205987;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
  • https://adservice.google.com/ddm/fls/z/src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
42 B
109 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:54 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/src=8205987;dc_pre=CK-Qw5KEu-cCFQqcmwodGFIGJQ;type=invmedia;cat=lasr4lhc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1057324430996901626
tpc.googlesyndication.com/simgad/ Frame 9F26
63 KB
63 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1057324430996901626
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36a74537cddedcbc63dcc4431f55fdf3f547dee75180b630b2ad36659d0bad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 09:10:00 GMT
x-content-type-options
nosniff
age
33233
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
64001
x-xss-protection
0
last-modified
Wed, 10 Apr 2019 16:17:25 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 09:10:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9F26
0
281 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseZcTpdLtHe5X8djb5CsMM9OMd8ch_AqcfpMxduBprcVZBuiupO78E2CWwBZvCpUsmupIxKdzhAXkVMn4Yaj9LhDT4dqkLw2DXeIl8zUnHlPgvVNxlf2exUni6LOAHg83M7o_PVXXHFNHhIsFBrh9OAwooOALoecKrcOoLYLGeJ-X3vtCb7ZWA7xcn59qiDjkJY0f3-fVXZMdC-JwdOEg8XHGc1HwECSHSQQslpbgwZAG2vwbWRTirQO9r-CQ_UFTe8dZsd2qj7ngl0h8-DAM&sai=AMfl-YQDfTSRIB-PdKcEsYhXd9QMOTpQ_UwiNYV4rWlxgKp_yRHWB4RGM326pKSxHKdNOmhhmN0m8DxM-G5lvG2h-tSrK-6zM5lbwryTqdOk&sig=Cg0ArKJSzLGUeEZ9WKdLEAE&adurl=
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CD84
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
8395
date
Wed, 05 Feb 2020 10:47:33 GMT
expires
Thu, 04 Feb 2021 10:47:33 GMT
last-modified
Wed, 09 May 2018 20:45:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27380
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
truncated
/ Frame DABD
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
469b648f1e0e5edb585bf2c013dfbb52059610304fdc69e7394a0a68abb4c669

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
1057324430996901626
tpc.googlesyndication.com/simgad/ Frame 9F26
63 KB
63 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1057324430996901626
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36a74537cddedcbc63dcc4431f55fdf3f547dee75180b630b2ad36659d0bad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 09:10:00 GMT
x-content-type-options
nosniff
age
33233
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
64001
x-xss-protection
0
last-modified
Wed, 10 Apr 2019 16:17:25 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 09:10:00 GMT
ad
ads.adventive.com/
281 KB
54 KB
Script
General
Full URL
https://ads.adventive.com/ad?j&pid=cd895049-42bb-40f4-a31b-5e75c58b960b&type=4&cb=404956001&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvwNkXsFXUh1QWmY8R_GenJ2BafugtoMuL2wLQwuh7-4YDTTUa7EH20YvtsCBf9gOa90oWYyE0u9BS0llNFpV85M7RtFl0WlqfU0OacCnFwqIqMlF34VO-8dr2z_kooLWbSfyGK8e3-hZXu1EYs3kboflv6HS3outJZ1AyuVjW0kM1Jgf0F_eyDYhGmBhhVjlYd9zGp8TBnWNINUaIhBKq1Sc2XwHKZaUR2vP3bjRAK6esyDRO9y6cUHXwoWtIgsdioEcS2KjEvCwoQfP01yZRKPQ%2526sai%253DAMfl-YS6XN3JCUg-SVvC8NbjBSDoCm-Tof4yfagrTJ4Yh1ph1pWBUI0qkn9iA3ePzx8LJcFybGumFU5FtisNgnXpBEWAbqZZ6Jj_OiqYnfif%2526sig%253DCg0ArKJSzOzsI2-muQwvEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=northstarmeetingsgroup.com&oop=&fb=adventive_htmlx_Jc849223_frame&forceFallback=1
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=cd895049-42bb-40f4-a31b-5e75c58b960b&type=4&cb=404956001&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvwNkXsFXUh1QWmY8R_GenJ2BafugtoMuL2wLQwuh7-4YDTTUa7EH20YvtsCBf9gOa90oWYyE0u9BS0llNFpV85M7RtFl0WlqfU0OacCnFwqIqMlF34VO-8dr2z_kooLWbSfyGK8e3-hZXu1EYs3kboflv6HS3outJZ1AyuVjW0kM1Jgf0F_eyDYhGmBhhVjlYd9zGp8TBnWNINUaIhBKq1Sc2XwHKZaUR2vP3bjRAK6esyDRO9y6cUHXwoWtIgsdioEcS2KjEvCwoQfP01yZRKPQ%2526sai%253DAMfl-YS6XN3JCUg-SVvC8NbjBSDoCm-Tof4yfagrTJ4Yh1ph1pWBUI0qkn9iA3ePzx8LJcFybGumFU5FtisNgnXpBEWAbqZZ6Jj_OiqYnfif%2526sig%253DCg0ArKJSzOzsI2-muQwvEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=northstarmeetingsgroup.com&oop=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6e382b97c8756a0481393e2a47eabdea7cbffebd078cabfca3795f4c16a3c416
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 05 Feb 2020 18:23:54 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-ua-compatible
IE=edge
timing-allow-origin
*
expires
Sat, 26 Jul 1997 05:00:00 GMT
stats
ads.adventive.com/api/ Frame E0CD
43 B
400 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%7D&dh=1200&dw=1600&eng=0&grp=0&hc=eeggmscc&iid=efbed154e5354a3d886a7909e62bf190&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=serve_impression&hov=0
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
cache
date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
none
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
private, max-age=86400, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Thu, 06 Feb 2020 18:23:54 GMT
truncated
/ Frame E0CD
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f6cfa9fdb8219c0d2a7c24820e1a83ce2434f38c0d99b73dd3d0e05ccfa68d3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
vissense.min.js
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/
11 KB
3 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js
Requested by
Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=cd895049-42bb-40f4-a31b-5e75c58b960b&type=4&cb=404956001&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsvwNkXsFXUh1QWmY8R_GenJ2BafugtoMuL2wLQwuh7-4YDTTUa7EH20YvtsCBf9gOa90oWYyE0u9BS0llNFpV85M7RtFl0WlqfU0OacCnFwqIqMlF34VO-8dr2z_kooLWbSfyGK8e3-hZXu1EYs3kboflv6HS3outJZ1AyuVjW0kM1Jgf0F_eyDYhGmBhhVjlYd9zGp8TBnWNINUaIhBKq1Sc2XwHKZaUR2vP3bjRAK6esyDRO9y6cUHXwoWtIgsdioEcS2KjEvCwoQfP01yZRKPQ%2526sai%253DAMfl-YS6XN3JCUg-SVvC8NbjBSDoCm-Tof4yfagrTJ4Yh1ph1pWBUI0qkn9iA3ePzx8LJcFybGumFU5FtisNgnXpBEWAbqZZ6Jj_OiqYnfif%2526sig%253DCg0ArKJSzOzsI2-muQwvEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=northstarmeetingsgroup.com&oop=&fb=adventive_htmlx_Jc849223_frame&forceFallback=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
16886170
cf-ray
5606eb0d3950dfdb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:27:41 GMT
server
cloudflare
etag
W/"5afd4b0d-2af5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 Jan 2021 18:23:54 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
b198083c-a0d7-494c-8aa7-f3a7b2b83e06
assets.adventivecdn.com/434/ Frame D40E
62 KB
62 KB
Image
General
Full URL
https://assets.adventivecdn.com/434/b198083c-a0d7-494c-8aa7-f3a7b2b83e06
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88acb7ece85baeb2f2b81e41ee2827dd66cdc7f01eee28ac0f32cbae10e23417

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
cf-cache-status
HIT
age
13805
cf-polished
origFmt=jpeg, origSize=136194
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
63102
x-amz-id-2
1Pmm35kl/FyvBdV/NB5ANNxsLQTCtZk/eUZSVvbVL6ZQzZdQMTL9xbu2HSjOPu/UbNVACbWEunQ=
last-modified
Tue, 04 Feb 2020 18:29:27 GMT
server
cloudflare
etag
"70f35ecb7c3dbf47ae04117b674b7b0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
645A931B0D34D4D3
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5606eb0d8f3997c6-FRA
cf-bgj
imgq:100
blank.png
assets.adventivecdn.com/ui/images/ Frame D40E
34 B
279 B
Image
General
Full URL
https://assets.adventivecdn.com/ui/images/blank.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1640 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
cf-cache-status
HIT
age
8863
cf-polished
origFmt=png, origSize=68
status
200
content-disposition
inline; filename="blank.webp"
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
34
x-amz-id-2
j0nF5E73Ts+ZWNkgXCf9ehHKkZBo8D4Txf+Y/MXjDiTggmE8sHbRXHmoUFPReoexhOzLCRd3G9Y=
last-modified
Wed, 24 Jul 2019 17:44:25 GMT
server
cloudflare
etag
"e679fbd466a2d656f194a5da4fa083cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
2173A85FC6142E4A
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5606eb0d8f3b97c6-FRA
cf-bgj
imgq:100
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/latest/ Frame D40E
26 KB
9 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/TweenLite.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
8508183
cf-ray
5606eb0d59e7dfdb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:20:03 GMT
server
cloudflare
etag
W/"5afd4943-697f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 Jan 2021 18:23:54 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/latest/plugins/ Frame D40E
38 KB
14 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/plugins/CSSPlugin.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
8508380
cf-ray
5606eb0d59eadfdb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:23 GMT
server
cloudflare
etag
W/"5afd491b-9833"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 Jan 2021 18:23:54 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.15.0/easing/ Frame D40E
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.15.0/easing/EasePack.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
16886149
cf-ray
5606eb0d59ebdfdb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:23 GMT
server
cloudflare
etag
W/"5afd491b-145b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 25 Jan 2021 18:23:54 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
mediaelementplayer.css
serve.adventivecdn.com/serve/vendor/custom/mediaelement/build/ Frame D40E
15 KB
4 KB
Stylesheet
General
Full URL
https://serve.adventivecdn.com/serve/vendor/custom/mediaelement/build/mediaelementplayer.css?version=v3.10.0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a59095c5ffbc54627362281a5ad8620f8abe43f3afb8c51a8d47523451c1733a

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
5623
cf-polished
origSize=19905
cf-ray
5606eb0d8e3f9754-FRA
status
200
cf-bgj
minify
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Fri, 24 Jan 2020 02:43:51 GMT
server
cloudflare
etag
W/"4dc1-59cd9ba591d37-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=14400
timing-allow-origin
*
expires
Wed, 05 Feb 2020 22:23:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame D40E
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 00:56:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62815
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Feb 2021 00:56:59 GMT
mediaelement-and-player-fullscreen.min.js
serve.adventivecdn.com/serve/vendor/custom/mediaelement/build/ Frame D40E
76 KB
20 KB
Script
General
Full URL
https://serve.adventivecdn.com/serve/vendor/custom/mediaelement/build/mediaelement-and-player-fullscreen.min.js?version=v3.10.0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79938aa84fcaa099a45489b7278edfe666269ce0bd6de7fb7ec08d55af481be0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
4302
status
200
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
timing-allow-origin
*
last-modified
Thu, 07 Nov 2019 03:13:27 GMT
server
cloudflare
etag
W/"1303f-596b90c8e337b-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
5606eb0d8e409754-FRA
expires
Wed, 05 Feb 2020 22:23:54 GMT
mediaelement-and-player.js
serve.adventivecdn.com/serve/vendor/custom/mediaelement/build/ Frame D40E
212 KB
41 KB
Script
General
Full URL
https://serve.adventivecdn.com/serve/vendor/custom/mediaelement/build/mediaelement-and-player.js?version=v3.10.0
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d67daa46a06f090f15a93cee50e59396971197044199db53a7b7e466594aa7e

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
br
cf-cache-status
HIT
age
4940
cf-polished
origSize=332266
cf-ray
5606eb0d8e419754-FRA
status
200
cf-bgj
minify
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Fri, 24 Jan 2020 02:43:51 GMT
server
cloudflare
etag
W/"511ea-59cd9ba591d37-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
timing-allow-origin
*
expires
Wed, 05 Feb 2020 22:23:54 GMT
80cdbe97-6e16-4b3f-bd92-758d3b0b5e1c_443.mp4
video.adventivecdn.com/434/ Frame D40E
64 KB
0
Media
General
Full URL
https://video.adventivecdn.com/434/80cdbe97-6e16-4b3f-bd92-758d3b0b5e1c_443.mp4
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
cf-cache-status
HIT
age
13805
status
206
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id
0148B58D0E9519F0
x-amz-id-2
bsPnOm1oVd2FYzZMr19YDtmZo1bkvqeXj4OJkkvlsBMXNwE71cRDnH1dBX3CowTJZguFk6q3hWY=
content-range
bytes 0-375623/375624
last-modified
Tue, 04 Feb 2020 18:43:27 GMT
server
cloudflare
etag
"b3d9bb542552aa6e0efa2e94d01f3b7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
cache-control
public, max-age=14400
content-length
375624
cf-ray
5606eb0e5f329754-FRA
expires
Wed, 05 Feb 2020 22:23:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
11791201559092296792
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:54 GMT
olytics
oqs.omeda.com/oqs/rest/
0
470 B
XHR
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Access-Control-Request-Method
POST
Origin
https://www.northstarmeetingsgroup.com
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 05 Feb 2020 18:23:54 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Headers
Access-Control-Request-Headers, Content-Type, Origin, Accept, Accept-Encoding, Accept-Language, HOST, User-Agent, Access-Control-Request-Method, Access-Control-Max-Age
Content-Length
0
X-XSS-Protection
1; mode=block
truncated
/ Frame D40E
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D40E
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/png
gpt.js
www.googletagservices.com/tag/js/
0
0
Fetch
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"419 / 109 of 1000 / last-modified: 1580868091"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 05 Feb 2020 18:23:54 GMT
arrow-thick-right-graydk.svg
www.northstarmeetingsgroup.com/src/images/icons/
520 B
543 B
Image
General
Full URL
https://www.northstarmeetingsgroup.com/src/images/icons/arrow-thick-right-graydk.svg
Requested by
Host: www.northstarmeetingsgroup.com
URL: https://www.northstarmeetingsgroup.com/dist/js/scripts.min.js?20200122
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7716 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dfb761cd7f675eb708d4b9b7182ec9700d45856a6fc06bce93b9954bc1114e

Request headers

Referer
https://www.northstarmeetingsgroup.com/dist/css/style.css?20200116a
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Wed, 05 Feb 2020 18:23:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Apr 2018 13:58:51 GMT
server
cloudflare
age
9085997
etag
W/"364f14ed4d0d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
public, max-age=34560000
cf-ray
5606eb115e8fdff3-FRA
olytics
oqs.omeda.com/oqs/rest/
15 B
307 B
XHR
General
Full URL
https://oqs.omeda.com/oqs/rest/olytics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.165 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
754c94388315799ee1eb0338fa7163a26d71dcb96c7767c14bcb7cd7d1901fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Origin
https://www.northstarmeetingsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 05 Feb 2020 18:23:54 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
p
olytics.omeda.com/olytics/segments/
0
521 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/p
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.northstarmeetingsgroup.com
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 05 Feb 2020 18:23:55 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
/
olytics.omeda.com/olytics/segments/form/check/
0
521 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Requested by
Host: olytics.omeda.com
URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.northstarmeetingsgroup.com
Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 05 Feb 2020 18:23:55 GMT
Server
Apache
vary
Access-Control-Request-Headers,Access-Control-Request-Headers,access-control-request-method
Access-Control-Allow-Methods
HEAD,DELETE,POST,GET,OPTIONS,PUT
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Access-Control-Allow-Headers
access-control-max-age,accept-language,origin,x-requested-with,access-control-request-headers,host,content-type,access-control-request-method,accept-encoding,accept,user-agent
Content-Length
0
80cdbe97-6e16-4b3f-bd92-758d3b0b5e1c_443.mp4
video.adventivecdn.com/434/ Frame D40E
303 KB
303 KB
Media
General
Full URL
https://video.adventivecdn.com/434/80cdbe97-6e16-4b3f-bd92-758d3b0b5e1c_443.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c68626cd22c279caa585b650ca1783e4dbe890148d9907bd361aecd25393b7d

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Range
bytes=65536-

Response headers

date
Wed, 05 Feb 2020 18:23:55 GMT
cf-cache-status
HIT
age
13806
status
206
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id
0148B58D0E9519F0
x-amz-id-2
bsPnOm1oVd2FYzZMr19YDtmZo1bkvqeXj4OJkkvlsBMXNwE71cRDnH1dBX3CowTJZguFk6q3hWY=
content-range
bytes 65536-375623/375624
last-modified
Tue, 04 Feb 2020 18:43:27 GMT
server
cloudflare
etag
"b3d9bb542552aa6e0efa2e94d01f3b7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
cache-control
public, max-age=14400
content-length
310088
cf-ray
5606eb14d82e9754-FRA
expires
Wed, 05 Feb 2020 22:23:55 GMT
stats
ads.adventive.com/api/
43 B
347 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A0%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A0%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=play_video_auto&hov=0&cb=1580927036148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:56 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT
p
olytics.omeda.com/olytics/segments/
20 B
313 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Origin
https://www.northstarmeetingsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 05 Feb 2020 18:23:56 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
/
olytics.omeda.com/olytics/segments/form/check/
20 B
313 B
XHR
General
Full URL
https://olytics.omeda.com/olytics/segments/form/check/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.180.130.159 Chicago, United States, ASN53866 (QTS-AS, US),
Reverse DNS
my.omedastaging.com
Software
Apache /
Resource Hash
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
Origin
https://www.northstarmeetingsgroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 05 Feb 2020 18:23:56 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
stats
ads.adventive.com/api/
43 B
433 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A2%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A2%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=q1_video_auto&hov=0&cb=1580927038148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:23:58 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT
stats
ads.adventive.com/api/
43 B
347 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A4%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A4%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=q2_video_auto&hov=0&cb=1580927040153
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:24:00 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT
stats
ads.adventive.com/api/
43 B
347 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A6%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A6%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=q3_video_auto&hov=0&cb=1580927042148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:24:02 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT
stats
ads.adventive.com/api/
43 B
347 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A8%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A8%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=q4_video_auto&hov=0&cb=1580927043148
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:24:03 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT
/
srv-2020-02-05-18.pixel.parsely.com/plogger/
43 B
229 B
Image
General
Full URL
https://srv-2020-02-05-18.pixel.parsely.com/plogger/?rand=1580927043948&plid=77923206&idsite=northstarmeetingsgroup.com&url=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22122184fa-542f-472c-9586-81eaa20949eb%22%2C%22parsely_site_uuid%22%3A%22fdd0cfa3-47e4-4ed1-a3af-8782b5206517%22%7D&sid=1&surl=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&sref=&sts=1580927043947&slts=0&date=Wed+Feb+05+2020+19%3A24%3A03+GMT%2B0100+(Central+European+Standard+Time)&action=heartbeat&inc=5&tt=4900&pvid=69295363&u=fdd0cfa3-47e4-4ed1-a3af-8782b5206517
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.105.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-105-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 05 Feb 2020 18:24:05 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
stats
ads.adventive.com/api/
43 B
347 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A8%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A8%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=stop_video_auto&hov=0&cb=1580927044166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:24:04 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT
stats
ads.adventive.com/api/
43 B
347 B
Image
General
Full URL
https://ads.adventive.com/api/stats?acc=434&adv=9157&atid=4&auid=113683&cache=1&cid=50582&gid=0&pcid=65311&pid=120757&sid=1139&tag=cd895049-42bb-40f4-a31b-5e75c58b960b&tz=America%2FNew_York&up=0.00000&ut=CV&vid=1&ckid=4addced9-d96c-4a4a-a607-b3caaa1e2172&ip=193.9.113.119&clk=0&dat=%7B%22xVal%22%3Anull%2C%22yVal%22%3Anull%2C%22screenIndex%22%3A1%2C%22dest%22%3A%22null%22%2C%22duration%22%3A8%2C%22time%22%3A8%2C%22video%22%3A%22DscvrNpt_video.mp4%22%2C%22playTime%22%3A8%2C%22player%22%3A%22customvideo%22%7D&dh=1200&dw=1600&eng=0&grp=0&hc=woomkeaa&iid=0dd53096cf3e4eb29a2f4c04a3c1da56&ref=https%3A%2F%2Fwww.northstarmeetingsgroup.com%2Fnews%2Findustry%2Fcoronavirus-disruptions-business-travel-incentives&type=stop_video_auto&hov=0&cb=1580927044181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.85.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-85-63.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Feb 2020 18:24:04 GMT
content-encoding
none
last-modified
Wed, 11 Jan 2006 12:59:00 GMT
server
Apache/2.4.29 (Ubuntu)
access-control-allow-origin
*
p3p
CP="CAO PSA OUR"
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
x-ua-compatible
IE=edge
timing-allow-origin
*
content-length
43
expires
Wed, 11 Jan 2000 12:59:00 GMT

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| viewport boolean| bShowDFPTest string| dfptestoutput string| DFPPathString string| DFPMobilePathString string| keywords string| ccar string| OAS_rn function| ad_isMobile function| DFPSetPaths function| initOASAd function| renderslot function| renderAd function| renderajaxslot function| prependAdLabel function| rotateads function| getEPGAdIm function| renderEPGAdIm function| renderEPGAdImAJAX function| showTestOutput boolean| isAdsDisplayed string| bIsAdblocked number| gaPagekey object| dataLayer function| gtag function| initNTGOTags object| google_tag_manager string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email function| hj object| _hjSettings function| fbq function| _fbq object| cookieconsent object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| lintrk boolean| _already_called_lintrk object| PARSELY string| NTM_TRK_ID string| NTM_TRK_EMAIL boolean| NTM_TRK_ID_KNOWNSOURCEUSER boolean| NTM_TRK_ID_KNOWNUSER boolean| NTM_TRK_ID_NEWSOURCE boolean| NTM_TRK_ID_NEW object| head object| link string| method object| olytics object| a function| setupDFPSlots boolean| OAS_IsHome string| OAS_sitepage string| OAS_site string| OAS_accountid string| OAS_site_mobile string| OAS_query object| googletag string| tlLang number| tlView string| tlDFormat object| utag_data string| s_account object| s function| evlink function| ntmtrk_printsub_start function| ntmtrk_printsub_end function| ntmtrk_esub_start function| ntmtrk_esub_end function| s_doPlugins string| s_code undefined| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq string| trackingPageName string| GoogleAnalyticsObject function| ga function| _classCallCheck function| _extends function| _createClass function| Slinky object| Northstar function| invokeSalarySurveyGate function| invokeEventVenuesGate function| invokecolgate function| invokeaddtocol function| invokedaddtoev function| invokedaddtosv function| refreshcollist function| isElementInViewport object| userAgent number| adHeight number| adWidth number| pushdownHeight number| expandHeight function| myrnd function| appndURL function| donothing function| disablelink function| enablelink function| dontdo function| numberWithCommas function| winloc function| refreshwin function| _newopt function| _newopthtml function| showError function| serviceProxy function| AjaxFailed function| myTrackPageView function| myTrackEvent function| isDate function| isTime function| DateAdd function| AND function| binaryArray function| isScrolledIntoView function| pushLoadMore function| closeme function| Has3rdPartyCookie function| Create3rdPartyCookie function| IsLoc3rdParty function| validateEmail function| setupForm function| setupAdaptive function| refreshFilteredList function| closeRegOverlay function| scrollModalToTop function| initFilteredList function| getreturl function| doPagedListNav function| buildSiteSearch function| getFilterCheckedList function| isiniframe function| LinkToPage function| showLogin function| showRegister function| showPassword function| showNewsletterOptin function| hasGA function| hasOmni object| newsletterOptions function| nwsltrlabel function| initnewslettertracking string| sVenueACHotelURL string| sVenueSearchURL string| sVenueSearchURL2 function| appndVSrchParms function| initListicle function| initSocialShares function| validatecmp function| AddVenueToCompare function| RemoveVenueToCompare function| ClearVenueToCompare function| invokecmpgate function| validaterfp function| AddVenueToRFP function| RemoveVenueToRFP function| ClearVenueToRFP function| setCookie function| getCookie function| CheckUserVisits function| SalarySurveyGate function| $ function| jQuery function| Popper object| bootstrap function| getResponsiveBreakpoint object| DynaProxy function| ShareThis object| ShareThisViaFacebook object| ShareThisViaLinkedIn object| ShareThisViaTwitter object| dhtmlHistory object| historyStorage object| leftPanel object| footer boolean| hideAds object| hero number| adTopStartPos number| adTopfixedPos number| triggerScrollTopPos string| pathname object| venueheader object| jumplinks undefined| pageelem undefined| adTopPad undefined| scrollTopPad object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| google_image_requests string| openTag object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| appendScript object| ns_4_113683_IG261517 object| Adventive object| srcDoc object| ampContext boolean| preventSpecialFormat function| VisSense object| JSON3 function| setImmediate function| clearImmediate function| normalize

3 Cookies

Domain/Path Name / Value
.northstarmeetingsgroup.com/ Name: oly_anon_id
Value: %22F-79002833-336e-4929-84df-cdc70cb453d6%22
.northstarmeetingsgroup.com/ Name: oly_enc_id
Value: null
.northstarmeetingsgroup.com/ Name: __gads
Value: ID=5bd7c93eac339d27:T=1580927033:S=ALNI_MYtojkdsy7zdnKf-Dj8TYKq0W4xuA

10 Console Messages

Source Level URL
Text
console-api log URL: https://ai.northstartravelmedia.com/track/?s=&oid=a096c672423f4f0b959219cb6a289904(Line 5)
Message:
load olytics
console-api log URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives(Line 59)
Message:
olyitics fire
console-api log URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives(Line 96)
Message:
tlLang:en-US
console-api log URL: https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives(Line 100)
Message:
tlDFormat:desktop/wide
console-api info URL: https://cdn.ampproject.org/rtv/012001251659540/amp4ads-v0.js(Line 409)
Message:
Powered by AMP ⚡ HTML – Version 2001251659540 https://www.northstarmeetingsgroup.com/news/industry/coronavirus-disruptions-business-travel-incentives
console-api log URL: https://olytics.omeda.com/olytics/js/v3/p/olytics.min.js(Line 46)
Message:
olytics fire called
console-api log URL: about:srcdoc(Line 1)
Message:
firstQuartile
console-api log URL: about:srcdoc(Line 1)
Message:
SecondQuartile
console-api log URL: about:srcdoc(Line 1)
Message:
ThirdQuartile
console-api log URL: about:srcdoc(Line 1)
Message:
complete

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.adventive.com
adservice.google.com
adservice.google.de
ai.northstartravelmedia.com
ajax.googleapis.com
assets.adventivecdn.com
cdn.ampproject.org
cdnjs.cloudflare.com
connect.facebook.net
d1z2jf7jlzjs58.cloudfront.net
dc.arrivalist.com
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
ib.adnxs.com
olytics.omeda.com
oqs.omeda.com
pagead2.googlesyndication.com
platform.twitter.com
px.ads.linkedin.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
serve.adventivecdn.com
sjs.bizographics.com
srv-2020-02-05-18.config.parsely.com
srv-2020-02-05-18.pixel.parsely.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vars.hotjar.com
video.adventivecdn.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.northstarmeetingsgroup.com
www3.gbta.org
13.35.254.99
147.75.32.105
147.75.33.229
172.217.18.102
172.217.23.162
185.33.223.100
204.180.130.159
204.180.130.165
216.58.207.34
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:7716
2606:4700::6811:4104
2606:4700::6812:1640
2606:4700::6812:1740
2a00:1450:4001:800::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:817::2002
2a00:1450:4001:818::200a
2a00:1450:4001:819::2008
2a00:1450:4001:81a::2006
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:820::2001
2a00:1450:400c:c00::9b
2a02:26f0:fe00:182::3adf
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
34.225.65.136
35.172.5.45
52.202.69.186
52.55.105.83
52.86.85.63
00ed3b2067e143140eb330c86e2df1d6aeffb76636687a5752c1f847a25301c4
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f4acf2b56cc6b265f73e61d5ecd05dffd0ed6bad69bed7857732939543286c
0d33be0acecd4db38e8ef5ccdb3a8ff23a27406e9cda4d92105fd812e2eab845
0fe579b8dfb3e283c9a3a4f5997f06b3c17d65829e15fbaaebe28d97e2d10200
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
1e93721c8c8c91a0655ae1618a2dec27dfbf5c1374685b099798fa36529e75d8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c68626cd22c279caa585b650ca1783e4dbe890148d9907bd361aecd25393b7d
30f825366b29e0c783fd4416f9729fec0e5900cf115de79d2a628fb21d7df7b4
37631d346c18e78e0e4064404ef1f5d3b9ca1a9a0d008fbdbb3bd6f7242daaef
385bf60b00ac86347e623110798bf340dac6a124146c034cf58ff596525f38a3
39529b45c6df9347a20a9846967fd3dbc18b62f84ae552f59b769e408cc0986d
3b2f8078a6c1c931ce9fae5f3c3e9829daaa6ee02fe4bbd8b4e3674f4f391e62
406062364066f8d3dbca9ba2fa740d6e1a757d3e3179ba72876705d1d9dd2e3f
40c1cfc90fea6655eb4b3a3aaa8f20aa645b2d8196ef322e0c65ed5454932bd0
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43869e57b9339b03aecd3da7938097421e238ae9bdfd42a64035cc17c86399e0
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45c58e4185c05af217c3ad3b1d3ac9228559da901e2aa37e415eed6b6a631520
469b648f1e0e5edb585bf2c013dfbb52059610304fdc69e7394a0a68abb4c669
4bbd385b461e4e6b301696257fe70b40f6418f005d905aa1f918db1d69f74bd4
4dced00354b099d831f860145bbd0149f99889d4c45632e4d9e849f008123866
4e3bbb8f68c4f8f1f06510e5272fdd319a0bb4e75d619629dc481266dc2b6e61
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a644e8465589433b379f0677d56c90a236bcb36509eaa172a8944acbcb9f64
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5c66cbe33a007920cdea231069727d9420e5e4a751378d2adb7777a03fe716bd
5c8dfe4cca159863eb9aadd51f9a69062abc5b449622b0416856d69192c69da8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6e382b97c8756a0481393e2a47eabdea7cbffebd078cabfca3795f4c16a3c416
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
754c94388315799ee1eb0338fa7163a26d71dcb96c7767c14bcb7cd7d1901fc9
78ea5ce4b8dfc0ed2fd60722543a2e621a6a71e4a890d0b927de343e07180b8e
79938aa84fcaa099a45489b7278edfe666269ce0bd6de7fb7ec08d55af481be0
7d67daa46a06f090f15a93cee50e59396971197044199db53a7b7e466594aa7e
7e347b66fb1145f780600551e06778b33ecaca5c45897ac90eb96eb4b6afd082
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7ee48455f8a91b4e6a64efc5732414ea7fbde37711e7e505fcc1678d337db9ec
7f1690d8cf2a0b218fa81cc5395fc7d448aafd865448ff5362f2115ebefefcc4
80cca1779fa9577f2d9bfa407f1cb0de0f97df9e12d0b1ed22c5a160203b8b4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
875691181b581aea329619eae2a463f7c930c7cd9d1a7ba7d66d80ed4be8d225
87fcfe1c1a8c72431fd81b15f05cfd03a9c8586e78912376d5e6612178ec5414
88acb7ece85baeb2f2b81e41ee2827dd66cdc7f01eee28ac0f32cbae10e23417
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b29c1fab63fb081098db0587875d1819afbf8e06818a5bc917dd20dae4b1c8d
8f7b877f5e26e9418a42d1e7f4fc09c36b6c6ce80fcee4fd2eadc785e9fda7ea
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
928275713ac9809d685b61a27ada8d3d35cc64e8ac92a22eb37017dee54c653d
93dfb761cd7f675eb708d4b9b7182ec9700d45856a6fc06bce93b9954bc1114e
9648b301ed4c48cf2fdd0fb932a1536c80881b0a73fb2852033b810c2ae1544c
9c911a1f5f7dac1d1af787741e05eb5351442579e175bdb352315f706b9e99e4
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f6cfa9fdb8219c0d2a7c24820e1a83ce2434f38c0d99b73dd3d0e05ccfa68d3
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a59095c5ffbc54627362281a5ad8620f8abe43f3afb8c51a8d47523451c1733a
a8e427db11a8744bebbcdfd050f7b9d0a84b5a1754d086f1787c40db21955264
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b0419faf03242236e04c1c062d52b7f011bf5f0222342fc4006f51cec7dd6ba0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b424ec6465b6e0dd6e6b9ece3fa59da2a273e14ce3cebfd444ad5b661fba16b8
b77f487aeb58b2ea7e227ec1cec0100d60a7efb538a324ebe87d570a90f04b7f
bc3f8cdc95a54a80b02793a7ff9de6e93da400f75805cb34423de7e55e707ae3
be1715c69d96b06e564b7e0edfb215bf75a80528c602a4b3dc09b9a042b43459
be1cd23fd71254e68b3bcbb41558819e53c8b74b4e88e96a412d1eaa0ed49046
c21b288ef19cb562997c86ac9e8aba0899faee3374d68aa781017656dd8a27a9
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d36a74537cddedcbc63dcc4431f55fdf3f547dee75180b630b2ad36659d0bad7
d95fa8b2c4e62bdfe9a9b17cfd9897f35987a1c620abc31651d1c18ae13b4dd3
daa67413e56cd99d4d284e2a3e123b1cd748f27291691f60b59b8a10f5493d05
dd34c7ec71f911de4caa4052dc5f38ffbf2eefef7066ca1a0e02ebb117c2f2c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
e8ebc52070e4f1aa4c83f40c912bb12037dc5938891b5284008c109a68d74015
ee8426f652c3e474d7da204119940bd1b2f40b9b58bedc0320aaf405ccf6ff79
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a6506e100053cd9f6fc054c722ce7dfbab8c7048771d2c40b1bcf96f359462
f604b04b3bdb8a427f6aa131773979ecbae3f664902966bc4002b9c934152601
fe0c71b818cd04ebf2ff7804e99ebdcbbfd35e8e674f052b872695ae2817db00