www.executivetraveller.com Open in urlscan Pro
2606:4700:10::6816:1d7f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3wbSby8
Effective URL:
https://www.executivetraveller.com/news/qantas-business-rewards
Submission: On March 16 via manual (March 16th 2022, 8:55:18 am UTC) from AU — Scanned from DE

Summary HTTP 88 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 88 HTTP transactions. The main IP is 2606:4700:10::6816:1d7f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.executivetraveller.com. The Cisco Umbrella rank of the primary domain is 607212.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time www.executivetraveller.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2606:4700:10:... 2606:4700:10::6816:1d7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
28	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:16::b856:fbdb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:dd1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:236... 2600:9000:236e:3400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4686	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:6a00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	3.121.92.52 3.121.92.52	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
88	26

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1d7f (United States)

ASN13335 (CLOUDFLARENET, US)

www.executivetraveller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.18.22.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:16::b856:fbdb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.publift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dd1d (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.12 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:236e:3400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

publift-com.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4686 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:6a00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.92.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 5782	84 KB
11	executivetraveller.com www.executivetraveller.com — Cisco Umbrella Rank: 607212	211 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 ad.doubleclick.net — Cisco Umbrella Rank: 181 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	158 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	193 KB
8	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2005 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5719 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9692	273 KB
7	typekit.net use.typekit.net — Cisco Umbrella Rank: 427 p.typekit.net — Cisco Umbrella Rank: 527	140 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 941 api.btloader.com — Cisco Umbrella Rank: 1110	9 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 10547 in.getclicky.com — Cisco Umbrella Rank: 9033	6 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	10 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1128	930 B
1	videoplayerhub.com 1 redirects publift-com.videoplayerhub.com — Cisco Umbrella Rank: 38391	538 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	651 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207	5 KB
1	publift.com cdn.publift.com — Cisco Umbrella Rank: 207748	36 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	340 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	36 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 3926	307 B
88	20

	Domain	Requested by
28	www.dianomi.com	www.executivetraveller.com www.dianomi.com srcdoc
11	www.executivetraveller.com	www.executivetraveller.com static.cloudflareinsights.com
6	quantcast.mgr.consensu.org	cdn.publift.com quantcast.mgr.consensu.org
6	use.typekit.net	www.executivetraveller.com www.dianomi.com use.typekit.net
6	pagead2.googlesyndication.com	www.executivetraveller.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	cdn.publift.com securepubads.g.doubleclick.net
3	ad.doubleclick.net	1 redirects www.dianomi.com www.executivetraveller.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	www.executivetraveller.com
1	www.google.com	tpc.googlesyndication.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	api.btloader.com	publift-com.videoplayerhub.com
1	ad-delivery.net	www.executivetraveller.com
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	btloader.com	www.executivetraveller.com
1	publift-com.videoplayerhub.com	1 redirects
1	p.typekit.net	use.typekit.net
1	in.getclicky.com	static.getclicky.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	www.executivetraveller.com
1	static.getclicky.com	www.executivetraveller.com
1	cdn.publift.com	www.executivetraveller.com
1	cdnjs.cloudflare.com	www.executivetraveller.com
1	www.googletagmanager.com	www.executivetraveller.com
1	bit.ly	1 redirects
88	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.reddit.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
cdn.fuseplatform.net R3	`2022-01-17` - `2022-04-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2022-02-23` - `2022-05-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.executivetraveller.com/news/qantas-business-rewards
Frame ID: B4DDD5F6895F3F95407E8F9417EC49BD
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Frame ID: 6808B92881DEFBFAF5F475B03D6F041A
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
Frame ID: 3302379289E60F90E3C1432AAC104184
Requests: 8 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
Frame ID: CD434CC531FDF12DFF51267ED149059A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655481952161096&output=html&adk=1812271804&adf=3025194257&lmt=1647420913&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647420913285&bpp=3&bdt=290&idt=209&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7520297619002&frm=20&pv=2&ga_vid=1266456459.1647420913&ga_sid=1647420914&ga_hid=1837092512&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750774%2C21065725%2C44758229&oid=2&pvsid=396413444070129&pem=546&tmod=997764079&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233
Frame ID: 793B98C18CD0C65469FAB2741594E106
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20220302105108120
Frame ID: 1512AED89F0E832A0EE4F00DDC8FCA40
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B9CE1D3C78857B6EDD9474C30D32B83
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD76E043D520737166F10F65BBC6F75C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Qantas woos business flyers with lower fares, more points, Gold status - Executive Traveller

Page URL History Show full URLs

https://bit.ly/3wbSby8 HTTP 301
https://www.executivetraveller.com/news/qantas-business-rewards Page URL

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

88
Requests

98 %
HTTPS

75 %
IPv6

20
Domains

30
Subdomains

26
IPs

4
Countries

1526 kB
Transfer

4835 kB
Size

14
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ExecutiveTravellerOfficial/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/executivetraveller/

Search URL Search Domain Scan URL

URL: https://twitter.com/Exec_Traveller

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=311929303006168&display=popup&href=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&redirect_uri=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&text=Qantas+woos+business+flyers+with+lower+fares%2C+more+points%2C+Gold+status&via=Exec_Traveller

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3wbSby8 HTTP 301
https://www.executivetraveller.com/news/qantas-business-rewards Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.307329852;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.307329852;dc_pre=CLGn65KhyvYCFVJL4Aod1akMqg;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 59

https://publift-com.videoplayerhub.com/galleryplayer.js HTTP 301
https://btloader.com/tag?h=publift-com&upapi=true

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request qantas-business-rewards Show response
www.executivetraveller.com/news/
Redirect Chain

https://bit.ly/3wbSby8
https://www.executivetraveller.com/news/qantas-business-rewards

283 KB
51 KB

2065ms
2023ms

Document
text/html

2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6927aceb69f3a3f12f71147f7c2a5387c5e8614c2f255b004a146a76711016a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 16 Mar 2022 08:55:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, uid
access-control-request-headers: Authorization
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ecc44b579af8fd1-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server: nginx
date: Wed, 16 Mar 2022 08:55:10 GMT
content-type: text/html; charset=utf-8
content-length: 150
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.executivetraveller.com/news/qantas-business-rewards
referrer-policy: unsafe-url
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 188ms
84ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ece1d0ae863c88847173e85a66dc30264a73816f6e85aa06f29473225605f359

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53727
x-xss-protection: 0
server: cafe
etag: 1623933599323793118
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 08:55:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 142ms
53ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-18413986-1

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e26691fcb1614b1663db3c6e79b8a8818c7c7504b35b546fd46c3338f2c8a30b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36786
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 08:55:13 GMT

GET
H2 200 glightbox.min.css
cdn.jsdelivr.net/npm/glightbox/dist/css/ 13 KB
3 KB 54ms
24ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/glightbox/dist/css/glightbox.min.css

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 40535
x-jsd-version: 3.2.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"35b5-O1t5BPT0vPVZWcLs71CCG9kRACE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ecc44c29dce929c-FRA

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/js/ 1 MB
340 KB 62ms
32ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/js/all.min.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30081cca00d16a1b3e17f364e55cf7f3bc210789122bd357943377c39f0b2ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 559552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 346673
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-11843d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BCtgZGDDPFwT1U95CIduXHjUYJSKzRgYQXIrxDB5qAwN5NOn3CitiFQ%2BMDWOxG0Jj8e2w713t3BL%2B4yso2QVUdgYcyDy2InmqC1fko5JEMK%2BWmajVnNpOfxpULDtq1%2Bx4LI64Lzi3p3ZwbvoFhCMOrD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ecc44c2aee38fce-FRA
expires: Mon, 06 Mar 2023 08:55:13 GMT

GET
H2 200 api.js Show response
www.executivetraveller.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 18ms
18ms Script
text/javascript 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6ecc44c27fe18fd1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 l
use.typekit.net/af/7ced03/00000000000000003b9ae8bd/27/ 32 KB
33 KB 66ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7ced03/00000000000000003b9ae8bd/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e95cc0224feef8201ea043e124d267f239565117e9c2dc39da1fc54a2361147a

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
server: nginx
etag: "9a9f920635586e7942c79a5614cc9166338270d4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33264

GET
H2 200 l
use.typekit.net/af/46da36/00000000000000003b9acaf6/27/ 26 KB
26 KB 64ms
15ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/46da36/00000000000000003b9acaf6/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
server: nginx
etag: "de29fb2e3e401b15877c6b3a0953702fe7fa1105"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26812

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-18413986-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3027
date: Wed, 16 Mar 2022 08:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Mar 2022 10:04:46 GMT

GET
H3 200 623021ee1fe44280a375380cdd799465-qantas-female-flyer-2000a.jpg
www.executivetraveller.com/photos/view/size:1200,675/ 62 KB
63 KB 55ms
55ms Image
image/jpeg 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:1200,675/623021ee1fe44280a375380cdd799465-qantas-female-flyer-2000a.jpg

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe9ae498bffafafe4a651b989d147bd1e5afadbf47ed631d9b610edb4ce426c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
cf-cache-status: HIT
age: 1878
cf-polished: origSize=64699, status=webp_bigger
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cf-bgj: imgq:100,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 16 Mar 2022 08:23:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 16 Mar 23 14:12:41
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 6ecc44c3b9f49be2-FRA
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, uid
access-control-request-headers: Authorization

GET
H3 200 email-decode.min.js Show response
www.executivetraveller.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 18ms
18ms Script
application/javascript 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Mar 2022 18:25:01 GMT
server: cloudflare
etag: W/"622f887d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6ecc44c3b9f69be2-FRA
vary: Accept-Encoding
expires: Fri, 18 Mar 2022 08:55:13 GMT

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 19 KB
7 KB 77ms
34ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e585f5c469089d1bc338c701658cc6877851b8e16ba153a4371aafa20723dca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 10:51:12 GMT
server: cloudflare
etag: W/"4cc0-5d93a0f54a088"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 16 Mar 2022 08:57:13 GMT
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 6ecc44c3fb078fe9-FRA
cf-bgj: minify

GET
H2 200 fuse.js Show response
cdn.publift.com/fuse/tag/2/1265/ 377 KB
36 KB 452ms
388ms Script
application/x-javascript 2a02:26f0:1700:16::b856:fbdb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:16::b856:fbdb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 188ed44084380393607726e034fbfb29b7870356a264b1e44a2cd533bf86cd21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 04:32:21 GMT
server: AkamaiNetStorage
etag: "b4f52df707b3992ee92cbc06c15170fd:1646800341.014195"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 35988
expires: Wed, 16 Mar 2022 09:25:13 GMT

GET
H3 200 et.chunk.js Show response
www.executivetraveller.com/assets/js/ 165 KB
52 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.executivetraveller.com/assets/js/et.chunk.js?t1643246086
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe3dacba2eb040be73368d2d6789e97b21fe7d5cc2ccfc34318395740bee485

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 761572
cf-polished: origSize=169365
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Jan 2022 01:14:46 GMT
server: cloudflare
etag: W/"61f1f206-29595"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6ecc44c3b9fd9be2-FRA
expires: Wed, 06 Apr 2022 13:22:21 GMT

GET
H3 200 app.min.js Show response
www.executivetraveller.com/assets/js/ 55 KB
14 KB 25ms
25ms Script
application/javascript 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.executivetraveller.com/assets/js/app.min.js?t=1643246086
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7922361b4e6c656caed4d1e165985d6bf3932b27aedf9fcd87764655eb86e4b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 01:14:46 GMT
server: cloudflare
age: 761572
etag: W/"61f1f206-dacf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 6ecc44c3ba019be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 06 Apr 2022 13:22:21 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 74ms
25ms Script
text/javascript 2606:4700::6810:dd1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dd1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 13 Mar 2022 23:38:29 GMT
server: cloudflare
age: 206204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 23 Mar 2022 08:55:13 GMT
cache-control: public, max-age=604800
cf-ray: 6ecc44c40a5c9012-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 77ms
46ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ecc44c3ef566997-FRA

GET
H2 200 l
use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/ 26 KB
27 KB 15ms
15ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/l?fvd=n4&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 229fb2416558501a53539fcb4380d6efd751b0b8a3fe36aa2e5f550eb454bec3

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
server: nginx
etag: "85cab88f0242c61b2adc4254ad911625e4e89ceb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27124

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 114ms
67ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7655481952161096&plah=www.executivetraveller.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32fee0cfe0b84ea1a14cac7305b9980ad4ceaae640d3b9d0de12c4c2feca327b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107539
x-xss-protection: 0
server: cafe
etag: 962664109360003371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 08:55:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/ Frame 6808 10 KB
5 KB 123ms
36ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 01:29:16 GMT
expires: Wed, 30 Mar 2022 01:29:16 GMT
cache-control: public, max-age=1209600
age: 26757
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 l
use.typekit.net/af/2acd47/00000000000000003b9acb43/27/ 26 KB
26 KB 12ms
12ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2acd47/00000000000000003b9acb43/27/l?fvd=n6&primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&v=3
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 71e979e83c2f2e769a509c9a3233ecf2e89980e636c12ffed85ccb61dbf5d2fd

Request headers

Referer: https://www.executivetraveller.com/
Origin: https://www.executivetraveller.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
server: nginx
etag: "ca4c0c737570ce6afe98a3ebf368b1e97766d127"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26776

GET
H3 200 ls.respimg.min.js Show response
cdn.jsdelivr.net/combine/npm/lazysizes@5.2.0/plugins/bgset/ls.bgset.min.js,npm/lazysizes@5.2.0/lazysizes.min.js,npm/lazysizes@5.2.0/plugins/aspectratio/ls.aspectratio.min.js,npm/lazysizes@5.2.0/plu... 17 KB
7 KB 25ms
15ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/lazysizes@5.2.0/plugins/bgset/ls.bgset.min.js,npm/lazysizes@5.2.0/lazysizes.min.js,npm/lazysizes@5.2.0/plugins/aspectratio/ls.aspectratio.min.js,npm/lazysizes@5.2.0/plugins/respimg/ls.respimg.min.js

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/assets/js/app.min.js?t=1643246086

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b716247f795a958d4f07206d155825f1811607e334ce0879ad77f6c9c2674e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 126879
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19180-FRA, cache-hhn4031-HHN
timing-allow-origin: *
server: cloudflare
etag: W/"42b6-Vz7a+07X6R7KfdNX4sblKnXWwmY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ecc44c47aa86939-FRA

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 564 B
359 B 49ms
48ms XHR
application/json 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=307&h=www.executivetraveller.com&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36cd2d6cf214def826499692f0d573c3ae6b9ea87901ed31f8434efd4674775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6ecc44c47b9b8fe9-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 338 B
378 B 46ms
45ms XHR
application/json 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=325&h=www.executivetraveller.com&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c7a0ccbbb3d3891a863de0fcdf9f037138632b4c01559a143c45f5976cb8764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6ecc44c47b9c8fe9-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1837092512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&ul=en-us&de=UTF-8&dt=Qantas%20woos%20business%20flyers%20with%20lower%20fares%2C%20more%20points%2C%20Gold%20status%20-%20Executive%20Traveller&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1224723386&gjid=442018175&cid=1266456459.1647420913&tid=UA-18413986-1&_gid=1983830775.1647420913&_r=1&gtm=2ou3e0&did=i5iSjo&z=441002143

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ 169 B
302 B 28ms
28ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3380
cf-polished: origSize=199
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"c7-57ff735ded940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6ecc44c4fc258fe9-FRA
expires: Wed, 16 Mar 2022 12:55:13 GMT

GET
H2 200 videofeed.js Show response
www.dianomi.com/js/contextfeed/ 3 KB
1 KB 49ms
49ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/videofeed.js?v=20220302105108120

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82389c04ea757c0d2d27be05ed1f2b36f1c10f938500c8b4de2a8b3b00ff5b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 10:51:12 GMT
server: cloudflare
etag: W/"cb8-5d93a0f55543b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 16 Mar 2022 08:57:13 GMT
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 6ecc44c4fc268fe9-FRA
cf-bgj: minify

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ 1 KB
1 KB 27ms
27ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8685
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c4fc278fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
260 B 43ms
43ms Image
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1635.325.ExeTravel&geo_ccod=de

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ecc44c4fc288fe9-FRA
expires: Tue, 15 Mar 2022 08:55:13 GMT

GET
H2 200 recirculation.epl Show response
www.dianomi.com/ Frame 3302 3 KB
848 B 75ms
75ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea553a03e100e9b01b4b4a2e0cf9626324834a82df1541da7c4869c1013756ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ecc44c4fc2d8fe9-FRA
content-encoding: br

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame CD43 8 KB
3 KB 60ms
60ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e209e28e17afc280e150cc66894e0509356cd944337bf10c5770aacc4277631c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/3330/29.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ecc44c4fc318fe9-FRA
content-encoding: br
cf-h2-pushed: </img/a/pss/3330/29.css>

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
138 B 45ms
44ms Image
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=1635.307.ExeTravel&geo_ccod=de

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ecc44c4fc2f8fe9-FRA
expires: Tue, 15 Mar 2022 08:55:13 GMT

POST
H3 204 result Show response
www.executivetraveller.com/cdn-cgi/bm/cv/ 0
420 B 18ms
18ms XHR
text/plain 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.executivetraveller.com/cdn-cgi/bm/cv/result?req_id=6ecc44b579af8fd1
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.executivetraveller.com/news/qantas-business-rewards
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
server: cloudflare
cf-ray: 6ecc44c52c929be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 226 B
651 B 136ms
44ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.executivetraveller.com&callback=_gfp_s_&client=ca-pub-7655481952161096

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7655481952161096&plah=www.executivetraveller.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ac64adffc890f1cf80c5affa3486588909e0060562944ab00af7aa4e385db881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 133ms
46ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.executivetraveller.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.executivetraveller.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 793B 0
19 B 133ms
86ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7655481952161096&output=html&adk=1812271804&adf=3025194257&lmt=1647420913&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647420913285&bpp=3&bdt=290&idt=209&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7520297619002&frm=20&pv=2&ga_vid=1266456459.1647420913&ga_sid=1647420914&ga_hid=1837092512&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750774%2C21065725%2C44758229&oid=2&pvsid=396413444070129&pem=546&tmod=997764079&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Mar 2022 08:55:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 08:55:13 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
447 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-18413986-1&cid=1266456459.1647420913&jid=1224723386&gjid=442018175&_gid=1983830775.1647420913&_u=YEBAAUAAAAAAAC~&z=513772696

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Mar 2022 08:55:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29.css
www.dianomi.com/img/a/pss/3330/ Frame CD43 2 KB
896 B 0ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3330/29.css

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce27ebd05b947b471d63d1933310858cdce45a2afdf14b8b22313083c6f824f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 124450
cf-polished: origSize=2844
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Feb 2022 20:00:59 GMT
server: cloudflare
etag: W/"b1c-5d7ffe01526cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6ecc44c54c8c8fe9-FRA
cf-bgj: minify

GET
H2 200 ams7vkd.css
use.typekit.net/ Frame CD43 6 KB
1 KB 32ms
14ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ams7vkd.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

5425b6bff53fae1f932b2e248c7cd1ec847685fec4c3f577696d2c962282607d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 16 Mar 2022 08:55:13 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 938

GET
H2 200 viewability10.js Show response
www.dianomi.com/js/ Frame CD43 7 KB
3 KB 25ms
25ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability10.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c3d83182d981db2e72f00211d9e93ae55db41b31aa8239b589a725521f6b3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 59
cf-polished: origSize=10836
last-modified: Mon, 21 Feb 2022 14:40:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"2a54-5d88837f2e3fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 6ecc44c5acfe8fe9-FRA
expires: Wed, 16 Mar 2022 08:57:13 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame CD43 1 KB
1 KB 26ms
24ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8685
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd188fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/131878/7/ Frame CD43 2 KB
2 KB 53ms
51ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/131878/7/100x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70737d5c8483012208ed1300dca75dfdcef397ca9d81693d931eba28136314e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=9726
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2324
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Jan 2022 09:59:29 GMT
server: cloudflare
etag: "25fe-5d614acc279b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd1b8fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/186494/9/ Frame CD43 2 KB
3 KB 35ms
33ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/186494/9/100x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2856c5ad84dadaadf7c4b028799efcba3298a1b17dd0b6535bf2235e355f6614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 811689
cf-polished: qual=85, origFmt=jpeg, origSize=4526
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2512
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Feb 2022 14:59:33 GMT
server: cloudflare
etag: "11ae-5d823e5bdaea5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd1c8fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/245590/3/ Frame CD43 2 KB
2 KB 53ms
52ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/245590/3/100x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f97db2f63208bf8da4d69a92230abc31b685af22e15df30a528cbb1b49c019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=4261
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2228
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Feb 2022 20:32:13 GMT
server: cloudflare
etag: "10a5-5d6facbd14107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd1e8fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/219925/5/ Frame CD43 3 KB
3 KB 107ms
106ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/219925/5/100x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23655264734c6d51bf527c6ada248e865dfa801da5e05f83e1028b2bb514ce05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: degrade=85, origSize=30304, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 15:08:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Mar 2022 08:55:13 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ecc44c5bd208fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/sav2/243543/4/ Frame CD43 3 KB
3 KB 28ms
27ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/243543/4/100x70.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c680800149ef3c7cbce71c5efa42aa9b5742066cb11cd8b861783eb4fd3d22f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6554&num_ads=5&cf=1635.307.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&unitId=dianomi-6554-YjGl8WMeujVuwgBsRKLZzAAAAAI1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 177925
cf-polished: qual=85, origFmt=jpeg, origSize=24260
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 3182
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Jan 2022 16:27:02 GMT
server: cloudflare
etag: "5ec4-5d6e3412dc728"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd228fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H3

200

B26132838.307329852;dc_pre=CLGn65KhyvYCFVJL4Aod1akMqg;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/ Frame CD43
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.307329852;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.307329852;dc_pre=CLGn65KhyvYCFVJL4Aod1akMqg;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;t...

42 B
65 B

108ms
61ms

Image
image/gif

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.307329852;dc_pre=CLGn65KhyvYCFVJL4Aod1akMqg;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.307329852;dc_pre=CLGn65KhyvYCFVJL4Aod1akMqg;dc_trk_aid=499896320;dc_trk_cid=153526526;ord=1647420913;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 29.css
www.dianomi.com/img/a/pss/3330/ Frame 3302 2 KB
826 B 26ms
26ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3330/29.css

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce27ebd05b947b471d63d1933310858cdce45a2afdf14b8b22313083c6f824f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 124450
cf-polished: origSize=2844
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Feb 2022 20:00:59 GMT
server: cloudflare
etag: W/"b1c-5d7ffe01526cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6ecc44c5bd078fe9-FRA
cf-bgj: minify

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/675539818/1/ Frame 3302 3 KB
3 KB 27ms
27ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/675539818/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb922c66dab1e343b0eea329199bc8bc6731dbf7de4b62be12e7653220d9494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 792987
cf-polished: degrade=85, origSize=3084, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 00:56:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Mar 2022 08:55:13 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ecc44c5bd0a8fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/641508252/1/ Frame 3302 3 KB
3 KB 53ms
52ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/641508252/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d69981fdb38b4949c676a157e3d62f8aaa94a98d3b8d64cca0baeedc2f4887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: degrade=85, origSize=2783, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2760
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Feb 2022 05:49:17 GMT
server: cloudflare
etag: "adf-5d90d9bed8ed9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd238fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/674281269/1/ Frame 3302 2 KB
3 KB 25ms
25ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/674281269/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c28b751f2f702d8114237a9c9b4c3ea48b6393ee674fac69f953d1153d077eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 309609
cf-polished: status=not_needed
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2558
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Feb 2022 05:20:23 GMT
server: cloudflare
etag: "9fe-5d90d348fa958"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd248fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/676880084/1/ Frame 3302 3 KB
3 KB 27ms
26ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/676880084/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcb922c66dab1e343b0eea329199bc8bc6731dbf7de4b62be12e7653220d9494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17140
cf-polished: degrade=85, origSize=3084, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 23:54:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 23 Mar 2022 08:55:13 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6ecc44c5bd258fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 100x70.jpg
www.dianomi.com/img/a/url/668929024/1/ Frame 3302 3 KB
3 KB 34ms
34ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/url/668929024/1/100x70.jpg

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2bff3efe8209de632bcfdfb59e337000418f8210496bd343699a134cb2eab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/recirculation.epl?id=154&unitId=dianomi-154-YjGl8WMeujVuwgBsRKLZzAAAAAI0&cf=1635.307.ExeTravel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 241123
cf-polished: qual=85, origFmt=jpeg, origSize=2722
content-disposition: inline; filename="100x70.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2630
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Dec 2021 04:58:15 GMT
server: cloudflare
etag: "aa2-5d3b4f8323069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 15 Apr 2022 18:55:13 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c5bd268fe9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 in.php Show response
in.getclicky.com/ 226 B
468 B 472ms
145ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=263879&type=pageview&href=%2Fnews%2Fqantas-business-rewards&title=Qantas%20woos%20business%20flyers%20with%20lower%20fares%2C%20more%20points%2C%20Gold%20status%20-%20Executive%20Traveller&res=1600x1200&lang=en&jsuid=538339081&mime=js&x=0.3771589931724655
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: c187b391b5ed7828f12e34ce7d359429617a3c2ac572f850ec0973a4dda7c964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 p.css
p.typekit.net/ Frame CD43 5 B
181 B 60ms
9ms Stylesheet
text/css 2a02:26f0:6c00::210:ba1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ams7vkd&ht=tk&f=139.140.175.176.22792.22793.26072.26086&a=82987483&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ams7vkd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 StarlingBETA-Roman.woff2
www.dianomi.com/partner/executivetraveller/fonts/ Frame 3302 14 KB
15 KB 27ms
26ms Font
text/plain 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/executivetraveller/fonts/StarlingBETA-Roman.woff2

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3330/29.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011e17607bbd01ef915e077d19217879e45691817cf66c59a426416a9afaff65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/img/a/pss/3330/29.css
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94688
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 14812
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 17:09:54 GMT
server: cloudflare
etag: "39dc-5b3d7dd32fc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://www.dianomi.com
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c60d898fe9-FRA
expires: Fri, 15 Apr 2022 18:55:13 GMT

GET
H2 200 l
use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/ Frame CD43 26 KB
27 KB 17ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e3a744/00000000000000003b9acb3f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ams7vkd.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 229fb2416558501a53539fcb4380d6efd751b0b8a3fe36aa2e5f550eb454bec3

Request headers

Referer: https://use.typekit.net/ams7vkd.css
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
server: nginx
etag: "85cab88f0242c61b2adc4254ad911625e4e89ceb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27124

GET
H2 200 StarlingBETA-Roman.woff2
www.dianomi.com/partner/executivetraveller/fonts/ Frame CD43 14 KB
15 KB 23ms
23ms Font
text/plain 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/executivetraveller/fonts/StarlingBETA-Roman.woff2

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3330/29.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

011e17607bbd01ef915e077d19217879e45691817cf66c59a426416a9afaff65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dianomi.com/img/a/pss/3330/29.css
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 94688
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 14812
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Nov 2020 17:09:54 GMT
server: cloudflare
etag: "39dc-5b3d7dd32fc80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://www.dianomi.com
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ecc44c65dd98fe9-FRA
expires: Fri, 15 Apr 2022 18:55:13 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/ 10 KB
4 KB 173ms
10ms XHR
application/javascript 2600:9000:236e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/choice.js
Requested by: Host: cdn.publift.com
URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65a0fec86b8700fa2d1d08cead0088a2ba80bd530188189c5f68eb54c699ffcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
cross-origin-resource-policy: cross-origin
access-control-allow-origin: https://www.executivetraveller.com
last-modified: Thu, 27 May 2021 01:33:15 GMT
server: AmazonS3
etag: W/"7b9f1fb9d2dce18137347bed3c85706d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control: max-age=900
access-control-allow-credentials: true
x-amz-cf-id: xFlvXMap-sl4bPX2sHcNL9gvXWSWx0GD-q-LNcWUXSWR1ugFRvKxfg==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://publift-com.videoplayerhub.com/galleryplayer.js
https://btloader.com/tag?h=publift-com&upapi=true

30 KB
9 KB

68ms
22ms

Script
application/javascript

2606:4700:20::ac43:4686
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=publift-com&upapi=true
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Server: 2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d756118fdf9de0385b9f286c48275f183d32e1758b0bbeac22ba58711cea47a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 6ecc44c839569b6a-FRA
date: Wed, 16 Mar 2022 08:55:13 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 08:03:13 GMT
server: cloudflare
age: 3115
etag: W/"7c79bcc895d8e993f5b76fe67a25ef58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y%2BiF96WI1pUELJ6T3eqy9ov8xKToMTHdUqwngXMQXKjfcQsy0DU7dPcRdjW%2B8SqFSEj41WU%2BXfHCrGVQAZaQiRdY6bYW3FbX7K3jBbzjSlIdVwxIIOIR8g8jyp%2FZ5GrlZl51pmLiCeCfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

Redirect headers

date: Wed, 16 Mar 2022 08:55:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oz7jd9Ci0HhsO4bu%2F%2B5sQeyEByHgOMQaewl26Zokli2OvvxMDVDqBTq%2B89zdwgRMTvHdneEqT5QNShAhKvAkxx8zutTqEH1qav25nHgFi16WcF%2FEO1Rj1izb8o8Op3E2HMkE8HMzsS%2FNF3lW66X72Uvua5B%2FisL3180roQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=publift-com&upapi=true
cache-control: max-age=3600
cf-ray: 6ecc44c7cba1913d-FRA
expires: Wed, 16 Mar 2022 09:55:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 489ms
349ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.publift.com
URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

44be8742cbdfb761cda9c5e31ad47975e61161b62ac7f74c7b180cc76bedf156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27822
x-xss-protection: 0
server: sffe
etag: "1159 / 847 of 1000 / last-modified: 1647382627"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Mar 2022 08:55:14 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/ 10 KB
4 KB 24ms
9ms Script
application/javascript 2600:9000:236e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/choice.js
Requested by: Host: cdn.publift.com
URL: https://cdn.publift.com/fuse/tag/2/1265/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65a0fec86b8700fa2d1d08cead0088a2ba80bd530188189c5f68eb54c699ffcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
last-modified: Thu, 27 May 2021 01:33:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"7b9f1fb9d2dce18137347bed3c85706d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: bS5OIpmMq5HqCPfe3HojsoD_sQ_Od_eON38L0W560XXXjJ8noQJOUg==

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 266 KB
67 KB 12ms
11ms Script
text/javascript 2600:9000:236e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/www.executivetraveller.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:13 GMT
content-encoding: br
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:37 GMT
server: AmazonS3
etag: W/"1d55b13d85c9837da884d1e8594cc025"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: OTst-Tdtt81rlXiCvjDev0lbb5m7bOnP0fqlEgIMwhKWqCmDRMIf3Q==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
36 KB 8ms
8ms XHR
application/json 2600:9000:236e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8399b3debed8835d14dfebc86d3f6a2a6f8c699096fad29b5672f4df20772f45

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 03:00:28 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 21286
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 03:00:26 GMT
server: AmazonS3
etag: W/"13cb9173cb6a40eab7ed0c4afab5cc50"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: _lAuwFUgHEOPqv2fO6Vaft0cyH4wYnClcj9_5ZiEYEB7kSLOjJbAEg==

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 39ms
7ms XHR
application/json 2600:9000:225e:6a00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:6a00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35fee54d1936ef02f161aeb36334a12a8dafdf581b4f59567f273d6f53092ea4

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 03:00:35 GMT
content-encoding: br
age: 21280
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Sat, 05 Mar 2022 19:52:29 GMT
server: AmazonS3
etag: W/"981d25ed3ef5d4bfb8a6bca9de845edc"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: qGKaHdiTG3Kzr7xdxm5CP1wdaqv_htUi
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P4
content-type: application/json
x-amz-cf-id: QKDcNXEOvajwy2nWaYFxQj7MWalPZ6uUTfLvoAqYLQJv5CT_Ep6tmw==

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 44ms
44ms Image
image/x-icon 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 01:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25406
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Mar 2022 01:51:47 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
930 B 69ms
21ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.4274548488215173
Requested by: Host: www.executivetraveller.com
URL: https://www.executivetraveller.com/news/qantas-business-rewards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Wed, 16 Mar 2022 08:55:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468795
x-guploader-uploadid: ADPycds5ly-F9Uw8pRQ6dBkLcihk5YldMFc8UNP2o7iczo8gvy92gQZuwnMtar1CaYFA_ZhoE0zgdoFlEttyqguUt8U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDcKPHialG08ceAojMItUWkk4wF2JATI36Ogo0MG2bpoYL5m5k6%2B7UeWKYv8i01ZqyirFzfsjV%2BtFYFjHsKWV5YOf1j%2BgymCTMBeCAK1O5pUGSkjhw8gHg2GBSUsdKoavxxYSqBYqPGZqr1csg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6ecc44c8b9339978-FRA
expires: Thu, 10 Mar 2022 23:31:12 GMT

GET
H2 200 videofeed-flowplayer.js Show response
www.dianomi.com/js/contextfeed/ Frame 1512 18 KB
6 KB 28ms
28ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20220302105108120

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd314bfe919b05e80a62cfbccaf2395db1e30088a9a176da6d390e99fff14299

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 43
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 10:51:12 GMT
server: cloudflare
etag: W/"47aa-5d93a0f5538e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 16 Mar 2022 08:57:14 GMT
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 6ecc44c878828fe9-FRA
cf-bgj: minify

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 308 KB
36 KB 9ms
7ms XHR
application/json 2600:9000:236e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ea7d75459f4dca61d1cc773cf83b13cf52c45a3703eff17ea2bfd00992d87ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 03:00:34 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 21281
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 16 Mar 2022 03:00:32 GMT
server: AmazonS3
etag: W/"84be78e189e6af8fecbfb24278dce594"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: PyKsd6646bVSzuDfCyeiYGnRlPTHIIyF7zfFxYHgbq2RJpRQmsnUJw==

GET
H2 200 smartads_video_json.pl Show response
www.dianomi.com/cgi-bin/ Frame 1512 2 B
236 B 53ms
53ms XHR
application/json 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/smartads_video_json.pl?id=6643&cf=1635.325.ExeTravel&url=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed/videofeed-flowplayer.js?v=20220302105108120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.executivetraveller.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6ecc44c8b8db8fe9-FRA
expires: Tue, 15 Mar 2022 08:55:14 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 469 KB
124 KB 7ms
7ms Script
text/javascript 2600:9000:236e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=www.executivetraveller.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 19:23:51 GMT
content-encoding: br
age: 135083
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
server: AmazonS3
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: qXDZhibLcY8Cx0rHWGzr7NeATfZJxkKfYzbUksE7Db7leEnPlScFVA==

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 162ms
120ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=PiU341fOK&w=5712353254440960&o=5708166709903360&cv=2.0.2-8-g186cc00&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.executivetraveller.com%2Fnews%2Fqantas-business-rewards&upapi=true
Requested by: Host: publift-com.videoplayerhub.com
URL: https://publift-com.videoplayerhub.com/galleryplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 08:55:14 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 33ms
8ms XHR
text/plain 3.121.92.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22PRrmquD1Ggcb1%22%2C%22domain%22%3A%22www.executivetraveller.com%22%2C%22publisher%22%3A%22Executive%20Traveller%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22dkiJgbRltVehu3eafVxaOw%22%2C%22clientTimestamp%22%3A1647420914113%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-679zty49cs1qqergtv5d%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.92.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-92-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.executivetraveller.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 08:55:14 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 pubads_impl_2022031501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 85ms
38ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031501.js?cb=31065673

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 18:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126660
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 08:35:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 18:01:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 113 B
119 B 100ms
53ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.executivetraveller.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b7be8f8fdd9b32ad94798d64e09ab8dff70e7d46987c7b76f5c2678a656d52d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0
expires: Wed, 16 Mar 2022 08:55:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 102ms
55ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220314&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

435ff8c10cf0872b0e0799abd8397e70f08b03302f41afe90f66b4ee0aaed264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10521
x-xss-protection: 0

POST
H3 200 rum Show response
www.executivetraveller.com/cdn-cgi/ 0
174 B 23ms
23ms XHR
text/plain 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.executivetraveller.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.executivetraveller.com/news/qantas-business-rewards
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.executivetraveller.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ecc44cba99a9be2-FRA
vary: Origin

GET
H3 200 logo-large.svg
www.executivetraveller.com/assets/img/ 11 KB
4 KB 29ms
29ms Image
image/svg+xml 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.executivetraveller.com/assets/img/logo-large.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c76dbfdb22da0dd5a84f2c259f3f54b4adb48f3afbd4472ef0783208d232574

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Feb 2020 07:12:44 GMT
server: cloudflare
age: 761387
etag: W/"5e576bec-2c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6ecc44cba99d9be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 06 Apr 2022 13:25:27 GMT

GET
H3 200 logo-large.svg
www.executivetraveller.com/assets/img/ 11 KB
4 KB 29ms
29ms Image
image/svg+xml 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.executivetraveller.com/assets/img/logo-large.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c76dbfdb22da0dd5a84f2c259f3f54b4adb48f3afbd4472ef0783208d232574

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Feb 2020 07:12:44 GMT
server: cloudflare
age: 761387
etag: W/"5e576bec-2c4a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 6ecc44cbe9f19be2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 06 Apr 2022 13:25:27 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 163ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 08:55:14 GMT

GET
H3 200 622bd90853d84458a99e89e5dd799465-1200x1200-va-small-copy.png
www.executivetraveller.com/photos/view/size:240,240/ 13 KB
14 KB 30ms
30ms Image
image/webp 2606:4700:10::6816:1d7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.executivetraveller.com/photos/view/size:240,240/622bd90853d84458a99e89e5dd799465-1200x1200-va-small-copy.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1d7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab8bcd3bacfb75496da19519cd486e58a92beb6aa6bf30992ff049083c3fdbc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/news/qantas-business-rewards
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:14 GMT
cf-cache-status: HIT
age: 4038
cf-polished: origFmt=png, origSize=21317
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-disposition: inline; filename="622bd90853d84458a99e89e5dd799465-1200x1200-va-small-copy.webp"
cf-bgj: imgq:100,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: public
last-modified: Wed, 16 Mar 2022 07:47:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 16 Mar 23 13:36:41
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 6ecc44cc9b499be2-FRA
access-control-allow-headers: X-Requested-With, Content-Type, X-Token-Auth, Authorization, uid
access-control-request-headers: Authorization

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B9C 13 KB
5 KB 82ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 08:20:50 GMT
expires: Thu, 16 Mar 2023 08:20:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD76 783 B
1 KB 135ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d5e20c878598463732180371c7f7ab8534f32de25fc6c906e3441c616b6ebba4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7/dNYE61oxRDJDkwS/mwmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Mar 2022 08:55:14 GMT
date: Wed, 16 Mar 2022 08:55:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7/dNYE61oxRDJDkwS/mwmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B9C 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 21:18:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD76 0
0 92ms
92ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220314&jk=396413444070129&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6B9C 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l4MVbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 08:55:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220314&jk=396413444070129&bg=!REelRwPNAAZgliNcYJY7ACkAdvg8WjYI8r05wpJrd7U7J3cPx9Ehc3kMSf8sF0qulD_aZtFuSaygnAIAAABmUgAAAAJoAQeZAvdqdYeW4XNtG5KUgh1s6Ux-bAzR1LJIPb2bz83l5vf0Bvu8zcJMBMXcF53Minl4VRnglp3xsRAe9kRzPgJWUy2IDZJhx6RY5cSLk2c1eiZJ30egJcujHMnVGDTgch_viT6AOHtD8aFk3WDShocPnUCT_LL3Ounqc5mHkpinbv7XrERu5hfV97bGUvBYNM3QFNzwfYEeM0-dP5_4XCJ3PfrcRuFuJA9Np_78BYTJLGCkdnvpVcOj5x-OLu2lnvrMvERj7ulf2aZE_5NsCHXe6ZfMiClL1xmwlCOZeSg59HLt-w6vtCc_eMCG6cE5boPZ71AEfTillUYCJYeRk7RSPPSE_KiOCRbCEqfy9QrtiYbU4qncM4cLbncE0Ttvc-F2XerVdnXQH_ZxRfb5ewiBWPSdYyEw_Q2pzVXvqXC18v_GI4i0Y-seZOlUEGqwE6xIVPEAjCCkd6tyi0b2zWS98sFoyBieXUVFH92Yscw8pmVfajJlBqAPD-Br8C-pAmyq1K1HirwZAe37aCpxgtYbAuFp1CvE_Q84DVqWK_AUbqq4QRqNA49rJhIfrlef8zg_l72AxZbfo7X7079Ww3r36p8oBbnJvHqeIKgrF6c0BkowRbl-XRiFfgRFkZxAdFf9KP79VTXSm2z04DXTOJSiinHIx4qwnSQU70FnZ_37MGIVoaY5xFsFSrTPwDI3Ss461ht7fG33FGPUf26CLKR97lUqBsh4IpX0cTFJmFHDeXMZ1ksbVr-07NUMtXes6BABHPTSxbkXOFvHFfMbGLKsqtU28ni5RHxPvI09JO9BkjVfqBPCq1D3Q5lvAstTsz6gw2pl9aoLaYpSi9as0pCajNkO5nW6kB8w7cZfWHbzE3WqXhEBieNhHlbCQK6wIFnHa2p3UFLgO25St_7emr9ykTdCvAdSkIrj3W0eMm_yIUzIdm3upHdgf97ZPECxC3GHHpcwWG57g9MCvPQiZZHDoQpTQggKr_omIDgN7HwXSgO3liOsMnimJuI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.executivetraveller.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 08:55:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 05:56:12	Name: _bit Value: m2g8Ta-08262c730a3b905661-00o
.executivetraveller.com/	1969-12-31 23:59:59	Name: executivetraveller Value: 8qutvfj4jmj8i3sdglvr920bn1
www.executivetraveller.com/	1970-01-20 01:37:04	Name: CakeCookie[newsHasRead] Value: 13322
.executivetraveller.com/	1970-01-20 19:08:12	Name: _ga Value: GA1.2.1266456459.1647420913
.executivetraveller.com/	1970-01-20 01:38:27	Name: _gid Value: GA1.2.1983830775.1647420913
.executivetraveller.com/	1970-01-20 01:37:00	Name: _gat_gtag_UA_18413986_1 Value: 1
.executivetraveller.com/	1970-01-20 01:37:02	Name: __cf_bm Value: 1yz1TLffv2Y4LdZ_4i00f6knLWAyXR9eDrOY4tMEP0E-1647420913-0-ATTqI1EeaJBTtQ/VZZBnsYcpaRHCIoDGAUnv1/JW4nyS26o5vHu4im61AAA020ueYiKhAHYeNRXlhTTbExbJ1Q5ZVb2ysEhR1voKqlx/PtIqYXMvPBUYBVDgelfmKmTa/Q==
.executivetraveller.com/	1970-01-20 01:37:01	Name: _first_pageview Value: 1
.executivetraveller.com/	1970-01-20 10:22:36	Name: _jsuid Value: 538339081
.executivetraveller.com/	1970-01-20 10:58:36	Name: __gads Value: ID=e5ec09f3c59e7547-2225d9a55ecd0058:T=1647420913:RT=1647420913:S=ALNI_MalmEO9vXLO3AzP34_YrNMmCVp1dw
cdn.publift.com/	1970-01-20 02:20:12	Name: akacd_exectrav Value: 1650012913~rv=58~id=d8c6e4814523fa74ac66a694a7bb134f
.doubleclick.net/	1970-01-20 10:58:36	Name: IDE Value: AHWqTUkQRhIw4PX7SqKsDsYjaQAhlGTdjM_t6wgkUkSBmGyVsiXFQu2pH8HLfINXSEs
in.getclicky.com/	1970-01-20 10:22:36	Name: cluid Value: 538339081
.executivetraveller.com/	1970-01-20 01:37:04	Name: heatmaps_g2g_263879 Value: no

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.btloader.com
audit-tcfv2.quantcast.mgr.consensu.org
bit.ly
btloader.com
cdn.jsdelivr.net
cdn.publift.com
cdnjs.cloudflare.com
googleads.g.doubleclick.net
in.getclicky.com
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
publift-com.videoplayerhub.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.getclicky.com
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
use.typekit.net
www.dianomi.com
www.executivetraveller.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
104.18.22.230
130.211.23.194
142.250.181.226
142.250.185.230
198.145.13.12
2600:9000:225e:6a00:3:a4cd:8380:93a1
2600:9000:236e:3400:9:46dc:4700:93a1
2606:4700:10::6816:1d7f
2606:4700:20::681a:346
2606:4700:20::681a:832
2606:4700:20::ac43:4686
2606:4700::6810:135e
2606:4700::6810:5714
2606:4700::6810:5e41
2606:4700::6810:dd1d
2a00:1450:4001:801::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a02:26f0:1700:16::b856:fbdb
2a02:26f0:6c00::210:ba0b
2a02:26f0:6c00::210:ba1b
3.121.92.52
67.199.248.10
00d69981fdb38b4949c676a157e3d62f8aaa94a98d3b8d64cca0baeedc2f4887
011e17607bbd01ef915e077d19217879e45691817cf66c59a426416a9afaff65
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d756118fdf9de0385b9f286c48275f183d32e1758b0bbeac22ba58711cea47a
188ed44084380393607726e034fbfb29b7870356a264b1e44a2cd533bf86cd21
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
229fb2416558501a53539fcb4380d6efd751b0b8a3fe36aa2e5f550eb454bec3
23655264734c6d51bf527c6ada248e865dfa801da5e05f83e1028b2bb514ce05
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2856c5ad84dadaadf7c4b028799efcba3298a1b17dd0b6535bf2235e355f6614
2b716247f795a958d4f07206d155825f1811607e334ce0879ad77f6c9c2674e3
30081cca00d16a1b3e17f364e55cf7f3bc210789122bd357943377c39f0b2ead
32fee0cfe0b84ea1a14cac7305b9980ad4ceaae640d3b9d0de12c4c2feca327b
35fee54d1936ef02f161aeb36334a12a8dafdf581b4f59567f273d6f53092ea4
38f97db2f63208bf8da4d69a92230abc31b685af22e15df30a528cbb1b49c019
435ff8c10cf0872b0e0799abd8397e70f08b03302f41afe90f66b4ee0aaed264
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44be8742cbdfb761cda9c5e31ad47975e61161b62ac7f74c7b180cc76bedf156
464b561ee00c86db1cddb80f2c9d6febbc2c1aa95f422fa73a4fb8ef7d5d5028
4b6c2cabe35ab603f2cff6d7b73775bca1d81016b1f1e06fe4da4bbf3c5766eb
4c76dbfdb22da0dd5a84f2c259f3f54b4adb48f3afbd4472ef0783208d232574
5425b6bff53fae1f932b2e248c7cd1ec847685fec4c3f577696d2c962282607d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5ce27ebd05b947b471d63d1933310858cdce45a2afdf14b8b22313083c6f824f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a0fec86b8700fa2d1d08cead0088a2ba80bd530188189c5f68eb54c699ffcd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c28b751f2f702d8114237a9c9b4c3ea48b6393ee674fac69f953d1153d077eb
6c3d83182d981db2e72f00211d9e93ae55db41b31aa8239b589a725521f6b3fa
6c7a0ccbbb3d3891a863de0fcdf9f037138632b4c01559a143c45f5976cb8764
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d
6ea7d75459f4dca61d1cc773cf83b13cf52c45a3703eff17ea2bfd00992d87ea
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
70737d5c8483012208ed1300dca75dfdcef397ca9d81693d931eba28136314e6
71e979e83c2f2e769a509c9a3233ecf2e89980e636c12ffed85ccb61dbf5d2fd
7922361b4e6c656caed4d1e165985d6bf3932b27aedf9fcd87764655eb86e4b5
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
82389c04ea757c0d2d27be05ed1f2b36f1c10f938500c8b4de2a8b3b00ff5b22
8399b3debed8835d14dfebc86d3f6a2a6f8c699096fad29b5672f4df20772f45
866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac64adffc890f1cf80c5affa3486588909e0060562944ab00af7aa4e385db881
b7be8f8fdd9b32ad94798d64e09ab8dff70e7d46987c7b76f5c2678a656d52d4
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
bd314bfe919b05e80a62cfbccaf2395db1e30088a9a176da6d390e99fff14299
c187b391b5ed7828f12e34ce7d359429617a3c2ac572f850ec0973a4dda7c964
c680800149ef3c7cbce71c5efa42aa9b5742066cb11cd8b861783eb4fd3d22f7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2bff3efe8209de632bcfdfb59e337000418f8210496bd343699a134cb2eab7e
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d5e20c878598463732180371c7f7ab8534f32de25fc6c906e3441c616b6ebba4
d6927aceb69f3a3f12f71147f7c2a5387c5e8614c2f255b004a146a76711016a
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe3dacba2eb040be73368d2d6789e97b21fe7d5cc2ccfc34318395740bee485
dcb922c66dab1e343b0eea329199bc8bc6731dbf7de4b62be12e7653220d9494
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e209e28e17afc280e150cc66894e0509356cd944337bf10c5770aacc4277631c
e26691fcb1614b1663db3c6e79b8a8818c7c7504b35b546fd46c3338f2c8a30b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e585f5c469089d1bc338c701658cc6877851b8e16ba153a4371aafa20723dca7
e95cc0224feef8201ea043e124d267f239565117e9c2dc39da1fc54a2361147a
ea553a03e100e9b01b4b4a2e0cf9626324834a82df1541da7c4869c1013756ba
ece1d0ae863c88847173e85a66dc30264a73816f6e85aa06f29473225605f359
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36cd2d6cf214def826499692f0d573c3ae6b9ea87901ed31f8434efd4674775
fab8bcd3bacfb75496da19519cd486e58a92beb6aa6bf30992ff049083c3fdbc
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe9ae498bffafafe4a651b989d147bd1e5afadbf47ed631d9b610edb4ce426c0

www.executivetraveller.com Open in urlscan Pro 2606:4700:10::6816:1d7f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

98 %HTTPS

75 %IPv6

20 Domains

30 Subdomains

26 IPs

4 Countries

1526 kBTransfer

4835 kBSize

14 Cookies

6 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.executivetraveller.com Open in urlscan Pro
2606:4700:10::6816:1d7f Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

98 %
HTTPS

75 %
IPv6

20
Domains

30
Subdomains

26
IPs

4
Countries

1526 kB
Transfer

4835 kB
Size

14
Cookies

88 HTTP transactions
0 data transactions