urlscan.io logo urlscan.io
SecurityTrails logo

www.tandemtravel.co.nz Open in urlscan Pro
2600:9000:229f:1800:e:d5fb:8340:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tandemtravel.co.nz/
Effective URL: https://www.tandemtravel.co.nz/
Submission: On May 23 via manual from SG — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 53 HTTP transactions. The main IP is 2600:9000:229f:1800:e:d5fb:8340:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.tandemtravel.co.nz.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 23rd 2023. Valid for: a year.
This is the only time www.tandemtravel.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2406:da1c:dd7:fb03:913b:72d0:e4b2:c37c (Sydney, Australia)

ASN16509 (AMAZON-02, US)
tandemtravel.co.nz
1    2406:da1c:dd7:fb02:4036:4f90:4bec:8c11 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
tandemtravel.co.nz
4    2600:9000:229f:1800:e:d5fb:8340:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.tandemtravel.co.nz
34    2600:9000:229f:8600:e:d5fb:8340:93a1 (United States)

ASN16509 (AMAZON-02, US)
p-airnz.com
2    2404:6800:4003:c04::61 (Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4003:c06::9a (Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.224.249.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-19.sin52.r.cloudfront.net
static.hotjar.com
5    2404:6800:4003:c01::71 (Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2404:6800:4003:c06::67 (Singapore)

ASN15169 (GOOGLE, US)
www.google.com
2    2404:6800:4003:c06::5e (Singapore)

ASN15169 (GOOGLE, US)
www.google.co.nz
1    2404:6800:4003:c03::9c (Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.224.249.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-94.sin52.r.cloudfront.net
script.hotjar.com
Apex Domain
Subdomains		 Transfer
34 p-airnz.com
p-airnz.com — Cisco Umbrella Rank: 519396
1 MB
6 tandemtravel.co.nz
tandemtravel.co.nz
www.tandemtravel.co.nz
18 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
2 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 35328
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 633
script.hotjar.com — Cisco Umbrella Rank: 793
73 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
203 KB
53 8
Domain Requested by
34 p-airnz.com www.tandemtravel.co.nz
5 www.google-analytics.com www.googletagmanager.com
www.tandemtravel.co.nz
4 www.tandemtravel.co.nz www.tandemtravel.co.nz
p-airnz.com
2 www.google.co.nz www.tandemtravel.co.nz
2 www.google.com www.tandemtravel.co.nz
2 www.googletagmanager.com www.tandemtravel.co.nz
www.googletagmanager.com
2 tandemtravel.co.nz 2 redirects
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
53 11
Subject Issuer Validity Valid
www.airnewzealand.co.nz
Amazon RSA 2048 M02		 2023-04-23 -
2024-05-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.tandemtravel.co.nz/
Frame ID: 651B05BDCE28E80D6536A6A28E9F0C7F
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Corporate Travel Management Company: Air New Zealand Tandem Travel

Page URL History Show full URLs

  1. http://tandemtravel.co.nz/ HTTP 301
    https://tandemtravel.co.nz/ HTTP 301
    https://www.tandemtravel.co.nz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

1525 kB
Transfer

3522 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tandemtravel.co.nz/ HTTP 301
    https://tandemtravel.co.nz/ HTTP 301
    https://www.tandemtravel.co.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tandemtravel.co.nz/
Redirect Chain
  • http://tandemtravel.co.nz/
  • https://tandemtravel.co.nz/
  • https://www.tandemtravel.co.nz/
39 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:1800:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8e95075c1f089af7a5f79f1b4778fe33717b14c2fb3aed16b67b69359ada7fb5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=300
content-encoding
br
content-security-policy
block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
content-type
text/html; charset=UTF-8
date
Tue, 23 May 2023 00:28:34 GMT
last-modified
Wed, 10 May 2023 22:03:38 GMT
permissions-policy
geolocation=(self "https://p-airnz.com"), camera=(), fullscreen=(self "https://www.youtube.com"), accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), clipboard-read=(), clipboard-write=()
referrer-policy
strict-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding
via
1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
x-amz-cf-id
22YN05VWaZI5q3eKGA4ITnOLOclBqH33bjuuNZ00VSOopTdH5_a1kQ==
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 23 May 2023 00:28:46 GMT
Location
https://www.tandemtravel.co.nz/
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains;
jquery.min.js
p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/jquery.min.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2419e05313c7b09698e2d27425d214900c5fcf883fe834f5b9c51b9b9b66aba9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:48:22 GMT
server
nginx
etag
W/"64597c36-15ef8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
T_3fL-IF20NnpBBe-w1MZR-cJ26stL-Vdw86Y4A2LwV6G873vHVb_g==
expires
Mon, 06 Nov 2023 21:42:47 GMT
polyfills.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/polyfills.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ae6411bd3567745a87cb385c58621bf2a55c69925320744cfc1e77763724640
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:56 GMT
server
nginx
etag
W/"64597b2c-a1f6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
3A1OHlxxlro-zDAay0U7LR1HXNJXTJJm0MP-HTt1cEPZJRePJWFMtA==
expires
Mon, 06 Nov 2023 21:42:47 GMT
vendor.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		804 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/vendor.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
012529edd4945bd53972f89b3171199207a402fb5570c8b58d6e5327f2adb70e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-c8edf"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
zxC6aBHUnCHOHiEC0CY0PCW9dEe39Hdn7IY6ZBwWiL4yO6PvzBxNNA==
expires
Mon, 06 Nov 2023 21:42:47 GMT
common.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/common.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e07ed64880215bc870733b66600f82346824b605aae4ac2bd5871df56e62599e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-2a21"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
ueYhkD4h759y4xpk4YPeUsxovFcg27QM5o1MEk8Dd2nmIQeXWt48Qw==
expires
Mon, 06 Nov 2023 21:42:47 GMT
header.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/header.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e7551c164252d91a63493e0d8c41472716f303c33833de1e93176fbb1ee1f52f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-11e99"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
kft_RDt8uieJl-NnOXsRVPz786mHMB5N1Lma4HxSqhuyF4h-9pMc6g==
expires
Mon, 06 Nov 2023 21:42:47 GMT
lang-en_NZ.min.js
p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/ 		89 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/lang-en_NZ.min.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e9bfdf864996fc4caaf2377503890c5afce93a3cce7a04bc28494aa87ac9ce17
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:43:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046704
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:37:23 GMT
server
nginx
etag
W/"645979a3-16360"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
48ym37JX54Sb9XVfbvUGlW-siYZn3wE1WSvVMpQyks5b2SKOboTJMw==
expires
Mon, 06 Nov 2023 21:43:31 GMT
main.min.js
p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/main.min.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6f0129d5ce6c07c02e16e4e4340b89e979f728317e29a7677a554bbfb0849f70
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:37:23 GMT
server
nginx
etag
W/"645979a3-fbee"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
8hPupYDd_V3U6pPrGldprGqmzMla5QRnWC2g2nEeg_SNBnzQLpATMw==
expires
Mon, 06 Nov 2023 21:42:47 GMT
homepageHero.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		145 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/homepageHero.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d7e16f7c02eb20581298d0960ce2ad9585e4bf05b0112251ae17d4116d677306
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:43:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046716
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-242a9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
N7dMs2AWI_wxVTzNpYCFnbBtMGvciIb5EnblfdduinUjufpiSONCbw==
expires
Mon, 06 Nov 2023 21:43:19 GMT
tileContainer.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/tileContainer.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
abd00a6786527cfa78a4781a8d34baeb8828e1c3a34025997a729677d944be18
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-5267"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
8ki_gHnDZZs4CFdF9xP6r7xFAHEel_UuQlGcMpCuroCbDmJXcSz0zQ==
expires
Mon, 06 Nov 2023 21:42:47 GMT
footer.js
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/footer.js
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c5c7234d6591ed3874eb95e423861307d9cee365517afe2442dedc9fd7acb0dd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-46e3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
pBo-F5nJP6io-gl_KU7_0i4_kdLWRkjHIrVgFysyZVPz4onuzDcUug==
expires
Mon, 06 Nov 2023 21:42:47 GMT
common.css
p-airnz.com/cms/static/master-6725/themes/airnz003/css/ 		130 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/css/common.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d71b5b5d913c7873ae6c30bf55ff399b6fef17dc02a4c0cbd1e629cab180f272
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:48:44 GMT
server
nginx
etag
W/"64597c4c-20753"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
OXzWTeQhP4WZeZIGkXfXV1LaSjxtmLRlZBE0NHaVWhawY84T4BMGNQ==
expires
Mon, 06 Nov 2023 21:42:47 GMT
vendor.css
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		67 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/vendor.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
79e5dc05af7ecc1c0ad168e3ca3b99d65840850098157bb000a42467810126d5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-10d85"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
uDuRT7OMJYcPv4s-TtzTM9ySNcTIKu2k8pi70mXtqZCjAh6yYX8Miw==
expires
Mon, 06 Nov 2023 21:42:47 GMT
common.css
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/common.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f5ee40af08dfcb7abba5e8de323e076f9721e4a1488b59f7dd1b11ce387d55c5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-142d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
5kJ1785A0X2yOt48D3X9yt8Dyct3xuMI6j0K4yf5N0J5mowUOJg9Jg==
expires
Mon, 06 Nov 2023 21:42:47 GMT
header.css
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/header.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
93f620bcee155b2e708a80b62b51a2eab01dab23131f98cb630221e18ad2804e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-8675"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
IYkdcPy7d-wGyHcBFCpYqhpkG9BhQCsYUGywgdh9Cl7RUpoVysyR4Q==
expires
Mon, 06 Nov 2023 21:42:47 GMT
homepageHero.css
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		30 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/homepageHero.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
afb7a043da12b8eae57c803f15bd55283f5640f61f497604cc98209d9538b789
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:43:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046716
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-7763"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
wjWgTbtRJ_Hb6kz6i_Pj0z-r3UrDDeDEeV710__qDNIqStr8qMnXgg==
expires
Mon, 06 Nov 2023 21:43:19 GMT
tileContainer.css
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/tileContainer.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
49bcd9fbfd32d3a7a34d7414e755a0de64253af066d30e50a22574318780511e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-4500"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
Kke7UXlZxBJ_jt9kRJ6Ns98_Tfpyzq9JSjoIxtdIAGb2QrrWw7Woeg==
expires
Mon, 06 Nov 2023 21:42:47 GMT
footer.css
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/footer.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b985e744045a47aa52ee966b6ff8231020388bc249d07d394ca0352d63597e09
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046748
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-1394"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
94eneKfMnbW7op7kcQYHpmkU7mOgD3vDFzDnH3RDlChe4WIEn5-Sag==
expires
Mon, 06 Nov 2023 21:42:47 GMT
AirNewZealandSansSub-Regular.woff2
p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/AirNewZealandSansSub-Regular.woff2
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8f05fec5b65632e0978b84397c3e186f49b304f4504ab97187fb85b8a60821bb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046746
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
24320
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:37:23 GMT
server
nginx
etag
"645979a3-5f00"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
x-amz-cf-id
nSmrSjq7sN3Fj4M_LAl7oxYqRSVoOXDzlnhZYVrRkiwCsxvclNmUBQ==
expires
Mon, 06 Nov 2023 21:42:49 GMT
AirNewzald-BlackItalic.woff2
p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/AirNewzald-BlackItalic.woff2
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
100ee8564203b5c47ce7383d50c38b59eb8f0839f067567f5129c680a56c1c07
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046746
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
66148
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:37:23 GMT
server
nginx
etag
"645979a3-10264"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
x-amz-cf-id
Ljz4Ojq6-bdtRpGiHcnxhl2KHmbV3NigTl9k1UW0hpk01Ks2SM2WOw==
expires
Mon, 06 Nov 2023 21:42:49 GMT
AirNewZealandSansSub-Semibold.woff2
p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/AirNewZealandSansSub-Semibold.woff2
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2300df0ce916fee80545e07206756ea3991875cb8573a9358f20c6f0e96e835f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046746
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
24664
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:37:23 GMT
server
nginx
etag
"645979a3-6058"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
x-amz-cf-id
s2gnsTu_Nd-bkVkMvsub99yZKSVz6v9RnFOKO9NU-IguSCqsr_vfRQ==
expires
Mon, 06 Nov 2023 21:42:49 GMT
vlookicon.ttf
p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/css/fonts/vlookicon.ttf?f5zwge
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ee2d579341b7b5b3a75f610c55ff4e5c594649569e3293bdd4c9296235f79253
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
1046746
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16208
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:37:23 GMT
server
nginx
etag
"645979a3-3f50"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
x-amz-cf-id
iZNga_JRGv-Qxu3iKa2Q95UmHojKVqS7mmW7KO9acauEq9SXvg9GNA==
expires
Mon, 06 Nov 2023 21:42:49 GMT
masthead-menu.json
www.tandemtravel.co.nz/feeds/ 		5 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tandemtravel.co.nz/feeds/masthead-menu.json
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:229f:1800:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e4ebb8fb89d061422e6b6cbebf22505bd5de179e718ab4248c20bb31baeb486
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options no-sniff

Request headers

Referer
https://www.tandemtravel.co.nz/
Origin
https://www.tandemtravel.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
no-sniff
content-security-policy
block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
content-encoding
br
x-amz-cf-pop
SIN2-P1
via
1.1 daab5b369e744b6004b3b934cdef659c.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin
last-modified
Wed, 10 May 2023 22:00:58 GMT
server
nginx
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
pdYDDQoxJ3iyWfNfpxenOJUfHMiZwKOz1o4xTy9AFpHi9J2SYkgAgg==
truncated
/ 		347 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0ba1939f41a7478e53bc82839ab49618495ffc71a552443398957cf7c184e18

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/avif
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/webp
print.css
p-airnz.com/cms/static/master-6725/themes/airnz003/css/ 		1 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/css/print.css
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6abc609d151f30db038bd01b71ac35be0e81930d76345b00a924a7d5f6e15bad
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
age
1046748
x-amz-cf-pop
SIN2-P1
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:48:52 GMT
server
nginx
etag
W/"64597c54-58f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
pcgJJWqnc8wGYSuB2RPmeFTHbMHIuEIp5dfD8a9HyGP69J0CU56SlQ==
expires
Mon, 06 Nov 2023 21:42:49 GMT
gtm.js
www.googletagmanager.com/ 		511 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNLCXK
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0031dcef8348ad61cce7d8f44973fe5bb1bf314c0658c1aecbc3ae3283cf5a28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
123677
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 May 2023 00:28:37 GMT
AIR3310-Tandem-Tech_IMG_7357_sRGB-resize__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/AIR3310-Tandem-Tech_IMG_7357_sRGB-resize__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d8e3b6e894e881da9216a6dd4f7155bf1c53543b81869550689572a25c390e88
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 07 May 2023 22:16:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
1303948
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14285
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:36 GMT
server
nginx
etag
"637e801c-37cd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
JiQVDQyPowHyFVlLs6aV5VLXNrB5Cy9LutXNrrt8helhEdAniwJajg==
expires
Tue, 06 Jun 2023 22:16:08 GMT
Air_NZ_Tandem_Day_2-8150_NZonly_2880x1708__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/Air_NZ_Tandem_Day_2-8150_NZonly_2880x1708__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
36f9c2baad555dfe007899979a9f0545f98365e647ff49ea10523fb86716ea35
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
102496
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9019
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:40 GMT
server
nginx
etag
"637e8020-233b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
NJD58C12xvlfbqWFaudZmA960p0T0JtUR9LqAKxye3J3kk1ZjsMRDg==
expires
Tue, 20 Jun 2023 20:00:21 GMT
Air_NZ_Tandem_Day_5-9378-resized__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/Air_NZ_Tandem_Day_5-9378-resized__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
51c23b8dff56943b1764dc6ec38919425fdd134043371145e30d04e47a66eadb
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
102496
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
10665
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:47 GMT
server
nginx
etag
"637e8027-29a9"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
7j__k7xWJBrfkx1wroHEv5KSOW-usiMX4-6LRdplzBtXuPCWar1PiQ==
expires
Tue, 20 Jun 2023 20:00:21 GMT
AIR2901-Tandem-Website-Images-1920x1080px_2__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/AIR2901-Tandem-Website-Images-1920x1080px_2__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMTg2LDE3Ml0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
21550aaee171fdba80e833b9c253f1e7b7270af915da2907a66df40275628358
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
102496
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13219
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:50 GMT
server
nginx
etag
"637e802a-33a3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
Pn9kzWvF0FEr-pdlkg9xeWp2fy7jFqsd8KigOriospbPq8W-VO2V1g==
expires
Tue, 20 Jun 2023 20:00:21 GMT
GettyImages-641287234__ScaleHeightWzk2MF0_ScaleWidthWzI4ODBd.webp
p-airnz.com/cms/assets/Tandem-Travel/ 		501 KB
502 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/GettyImages-641287234__ScaleHeightWzk2MF0_ScaleWidthWzI4ODBd.webp
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b29031a05eb5d7f9d64df14913c7c3835094a0e8f00f376e584aec1829b6a300
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 12:54:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
128075
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
513292
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 20 Jun 2022 05:25:19 GMT
server
nginx
etag
"62b004bf-7d50c"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
gyKKWwZgDs5Hee190COP_IV3SenJGRDQqfSwSk-ZdJ_8-7QiTEOHVQ==
expires
Tue, 20 Jun 2023 12:54:02 GMT
8128ac6a572fef7e62f4d8f2cdcd7a42.svg
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/8128ac6a572fef7e62f4d8f2cdcd7a42.svg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1cc2d28d2ec986a48bf75233acec795609f92b47735ef2e1fadc5a27bbff84b9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 21:42:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
age
1046746
x-amz-cf-pop
SIN2-P1
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
W/"64597b2b-fe8"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=15552000
x-amz-cf-id
MSi52hrZQy0Cb-74I6Y7v8g0saHxV8aRaKzbmjgK4uNhCNvQT9a4nQ==
expires
Mon, 06 Nov 2023 21:42:51 GMT
AIR3310-Tandem-Tech_IMG_7357_sRGB-resize__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/AIR3310-Tandem-Tech_IMG_7357_sRGB-resize__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a0ba92850d23a86ec25d0b01bf274bf19461dfbd78342228c57a3946fb037df
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22948
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:35 GMT
server
nginx
etag
"637e801b-59a4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
j59Betdl20KcK9F6DRiqv4GxOwWp0r_D3Ei1tYqyKjbBHe3FLsUu0A==
expires
Thu, 22 Jun 2023 00:28:37 GMT
Air_NZ_Tandem_Day_2-8150_NZonly_2880x1708__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/Air_NZ_Tandem_Day_2-8150_NZonly_2880x1708__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
933a0021b6019dba251522496f775567164f345aa99476d8ecc7b9e359814f4b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
102496
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13316
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:38 GMT
server
nginx
etag
"637e801e-3404"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
YgGSr0S45r2gL3gCvke9GPv-ok_t4-qItxiAT4BmOsthQxJbwOOB4A==
expires
Tue, 20 Jun 2023 20:00:21 GMT
Air_NZ_Tandem_Day_5-9378-resized__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/Air_NZ_Tandem_Day_5-9378-resized__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1892c14fe15e4c2827369e2d57089bcefe71e5ea9c34dfbf0afb0357eaf906b9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
102496
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16760
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:44 GMT
server
nginx
etag
"637e8024-4178"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
l2OhrzHdP3QXOWICWZGwV9eg04Iv-BxAp8nq6jiRBu-hxc3jdlIO4g==
expires
Tue, 20 Jun 2023 20:00:21 GMT
AIR2901-Tandem-Website-Images-1920x1080px_2__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
p-airnz.com/cms/assets/Tandem-Travel/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/AIR2901-Tandem-Website-Images-1920x1080px_2__FocusFillMaxWyIwLjAwIiwiMC4wMCIsMzAwLDIwMF0.jpg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf13f82ed4c4a24249f405e42a7f247dff11d477c4bf2cf5c596ee64d0a414ce
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:00:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
102496
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
21088
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Nov 2022 20:18:49 GMT
server
nginx
etag
"637e8029-5260"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
TDFYijgD87jb1bG2748BWDJgJUKwIMBNy9GhiY_Sj_FUprf1X_zmaQ==
expires
Tue, 20 Jun 2023 20:00:21 GMT
388c93a8bcc134b68cdbee139004669b.svg
p-airnz.com/cms/static/master-6725/themes/airnz003/react/ 		765 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/388c93a8bcc134b68cdbee139004669b.svg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1d9b97afb9c874a9594cd5dbbbb12c198b0bd26f58ede5b7ab68159202015be0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 11 May 2023 04:40:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
age
1021668
x-amz-cf-pop
SIN2-P1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
765
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 08 May 2023 22:43:55 GMT
server
nginx
etag
"64597b2b-2fd"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
x-amz-cf-id
gxQkNvUSgKLJCNMvTN8xiRg-EgVowMhe3Q0nIuLQ-5c3WaiGYSo1Pw==
expires
Tue, 07 Nov 2023 04:40:49 GMT
tandem-masthead-logo-white-v3.svg
p-airnz.com/cms/assets/Tandem-Travel/SVG-Logos/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p-airnz.com/cms/assets/Tandem-Travel/SVG-Logos/tandem-masthead-logo-white-v3.svg
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:8600:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
81245b9e3a7a555d2ea1d430bfee0f87304a2bc7ceb232f2c7292e31b89404de
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 01 May 2023 01:00:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
content-security-policy
block-all-mixed-content; default-src 'none'; img-src https:; style-src 'unsafe-inline'; object-src 'self'; report-uri /csp-report
content-encoding
br
age
1898858
x-amz-cf-pop
SIN2-P1
via
1.1 a51cfe97dd726e5d750745e42086ff3a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 17 Oct 2017 23:35:38 GMT
server
nginx
etag
W/"59e693ca-29f0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
PRLDr_Sx2JBx8UrPb14G13i61zvBgVqPakqEGjuJmpmw-e6wB3VTUg==
expires
Wed, 31 May 2023 01:00:59 GMT
home-eiwalert
www.tandemtravel.co.nz/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.tandemtravel.co.nz/home-eiwalert
Requested by
Host: p-airnz.com
URL: https://p-airnz.com/cms/static/master-6725/themes/airnz003/react/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:1800:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
referrer-policy
strict-origin
content-security-policy
block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
last-modified
Tue, 23 May 2023 00:27:37 GMT
server
nginx
x-amz-cf-pop
SIN2-P1
via
1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
cache-control
max-age=60
permissions-policy
geolocation=(self "https://p-airnz.com"), camera=(), fullscreen=(self "https://www.youtube.com"), accelerometer=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), clipboard-read=(), clipboard-write=()
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
cqUm3zu0YL5zZGKxD5HKpN_Jw9KQaR6tz-Pt_Gwtufv6fbLYuyECFQ==
geotarget-homepage.php
www.tandemtravel.co.nz/feeds/ 		2 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.tandemtravel.co.nz/feeds/geotarget-homepage.php?locale=en_NZ
Requested by
Host: p-airnz.com
URL: https://p-airnz.com/cms/static/master-6725/themes/airnz003/scripts/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:229f:1800:e:d5fb:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options no-sniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.tandemtravel.co.nz/
X-Requested-With
XMLHttpRequest
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
no-sniff
referrer-policy
strict-origin
via
1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront)
server
nginx
content-security-policy
block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
ZmB4SZEK-TWRDqKb3R-ozYdQ_wz2jpT7MjddsaCDZSs2v5zBi2MiKA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058052675/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058052675/?random=1684801718343&cv=11&fst=1684801718343&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&hn=www.googleadservices.com&frm=0&tiba=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&auid=1027350982.1684801718&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNLCXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efaeb6796f9019a4da480b669468c4cd2a82909f8cc12e22a40a176ebb3efa63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1212
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-3453257.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3453257.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNLCXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-19.sin52.r.cloudfront.net
Software
/
Resource Hash
2e64a8344deb15e4df01a4089c10e2019d666c82c36996eff88441336c140331
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:39 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 708b4a14c657950f2e7357eb30093182.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
etag
W/b1d705745d15195c16e5f62a23293161
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wi-jDeJoeIx5CoCggWPRDft1ywottNgwpbAQyX9chyToCEHBNZmtyw==
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNLCXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 May 2023 23:30:40 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3478
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 23 May 2023 01:30:40 GMT
destination
www.googletagmanager.com/gtag/ 		238 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-7W0V730RP5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNLCXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c04::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b8c7001acb14f1929a5b7a1def6e76caa10ef4150d577fe0960eb0d8718675c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 00:28:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 May 2023 00:28:38 GMT
collect
www.google-analytics.com/g/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7W0V730RP5&gtm=45je35h0&_p=2123993838&cid=322488628.1684801719&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dl=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&sid=1684801718&sct=1&seg=0&dt=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&en=trackEventNoEcommerce&_fv=1&_nsi=1&_ss=1&ep.eventAction=displayed&ep.eventLabel=%E2%9C%88%EF%B8%8F%20for%20our%20latest%20travel%20alerts%20and%20helpful%20faqs%20-&ep.eventCategory=homepage%20banner
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7W0V730RP5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tandemtravel.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1058052675/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1058052675/?random=1684801718343&cv=11&fst=1684800000000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&frm=0&tiba=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&fmt=3&is_vtc=1&random=1664253557&rmt_tld=0&ipr=y
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::67 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.nz/pagead/1p-user-list/1058052675/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/pagead/1p-user-list/1058052675/?random=1684801718343&cv=11&fst=1684800000000&bg=ffffff&guid=ON&async=1&gtm=45He35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&frm=0&tiba=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&fmt=3&is_vtc=1&random=1664253557&rmt_tld=1&ipr=y
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:39 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-648618-87&cid=322488628.1684801719&jid=1624048159&gjid=1639764769&_gid=359499731.1684801719&_u=YCDAgUABAAAAAEAEK~&z=1496007344
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tandemtravel.co.nz/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 May 2023 00:28:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tandemtravel.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=2123993838&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=homepage%20banner&ea=displayed&el=%E2%9C%88%EF%B8%8F%20for%20our%20latest%20travel%20alerts%20and%20helpful%20faqs%20-&_u=YCDAgUABAAAAAAAEK~&jid=1624048159&gjid=1639764769&cid=322488628.1684801719&tid=UA-648618-87&_gid=359499731.1684801719&gtm=45He35h0n71KNLCXK&cd7=701&cd9=production%20aws&cd51=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&cd69=Tandem&cd70=1684801718355.hupv1bnn&cd71=2023-05-23T00%3A28%3A38.355%2B00%3A00&cd97=(entrance)&cd98=en-nz&cd82=322488628.1684801719&z=1443692431
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 15:04:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
33825
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.bd615e91f206bba6c106.js
script.hotjar.com/ 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bd615e91f206bba6c106.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3453257.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.249.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-249-94.sin52.r.cloudfront.net
Software
/
Resource Hash
b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 12:11:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 dd1d744d35431de55502bf3c7c1efcc6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C2
age
303452
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69451
last-modified
Fri, 19 May 2023 12:10:27 GMT
etag
"9426a0fb3ec77e5ad24ce096383ab689"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
g_6K8oERpC6FgNQIMPk_PV7UwVbn3GTT0g3mLLVieNGj44FrgkwOuQ==
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-648618-87&cid=322488628.1684801719&jid=1624048159&_u=YCDAgUABAAAAAEAEK~&z=1170660858
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::67 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-648618-87&cid=322488628.1684801719&jid=1624048159&_u=YCDAgUABAAAAAEAEK~&z=1170660858
Requested by
Host: www.tandemtravel.co.nz
URL: https://www.tandemtravel.co.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c06::5e , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&aip=1&a=2123993838&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAiUABBAAAAEAEK~&jid=&gjid=&cid=322488628.1684801719&tid=UA-648618-87&_gid=359499731.1684801719&gtm=45He35h0n71KNLCXK&cd7=701&cd9=production%20aws&cd51=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&cd69=Tandem&cd70=1684801720568.ln07tlu4&cd71=2023-05-23T00%3A28%3A40.568%2B00%3A00&cd97=(entrance)&cd98=en-nz&cd82=322488628.1684801719&z=344918546
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.tandemtravel.co.nz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 May 2023 08:08:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58785
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-7W0V730RP5&gtm=45je35h0&_p=2123993838&cid=322488628.1684801719&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&dl=https%3A%2F%2Fwww.tandemtravel.co.nz%2F&sid=1684801718&sct=1&seg=1&dt=Corporate%20Travel%20Management%20Company%3A%20Air%20New%20Zealand%20Tandem%20Travel&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-7W0V730RP5&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::71 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tandemtravel.co.nz/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 May 2023 00:28:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.tandemtravel.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| CMS_JS_SCRIPT_URL string| pwUiPublicPath object| dataLayer object| Modernizr string| siteLocale string| oscarClientID boolean| rumMetrics boolean| isHomePage string| geoTargetLocation function| $ function| jQuery object| webpackJsonp object| pwUi object| loadedPWUIblockScripts boolean| needTranslate string| unisonLocale object| regeneratorRuntime object| tileContainerTiles1 boolean| tileContainerTiles1AlreadyRendered object| geoTargetOptions number| showRegionPicker function| getCmsTranslation object| Hogan string| ctx object| airNZLang boolean| allowCmsStoringData boolean| gtmEnabled object| cmstemplates function| decorateCMSLink object| cmsAnalytics object| cmsGeoLocation object| cmsStorage number| termsTimeout object| oscarQuestionsRelay object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| hj object| _hjSettings function| onYouTubeIframeAPIReady number| web_vitals_random string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| optimizely function| gtag

11 Cookies

Domain/Path Name / Value
.tandemtravel.co.nz/ Name: _gcl_au
Value: 1.1.1027350982.1684801718
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tandemtravel.co.nz/ Name: _ga
Value: GA1.3.322488628.1684801719
.tandemtravel.co.nz/ Name: _gid
Value: GA1.3.359499731.1684801719
.tandemtravel.co.nz/ Name: _dc_gtm_UA-648618-87
Value: 1
.tandemtravel.co.nz/ Name: _hjSessionUser_3453257
Value: eyJpZCI6IjY5ZDVhMDE3LWY1MTctNWVhNi04ZWU2LTNjNWJmMTVmYjNhNSIsImNyZWF0ZWQiOjE2ODQ4MDE3MjA1MzksImV4aXN0aW5nIjpmYWxzZX0=
.tandemtravel.co.nz/ Name: _hjFirstSeen
Value: 1
.tandemtravel.co.nz/ Name: _hjIncludedInSessionSample_3453257
Value: 0
.tandemtravel.co.nz/ Name: _hjSession_3453257
Value: eyJpZCI6IjJlOWE2MzgzLTAyMGItNDUwYi1iYmU1LTkyZDMyYWZkOTE4ZCIsImNyZWF0ZWQiOjE2ODQ4MDE3MjA1NDgsImluU2FtcGxlIjpmYWxzZX0=
.tandemtravel.co.nz/ Name: _hjAbsoluteSessionInProgress
Value: 0
.tandemtravel.co.nz/ Name: _ga_7W0V730RP5
Value: GS1.1.1684801718.1.1.1684801720.0.0.0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src 'self'; base-uri 'self'; form-action 'self' flightbookings.airnewzealand.co.kr flightbookings.airnewzealand.kr flightbookings.airnewzealand.ca flightbookings.airnewzealand.cn flightbookings.airnewzealand.co.nz flightbookings.airnewzealand.co.uk flightbookings.airnewzealand.com.au flightbookings.airnewzealand.com.hk flightbookings.airnewzealand.com.sg flightbookings.airnewzealand.com.tw flightbookings.airnewzealand.com flightbookings.airnewzealand.de flightbookings.airnewzealand.eu flightbookings.airnewzealand.fr flightbookings.airnewzealand.hk flightbookings.airnewzealand.jp flightbookings.airnewzealand.pf flightbookings.airnewzealand.tw flightbookings.airnewzealand.com.cn flightbookings.grabaseat.co.nz flightbookings.airnewzealand.co.jp; script-src 'self' p-airnz.com 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.gstatic.com *.google.com *.ggpht.com *.googleusercontent.com s.wayin.com xd.wayin.com s.engagesciences.com display.engagesciences.com player.vimeo.com www.youtube.com s.ytimg.com *.demdex.net www.google-analytics.com analytics.google.com tagmanager.google.com www.googletagmanager.com *.doubleclick.net www.googleadservices.com www.googletagservices.com www.google.com static.hotjar.com script.hotjar.com; style-src 'unsafe-inline' p-airnz.com fonts.googleapis.com tagmanager.google.com static.hotjar.com script.hotjar.com; img-src https: data: static.hotjar.com script.hotjar.com; font-src p-airnz.com fonts.googleapis.com fonts.gstatic.com script.hotjar.com; media-src 'self' video.cdnvue.com ; frame-src 'self' *.google.com xd.wayin.com display.engagesciences.com player.youku.com v.qq.com player.vimeo.com www.youtube.com airnz.wufoo.com *.demdex.net *.doubleclick.net www.googletagmanager.com vars.hotjar.com; connect-src 'self' api.airnz.io api.airnz.ai *.googleapis.com *.google.com *.gstatic.com *.demdex.net *.tt.omtrdc.net www.google-analytics.com region1.google-analytics.com region1.analytics.google.com analytics.google.com stats.g.doubleclick.net adservice.google.com pagead2.googlesyndication.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com airnzcrm.azurewebsites.net; object-src 'none'; frame-ancestors 'none'; report-uri /csp-report
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
p-airnz.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tandemtravel.co.nz
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.tandemtravel.co.nz
13.224.249.19
13.224.249.94
2404:6800:4003:c01::71
2404:6800:4003:c03::9c
2404:6800:4003:c04::61
2404:6800:4003:c06::5e
2404:6800:4003:c06::67
2404:6800:4003:c06::9a
2406:da1c:dd7:fb02:4036:4f90:4bec:8c11
2406:da1c:dd7:fb03:913b:72d0:e4b2:c37c
2600:9000:229f:1800:e:d5fb:8340:93a1
2600:9000:229f:8600:e:d5fb:8340:93a1
0031dcef8348ad61cce7d8f44973fe5bb1bf314c0658c1aecbc3ae3283cf5a28
012529edd4945bd53972f89b3171199207a402fb5570c8b58d6e5327f2adb70e
100ee8564203b5c47ce7383d50c38b59eb8f0839f067567f5129c680a56c1c07
1892c14fe15e4c2827369e2d57089bcefe71e5ea9c34dfbf0afb0357eaf906b9
1cc2d28d2ec986a48bf75233acec795609f92b47735ef2e1fadc5a27bbff84b9
1d9b97afb9c874a9594cd5dbbbb12c198b0bd26f58ede5b7ab68159202015be0
21550aaee171fdba80e833b9c253f1e7b7270af915da2907a66df40275628358
2300df0ce916fee80545e07206756ea3991875cb8573a9358f20c6f0e96e835f
2419e05313c7b09698e2d27425d214900c5fcf883fe834f5b9c51b9b9b66aba9
2e64a8344deb15e4df01a4089c10e2019d666c82c36996eff88441336c140331
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
36f9c2baad555dfe007899979a9f0545f98365e647ff49ea10523fb86716ea35
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49bcd9fbfd32d3a7a34d7414e755a0de64253af066d30e50a22574318780511e
4e4ebb8fb89d061422e6b6cbebf22505bd5de179e718ab4248c20bb31baeb486
51c23b8dff56943b1764dc6ec38919425fdd134043371145e30d04e47a66eadb
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
5a0ba92850d23a86ec25d0b01bf274bf19461dfbd78342228c57a3946fb037df
6abc609d151f30db038bd01b71ac35be0e81930d76345b00a924a7d5f6e15bad
6f0129d5ce6c07c02e16e4e4340b89e979f728317e29a7677a554bbfb0849f70
79e5dc05af7ecc1c0ad168e3ca3b99d65840850098157bb000a42467810126d5
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
81245b9e3a7a555d2ea1d430bfee0f87304a2bc7ceb232f2c7292e31b89404de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ae6411bd3567745a87cb385c58621bf2a55c69925320744cfc1e77763724640
8b8c7001acb14f1929a5b7a1def6e76caa10ef4150d577fe0960eb0d8718675c
8e95075c1f089af7a5f79f1b4778fe33717b14c2fb3aed16b67b69359ada7fb5
8f05fec5b65632e0978b84397c3e186f49b304f4504ab97187fb85b8a60821bb
933a0021b6019dba251522496f775567164f345aa99476d8ecc7b9e359814f4b
93f620bcee155b2e708a80b62b51a2eab01dab23131f98cb630221e18ad2804e
abd00a6786527cfa78a4781a8d34baeb8828e1c3a34025997a729677d944be18
afb7a043da12b8eae57c803f15bd55283f5640f61f497604cc98209d9538b789
b29031a05eb5d7f9d64df14913c7c3835094a0e8f00f376e584aec1829b6a300
b7d6c0f9a48e8bf195039d4d918a412030b9eca30e15813ba606ea8aecc5b4f3
b985e744045a47aa52ee966b6ff8231020388bc249d07d394ca0352d63597e09
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c5c7234d6591ed3874eb95e423861307d9cee365517afe2442dedc9fd7acb0dd
cf13f82ed4c4a24249f405e42a7f247dff11d477c4bf2cf5c596ee64d0a414ce
d71b5b5d913c7873ae6c30bf55ff399b6fef17dc02a4c0cbd1e629cab180f272
d7e16f7c02eb20581298d0960ce2ad9585e4bf05b0112251ae17d4116d677306
d8e3b6e894e881da9216a6dd4f7155bf1c53543b81869550689572a25c390e88
e07ed64880215bc870733b66600f82346824b605aae4ac2bd5871df56e62599e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7551c164252d91a63493e0d8c41472716f303c33833de1e93176fbb1ee1f52f
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9bfdf864996fc4caaf2377503890c5afce93a3cce7a04bc28494aa87ac9ce17
ee2d579341b7b5b3a75f610c55ff4e5c594649569e3293bdd4c9296235f79253
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaeb6796f9019a4da480b669468c4cd2a82909f8cc12e22a40a176ebb3efa63
f0ba1939f41a7478e53bc82839ab49618495ffc71a552443398957cf7c184e18
f5ee40af08dfcb7abba5e8de323e076f9721e4a1488b59f7dd1b11ce387d55c5