avitaltours.com Open in urlscan Pro
192.124.249.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://avitaltours.com/
Effective URL:
https://avitaltours.com/
Submission: On August 09 via manual (August 9th 2023, 10:32:41 pm UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 4 countries across 32 domains to perform 111 HTTP transactions. The main IP is 192.124.249.69, located in United States and belongs to SUCURI-SEC, US. The main domain is avitaltours.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 13th 2023. Valid for: a year.

This is the only time avitaltours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	192.124.249.69 192.124.249.69	30148 (SUCURI-SEC) (SUCURI-SEC)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.127.89 18.66.127.89	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:893b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:26e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:21f... 2600:9000:21f3:3200:f:b2f5:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
5	199.232.197.208 199.232.197.208	54113 (FASTLY) (FASTLY)
1	18.66.121.142 18.66.121.142	16509 (AMAZON-02) (AMAZON-02)
2	52.216.146.99 52.216.146.99	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700::68... 2606:4700::6811:cb35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:220... 2600:9000:2204:ba00:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:fa00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:65ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:6dc7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2600:9000:223... 2600:9000:223d:b600:f:9de7:2240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c03::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:fc00:16:5ccd:c900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.66.121.91 18.66.121.91	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:780... 2a02:26f0:780::210:a469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:ca35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.194.201.196 54.194.201.196	16509 (AMAZON-02) (AMAZON-02)
111	41

34 192.124.249.69 (United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10069.sucuri.net

avitaltours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-89.fra60.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:893b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:26e (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:3200:f:b2f5:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.232.197.208 (United States)

ASN54113 (FASTLY, US)

js.peek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.121.142 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-142.fra60.r.cloudfront.net

d2j3qa5nc37287.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.146.99 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

pirassets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:cb35 (United States)

ASN13335 (CLOUDFLARENET, US)

my.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:ba00:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:fa00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:65ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:6dc7 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223d:b600:f:9de7:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)

form.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:fc00:16:5ccd:c900:93a1 (United States)

ASN16509 (AMAZON-02, US)

usercontent.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.121.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-91.fra60.r.cloudfront.net

dxvgidz67iahm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2f3 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5f3 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ca35 (United States)

ASN13335 (CLOUDFLARENET, US)

aly.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.201.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-201-196.eu-west-1.compute.amazonaws.com

js.logentries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	avitaltours.com 1 redirects avitaltours.com	913 KB
8	flodesk.com assets.flodesk.com — Cisco Umbrella Rank: 19958 form.flodesk.com — Cisco Umbrella Rank: 27806 usercontent.flodesk.com — Cisco Umbrella Rank: 30125	847 KB
6	jst.ai my.jst.ai — Cisco Umbrella Rank: 17304 cdn.jst.ai — Cisco Umbrella Rank: 18591 aly.jst.ai — Cisco Umbrella Rank: 16830	56 KB
5	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 7688 api.hubspot.com — Cisco Umbrella Rank: 4733 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 6807 track.hubspot.com — Cisco Umbrella Rank: 2249	23 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 368 www.linkedin.com — Cisco Umbrella Rank: 543 px4.ads.linkedin.com — Cisco Umbrella Rank: 5984	5 KB
5	peek.com js.peek.com — Cisco Umbrella Rank: 84176	70 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	301 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 541 p.typekit.net — Cisco Umbrella Rank: 664	24 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5933	669 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3	815 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 114	2 KB
3	cloudfront.net d2j3qa5nc37287.cloudfront.net dxvgidz67iahm.cloudfront.net	50 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 374	13 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392 fonts.googleapis.com — Cisco Umbrella Rank: 67	36 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3935	27 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4264 perf-na1.hsforms.com — Cisco Umbrella Rank: 8522	2 KB
2	gstatic.com fonts.gstatic.com	97 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	233 B
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4735 forms.hscollectedforms.net — Cisco Umbrella Rank: 4829	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	amazonaws.com pirassets.s3.amazonaws.com	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	134 KB
2	gaconnector.com tracker.gaconnector.com — Cisco Umbrella Rank: 64952	3 KB
1	logentries.com js.logentries.com — Cisco Umbrella Rank: 54851	252 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2185	20 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2182	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4791	22 KB
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 890	369 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 10859	54 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 819	5 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2442	1 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5561	2 KB
111	32

	Domain	Requested by
34	avitaltours.com	1 redirects avitaltours.com
5	js.peek.com	avitaltours.com js.peek.com
4	form.flodesk.com	assets.flodesk.com
4	www.googletagmanager.com	avitaltours.com www.googletagmanager.com
3	www.google.de	avitaltours.com
3	cdn.jst.ai	d2j3qa5nc37287.cloudfront.net cdn.jst.ai
3	px.ads.linkedin.com	3 redirects
3	assets.flodesk.com	avitaltours.com assets.flodesk.com
3	bat.bing.com	avitaltours.com bat.bing.com
3	static.addtoany.com	avitaltours.com static.addtoany.com
2	fonts.gstatic.com	fonts.googleapis.com
2	dxvgidz67iahm.cloudfront.net	pirassets.s3.amazonaws.com
2	www.google.com	avitaltours.com
2	use.typekit.net	assets.flodesk.com use.typekit.net
2	api.hubspot.com	js.usemessages.com
2	fonts.googleapis.com	js.peek.com assets.flodesk.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	avitaltours.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	my.jst.ai	d2j3qa5nc37287.cloudfront.net ajax.googleapis.com
2	pirassets.s3.amazonaws.com	avitaltours.com
2	connect.facebook.net	avitaltours.com connect.facebook.net
2	tracker.gaconnector.com	avitaltours.com tracker.gaconnector.com
1	js.logentries.com
1	aly.jst.ai	ajax.googleapis.com
1	track.hubspot.com
1	perf-na1.hsforms.com	avitaltours.com
1	forms.hsforms.com	avitaltours.com
1	p.typekit.net	use.typekit.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	usercontent.flodesk.com	avitaltours.com
1	region1.analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	px4.ads.linkedin.com	avitaltours.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	www.clickcease.com	avitaltours.com
1	snap.licdn.com	avitaltours.com
1	d2j3qa5nc37287.cloudfront.net	avitaltours.com
1	js.hs-scripts.com	avitaltours.com
1	cdn-images.mailchimp.com	avitaltours.com
1	ajax.googleapis.com	avitaltours.com
111	48

This site contains no links.

Subject Issuer	Validity	Valid
avitaltours.com Starfield Secure Certificate Authority - G2	`2023-03-13` - `2024-03-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
cdn-images.mailchimp.com Amazon RSA 2048 M02	`2023-06-20` - `2024-07-17`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-19` - `2023-08-17`	3 months	crt.sh
*.flodesk.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
js.peek.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-01` - `2024-08-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
my.jst.ai Cloudflare Inc ECC CA-3	`2023-03-31` - `2024-03-30`	a year	crt.sh
clickcease.com Amazon RSA 2048 M02	`2022-10-27` - `2023-11-25`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
cdn.jst.ai Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
aly.jst.ai R3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
eu.logentries.com Amazon RSA 2048 M01	`2023-02-10` - `2024-02-15`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://avitaltours.com/
Frame ID: CCB4EE4D0A627E66FB6BB7E952970B81
Requests: 105 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: D1550E7650F4454ABDB240E1946F85F3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=5.77
Frame ID: 67D146ECC1D23178B0A91484F71BBF0D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E9EC40D603FB8EB0CDEE90235B35A899
Requests: 1 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=5.77
Frame ID: 0407DBED8276D11D260EBE8B0E7D691B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Interactive Food + Drink Experiences | NYC, SF, LA, Virtual | Avital:

Page URL History Show full URLs

http://avitaltours.com/ HTTP 301
https://avitaltours.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

Peek (Widgets) Expand

Overall confidence: 100%
Detected patterns

js\.peek\.\w+

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

99 %
HTTPS

81 %
IPv6

32
Domains

48
Subdomains

41
IPs

4
Countries

2780 kB
Transfer

5206 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://avitaltours.com/ HTTP 301
https://avitaltours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D572226%26time%3D1691620353288%26url%3Dhttps%253A%252F%252Favitaltours.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJVYY_nbo0FLQAAAYncbigj_Sz2SdBh3goo-hL-GKeM1o7NGGcOgVEZysTYAgFA

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
avitaltours.com/
Redirect Chain

http://avitaltours.com/
https://avitaltours.com/

53 KB
13 KB

27ms
9ms

Document
text/html

192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

802165e526af0da1a2f767bda6322e6503bc1bfd88ae31b28bdf64cef91dadbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Wed, 09 Aug 2023 22:32:33 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://avitaltours.com/wp-json/>; rel="https://api.w.org/", <https://avitaltours.com/wp-json/wp/v2/pages/2244>; rel="alternate"; type="application/json", <https://avitaltours.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-httpd: 1
x-proxy-cache: HIT
x-sucuri-cache: HIT
x-sucuri-id: 15019
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 24
Content-Type: text/plain
Date: Wed, 09 Aug 2023 22:32:33 GMT
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Location: https://avitaltours.com/
Server: Sucuri/Cloudproxy
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Proxy-Cache-Info: DT:1
X-Sucuri-Cache: EXPIRED
X-Sucuri-ID: 15019
X-XSS-Protection: 1; mode=block

GET
H2 200 TradeGothic-bold-condensed-webfont.woff
avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/ 34 KB
35 KB 12ms
9ms Font
font/woff 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/TradeGothic-bold-condensed-webfont.woff

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

1c3a051b35b81ed63635b80d6ba1b5771441785b24ac67c5f1676c210b829eab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 35037
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:32 GMT
server: nginx
etag: "5e8e3c24-88dd"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GandhiSans-Regular-webfont.woff
avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/ 25 KB
25 KB 26ms
23ms Font
font/woff 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/GandhiSans-Regular-webfont.woff

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

8f6d93e567b10a60389690bc82dfd7a0f84e8478152e59d2c5210598fe4841ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 25428
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:31 GMT
server: nginx
etag: "5e8e3c23-6354"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GandhiSans-Bold-webfont.woff
avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/ 25 KB
25 KB 27ms
25ms Font
font/woff 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/GandhiSans-Bold-webfont.woff

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

8a1e062ac5d2749fc6c23649c9279bda04608d752eb0e7901b6f6e289b165b82

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 25520
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:26 GMT
server: nginx
etag: "5e8e3c1e-63b0"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GandhiSans-Italic-webfont.woff
avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/ 26 KB
26 KB 28ms
25ms Font
font/woff 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/GandhiSans-Italic-webfont.woff

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

614353ad90b59859d111609e403f1860f6f3b5df2b619e6194a1d4857b292ad5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 26540
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:29 GMT
server: nginx
etag: "5e8e3c21-67ac"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 GandhiSans-BoldItalic-webfont.woff
avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/ 26 KB
26 KB 28ms
26ms Font
font/woff 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/fonts/GandhiSans-BoldItalic-webfont.woff

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

0b1c11dd51f23595b54668926ef84c61133e278bce1e9a217c0dc89a9659d684

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 26136
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:28 GMT
server: nginx
etag: "5e8e3c20-6618"
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
avitaltours.com/wp-includes/css/dist/block-library/ 95 KB
12 KB 18ms
16ms Stylesheet
text/css 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 02:11:56 GMT
server: nginx
etag: W/"642792ec-17ced"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 classic-themes.min.css
avitaltours.com/wp-includes/css/ 291 B
559 B 19ms
17ms Stylesheet
text/css 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-includes/css/classic-themes.min.css?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 02:11:56 GMT
server: nginx
etag: W/"642792ec-123"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shortcodes.css
avitaltours.com/wp-content/plugins/column-shortcodes//assets/css/ 3 KB
999 B 20ms
18ms Stylesheet
text/css 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

a2b52f4819c133bc281608895d14021d514a47cb8300a6d671226785319813f0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Sep 2020 21:43:07 GMT
server: nginx
etag: W/"5f5011eb-c71"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facets.css
avitaltours.com/wp-content/plugins/swiftype-search/assets/ 355 B
545 B 21ms
19ms Stylesheet
text/css 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/plugins/swiftype-search/assets/facets.css?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

e4cffada9c9643f6e548214c3b0ff4e1d38618140c50b0ee57babab145160eba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 18:23:00 GMT
server: nginx
etag: W/"6182d384-163"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 screen.min.css
avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/css/ 116 KB
19 KB 21ms
20ms Stylesheet
text/css 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/css/screen.min.css?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

fa3dd06787441f0a3a4485e4bc8cf64b4ea7a7ddf144ea1b8e9d970fa372fcba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 23 Oct 2021 22:39:05 GMT
server: nginx
etag: W/"61748f09-1d11d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 addtoany.min.css
avitaltours.com/wp-content/plugins/add-to-any/ 1 KB
797 B 22ms
21ms Stylesheet
text/css 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 02:12:14 GMT
server: nginx
etag: W/"642792fe-5ef"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 66ms
19ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92545ae7b38b727089c99033d3557a18ee913a608fe8b26fb24973eb8660f17d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 43398
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 09 Aug 2023 10:28:36 GMT
server: cloudflare
etag: W/"c09-6027af130ca25"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7f4374a69c6dbbbb-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0// 94 KB
33 KB 61ms
8ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0//jquery.min.js

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 02:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Aug 2024 02:19:33 GMT

GET
H2 200 addtoany.min.js Show response
avitaltours.com/wp-content/plugins/add-to-any/ 129 B
495 B 16ms
11ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 02:12:14 GMT
server: nginx
etag: W/"642792fe-81"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors.min.js Show response
avitaltours.com/wp-content/themes/avitaltours_2018/js/ 188 KB
56 KB 27ms
26ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/js/vendors.min.js?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

dd886a200de027927efa457c2b4fa3ef4dd8555e1dbb441ba46d9fed398dedd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:08:16 GMT
server: nginx
etag: W/"5e8e3d40-2ee0d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
61 KB 68ms
21ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23918221-1

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8164c02d1f5d2d928752a22c3c5b11c3433331833b028cb7d5a34d9f7bdf5245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61615
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 21:50:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Aug 2023 22:32:33 GMT

GET
H/1.1 200
OK classic-081711.css
cdn-images.mailchimp.com/embedcode/ 3 KB
2 KB 51ms
9ms Stylesheet
text/css 18.66.127.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-081711.css
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6f4e220da1d394544fa342b883483af7f0294f92a7c988f6606ae78775d6aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
Date: Wed, 09 Aug 2023 18:30:11 GMT
X-Amz-Cf-Pop: FRA60-P2
Age: 14541
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 18 Aug 2011 14:29:34 GMT
Server: AmazonS3
ETag: W/"d813facc50cef75301d8b012379bb198"
Vary: Accept-Encoding
Content-Type: text/css
x-amz-meta-s3fox-filesize: 3553
x-amz-meta-s3fox-modifiedtime: 1313677757000
X-Amz-Cf-Id: 34pg7sGaGSWHaqJ7xH0gFmVx6j2WwWooQwbgbOLIS4fmDwtHnbjuOg==

GET
H2 200 avital-culinary-experiences.jpg
avitaltours.com/wp-content/uploads/2021/07/ 221 KB
222 KB 16ms
12ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2021/07/avital-culinary-experiences.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

53dd72fe41db7f0d7264af4a11371e2716e353350b1682c34a9c15b2a9af7345

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 226670
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jul 2021 19:43:50 GMT
server: nginx
etag: "60e603f6-3756e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
avitaltours.com/wp-includes/js/ 3 KB
2 KB 7ms
7ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-includes/js/comment-reply.min.js?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Thu, 26 May 2022 08:02:57 GMT
server: nginx
etag: W/"628f3431-ba5"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4591768.js Show response
js.hs-scripts.com/ 2 KB
1 KB 161ms
133ms Script
application/javascript 2606:4700::6812:893b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/4591768.js?integration=WordPress&ver=10.1.23

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:893b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de35677df9a82401950a9ce87ab92890b86218db8e8ba8d4a28269eae2854c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5cc547ea-8766-42ff-b4e7-cca44e2a5298
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5cc547ea-8766-42ff-b4e7-cca44e2a5298
last-modified: Wed, 09 Aug 2023 22:32:33 GMT
server: cloudflare
x-trace: 2BDA9D36F0CD07CAC5B83BE62478E6BCF9C13AFB52000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://avitaltours.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-5r95m
cf-ray: 7f4374a679c630c4-FRA
expires: Wed, 09 Aug 2023 22:33:33 GMT

GET
H2 200 gaconnector.js Show response
tracker.gaconnector.com/ 7 KB
3 KB 247ms
199ms Script
text/javascript 2606:4700:20::681a:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.gaconnector.com/gaconnector.js
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992ed9ebcdf550a20fe62e377bdd1b0eb337173a374234bec501b74080adbc48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mE64lmegDPe6VV9iOCvmgyMUCVfCpX%2FMs7OY7K4qHm3M4ENdpqnb9l93i3AhzJEf%2FW4JPQ0zhQGCV%2BIKt3fTg6i8v0wSMtSXEzspbzHR2Bf3Imm%2FVwCLRKy2GTB7LE5rj1j493aAKwmTyJxAzDaaJfkiL6O"}],"group":"cf-nel","max_age":604800}
x-cache: HIT
content-type: text/javascript
cf-ray: 7f4374a67af9bbb6-FRA

GET
H2 200 gaconnector.js Show response
avitaltours.com/wp-content/plugins/sergeyzuev-ga-connector-wordpress-plugin-2.3/ 1 KB
802 B 10ms
5ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/plugins/sergeyzuev-ga-connector-wordpress-plugin-2.3/gaconnector.js?ver=1.0

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

71901b7f9f706416ccdb8d706f71494eea5cf61c5914dd287eb7f5cb29f51ca4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Wed, 03 Nov 2021 18:24:07 GMT
server: nginx
etag: W/"6182d3c7-557"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazysizes.min.js Show response
avitaltours.com/wp-content/plugins/sg-cachepress/assets/js/ 8 KB
4 KB 13ms
8ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js?ver=7.3.1

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Feb 2023 12:26:21 GMT
server: nginx
etag: W/"63f8aced-1ed0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.min.js Show response
avitaltours.com/wp-content/themes/avitaltours_2018/js/ 8 KB
3 KB 15ms
9ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/js/custom.min.js?ver=1.0

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

ecae458a3e4abf2944460641c9ab1cc1b16fa5c8adfb0586c048d306e7dce940

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:45 GMT
server: nginx
etag: W/"5e8e3c31-2197"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 79ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 09 Aug 2023 22:32:32 GMT
last-modified: Fri, 28 Jul 2023 18:19:39 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47E431B186CE430A85D177F20C5CE2B3 Ref B: FRA31EDGE0711 Ref C: 2023-08-09T22:32:33Z
etag: "806f3b1280c1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12469

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
82 KB 82ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N553F66

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7938aa8936a483cabb91bafd0ef41ec691d97d785ce9fcc87775bd9790374fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83788
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 21:50:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Aug 2023 22:32:33 GMT

GET
H2 200 wp-emoji-release.min.js Show response
avitaltours.com/wp-includes/js/ 18 KB
5 KB 23ms
19ms Script
application/javascript 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://avitaltours.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: br
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-xss-protection: 1; mode=block
last-modified: Sat, 01 Apr 2023 02:11:56 GMT
server: nginx
etag: W/"642792ec-4904"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15019
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 09 Aug 2023 22:32:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: VFY8G+xScXI/74uqx1UoJE2dqyrNgI+nKwbvIUBxUq53vpA3FIs096/DJ7I+ObjwVCeS3jXIJhoe3PKsqYct4g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK universal.js Show response
assets.flodesk.com/ 174 KB
67 KB 70ms
12ms Script
application/javascript 2600:9000:21f3:3200:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/universal.js?v=1691620353010
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3200:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 798342a1dc3726c584b79678391a92584f33798b1a9fd0186dc52e4a1318c810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 02:33:29 GMT
Content-Encoding: gzip
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 244745
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2023 02:33:23 GMT
Server: AmazonS3
ETag: W/"233c9b2bb0fc363a19593893d8ec76f4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: gR5qv9UZN__uzgI9HwQjqzDgeb20maldakzJOjsb1TIh1VTfDvCeCQ==

GET
H2 200 widget_button.js Show response
js.peek.com/ 48 KB
11 KB 62ms
12ms Script
application/javascript 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/widget_button.js?ts=7-10

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

8eb6802b29b3b06d2b05a5457fd366396bb0ad825187239a4ae13300e68d0870

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Wed, 09 Aug 2023 22:32:33 GMT
age: 534
x-powered-by: Express
x-cache: HIT
content-length: 11383
x-served-by: cache-fra-eddf8230071-FRA
last-modified: Wed, 02 Aug 2023 18:59:15 GMT
server: nginx
x-timer: S1691620353.067857,VS0,VE1
etag: W/"c1c6-189b79e5aa0"
vary: Accept-Encoding
access-control-allow-methods: GET, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 1

GET
H2 200 widget_button.css
js.peek.com/ 269 KB
58 KB 61ms
12ms Stylesheet
text/css 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/widget_button.css?ts=7-10

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

b62aa84965dbf9d7f7235bd4012fc653174af3cbdd45f8bc442fea63d49e6e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Wed, 09 Aug 2023 22:32:33 GMT
age: 347
x-powered-by: Express
x-cache: HIT
content-length: 58570
x-served-by: cache-fra-eddf8230071-FRA
last-modified: Wed, 02 Aug 2023 18:03:53 GMT
server: nginx
x-timer: S1691620353.067838,VS0,VE1
etag: W/"43533-189b76ba728"
vary: Accept-Encoding
access-control-allow-methods: GET, GET
content-type: text/css; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 1

GET
H/1.1 200
OK coupon_code1.js Show response
d2j3qa5nc37287.cloudfront.net/ 3 KB
4 KB 59ms
13ms Script
application/javascript 18.66.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2j3qa5nc37287.cloudfront.net/coupon_code1.js
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.142 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-142.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d64fe6f42ea361aead5503e96adc170376553fddd3c2350d04e4e71b98b9942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: yeU5pG8_ng_oPdHWvMtWgcK1cxE26UCB
Date: Wed, 09 Aug 2023 02:37:44 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Last-Modified: Thu, 12 Nov 2020 22:18:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 504456
ETag: "0d90f75705633071cb4330dbccfe579a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: 2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3165
X-Amz-Cf-Id: jWZorld_IntfJ0r-BDJkX5adgF_UubWkkCNtuKx5uFdV3hnKaeGWpg==

GET
H/1.1 200
OK widget_button.js Show response
pirassets.s3.amazonaws.com/assets/ 11 KB
4 KB 530ms
123ms Script
text/javascript 52.216.146.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pirassets.s3.amazonaws.com/assets/widget_button.js?id=5a7c877bc4c4b4cc5a00000a&ts=7-10
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.146.99 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ca725f4899c25c99bed2e42020974490efc9f9937bd22fd92be87dbc96ff8ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 22:32:34 GMT
Content-Encoding: gzip
x-amz-version-id: null
Last-Modified: Tue, 05 May 2020 20:25:52 GMT
Server: AmazonS3
x-amz-request-id: J1D14AKDR5125M9D
ETag: "f1adc0326ecfc89d2e80065d616c6bf0"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 3809
x-amz-id-2: M6BFoO+jL9fU208B7LMTsRmjuVkS8wrURlW3872IVfEKR2mVG4jmTfIAPLS3xqeevNkccTzZu7s=

GET
H/1.1 200
OK widget_button.css
pirassets.s3.amazonaws.com/assets/ 16 KB
4 KB 555ms
123ms Stylesheet
text/css 52.216.146.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pirassets.s3.amazonaws.com/assets/widget_button.css?id=5a7c877bc4c4b4cc5a00000a&ts=7-10
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.146.99 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca246a2ca1e03c4b4480b54db971a6c75f61cf96c281ac43527596e498f70753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 22:32:34 GMT
Content-Encoding: gzip
x-amz-version-id: null
Last-Modified: Tue, 14 Feb 2017 00:46:56 GMT
Server: AmazonS3
x-amz-request-id: J1D14KYQBKMX6VWR
ETag: "c4f234de709390364e8dfbd6167f6073"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3712
x-amz-id-2: rviBkhYp78ynuX2Cjtn4nN5juI5fxZQB7+XLXHcqZo2qm4Iq9f5I7DK75mPFbvsBVujcx/PwB4U=

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 62ms
23ms Script
application/x-javascript 2a02:26f0:3500:16::215:148d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Jul 2023 09:07:54 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=11769
accept-ranges: bytes
content-length: 4862

GET
H2 200 avital-tours-logo.png
avitaltours.com/wp-content/themes/avitaltours_2018/inc/img/ 10 KB
11 KB 16ms
16ms Image
image/png 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/img/avital-tours-logo.png

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

57571455236ce0efac1b6446d6730bc7e403351e8346016303570bd99262b797

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 10574
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:34 GMT
server: nginx
etag: "5e8e3c26-294e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hero-gradient.png
avitaltours.com/wp-content/themes/avitaltours_2018/inc/img/ 116 KB
117 KB 15ms
15ms Image
image/png 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/inc/img/hero-gradient.png

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/css/screen.min.css?ver=6.2.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

6e2a80706729933b0733a1c1588fcd0115055d4bcfd98bcd5e44bc4013ceadf3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/css/screen.min.css?ver=6.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 119150
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Apr 2020 21:03:36 GMT
server: nginx
etag: "5e8e3c28-1d16e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 choose_btn.png
avitaltours.com/wp-content/uploads/2015/12/ 2 KB
2 KB 16ms
7ms Image
image/png 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2015/12/choose_btn.png

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

c786f897446b5af440503b9b67db4f87c652f9893bcd62e6d144f05933b671c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1866
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Aug 2018 23:22:11 GMT
server: nginx
etag: "5b8487a3-74a"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 san_img.jpg
avitaltours.com/wp-content/uploads/2015/12/ 19 KB
19 KB 18ms
9ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2015/12/san_img.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

43b7f0f2982dde0f2d7bce14be624d32410018455c03d3cf6158d925055d61ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 19117
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Jan 2019 09:12:40 GMT
server: nginx
etag: "5c2f2388-4aad"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 virtual-events-homepage-button.jpg
avitaltours.com/wp-content/uploads/2020/11/ 25 KB
26 KB 18ms
10ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2020/11/virtual-events-homepage-button.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

49429106d2f2556524afb0bfefa7c73590ddd3f474c269353f73793ed920820b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 25704
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Nov 2020 15:59:35 GMT
server: nginx
etag: "5fb7e7e7-6468"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 new-york-city-skyline.jpg
avitaltours.com/wp-content/uploads/2015/12/ 29 KB
29 KB 19ms
11ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2015/12/new-york-city-skyline.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

744ec41958e3aa8cd8ff639e83bd7a45226c201ca0bc2093c7d99ea0b339f096

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 29643
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Jan 2019 09:12:03 GMT
server: nginx
etag: "5c2f2363-73cb"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 los_img.jpg
avitaltours.com/wp-content/uploads/2015/12/ 15 KB
16 KB 19ms
11ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2015/12/los_img.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

7ce8be7848514c20f7f1b598091253b36237522af599c2f0eb66cc9c0d3af3c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 15669
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Jan 2019 09:12:40 GMT
server: nginx
etag: "5c2f2388-3d35"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 destination-dallas.jpg
avitaltours.com/wp-content/uploads/2023/04/ 31 KB
32 KB 19ms
12ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2023/04/destination-dallas.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

abf75fd7094f448b11d7a8a176fd66c6f9c452c95cfcd8f5e4e164d287af4a27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 32197
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 14:09:58 GMT
server: nginx
etag: "64302436-7dc5"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 destination-boston.jpg
avitaltours.com/wp-content/uploads/2023/04/ 45 KB
45 KB 18ms
13ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2023/04/destination-boston.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

a3b258b4145c578d58836b9c4b98f32857a242d74a638584b1c32b22c7120198

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 45850
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 14:09:59 GMT
server: nginx
etag: "64302437-b31a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 destination-silicon-valley.jpg
avitaltours.com/wp-content/uploads/2023/04/ 36 KB
36 KB 19ms
14ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2023/04/destination-silicon-valley.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

6dad51367cc1a35b2040ab31e503643b230e70661d4d596dc647f90b6b1c7ac5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 36501
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 14:10:00 GMT
server: nginx
etag: "64302438-8e95"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 destination-chicago.jpg
avitaltours.com/wp-content/uploads/2023/04/ 53 KB
53 KB 19ms
15ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2023/04/destination-chicago.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

776b3d0d32f369a11741b6d7f384f35b0691a8a8a315f449f27cf49f42a42657

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 53855
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 14:10:01 GMT
server: nginx
etag: "64302439-d25f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 destination-washington-dc.jpg
avitaltours.com/wp-content/uploads/2023/04/ 50 KB
50 KB 83ms
79ms Image
image/jpeg 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/uploads/2023/04/destination-washington-dc.jpg

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

de52d55ca3dbe498e35724fa83bc284e1f3589aa4d69e6b191055578696ee44f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
x-proxy-cache-info: DT:1
x-sucuri-cache: HIT
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 50900
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Apr 2023 14:10:02 GMT
server: nginx
etag: "6430243a-c6d4"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15019
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 689806011155486 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 70ms
70ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/689806011155486?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b06a74b7b35bf223a5e695431ce6f0e9897dc39bc856f23b40e7be5074ad9a88

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 09 Aug 2023 22:32:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dUafnuafWVBRBpobnmJILlWiGa8NASWyPB0e9Qzv2D12cJtDBkbldpKX4kRdrpWp9iN26hog468YaHSdkuoqBg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 account_version_check.html Show response
my.jst.ai/ajax/ 36 B
592 B 174ms
122ms Script
application/json 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.jst.ai/ajax/account_version_check.html?id=3BAED963-BE5D-462C-85AE-71A66CF8AF30
Requested by: Host: d2j3qa5nc37287.cloudfront.net
URL: https://d2j3qa5nc37287.cloudfront.net/coupon_code1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e662fe998b5a14cd5e1944705af7f4aa7f59882702f0536f0a803272aace79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
cf-cache-status: MISS
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400
content-length: 36
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Aug 2023 15:32:33 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30
accept-ranges: bytes
cf-ray: 7f4374a779ec9193-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires: Wed, 09 Aug 2023 22:33:03 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame D155 677 B
541 B 18ms
18ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1750987
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7f4374a73d28bbbb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 09 Aug 2023 22:32:33 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e4s
x-content-type-options: nosniff

GET
H3 200 core.c78901bc.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 197ms
179ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.c78901bc.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05d18955853a018a783dde77bcf072fb4e36df5bffafefb7be0e5e97411ab092

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 09 Aug 2023 10:28:35 GMT
server: cloudflare
etag: W/"1140a-6027af129c545"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7f4374a7580e9189-FRA

GET
H2 204 17549711.js Show response
bat.bing.com/p/action/ 0
117 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17549711.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 09 Aug 2023 22:32:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BBAC9B2F22E4480E916D216279D5D46E Ref B: FRA31EDGE0711 Ref C: 2023-08-09T22:32:33Z
x-cache: CONFIG_NOCACHE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 201ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23918221-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Aug 2023 21:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2890
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 09 Aug 2023 23:44:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
70 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-936198697&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23918221-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9dea0da18cf7f047a240a42c74ce0af5aaaa5894ece84f54ce311202aa3a0853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71416
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 21:50:53 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Aug 2023 22:32:33 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 171 KB
54 KB 195ms
18ms Script
application/javascript 2600:9000:2204:ba00:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2204:ba00:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
content-encoding: gzip
via: 1.1 e7150584c93f85e64aa53364c55a16c6.cloudfront.net (CloudFront)
date: Wed, 09 Aug 2023 22:32:29 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-amz-cf-pop: AMS50-C1
age: 4
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
server: AmazonS3
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: B8qJxoNHTIGnYgAsIZ2DqdO_GIUteWU6jhv-oB-bChMJ-tVtK_wVEA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
89 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L4XSDG0T2J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N553F66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1547ceb6fe608dff1c98ec8f6b8a0d743df58901ca175a54c48abf3fcb9f86a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 09 Aug 2023 22:32:33 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/572226/domain/avitaltours.com/ 36 B
369 B 351ms
187ms XHR
application/json 2600:9000:2204:fa00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/572226/domain/avitaltours.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:fa00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://avitaltours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
via: 1.1 24562ce7bb1d06e6505e84aac2d66ac6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: FuHg5oDopmJfr-gtJvuVx0UdGHdVocICVAh-N5ImEwEkKwOBDxCKGw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D572226%26time%3D1691620353288%26url%3Dhttps%253A%252F%252Favitaltours.com%252F%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJVYY_nbo0FLQAAAYncbigj_Sz2SdBh3goo-hL-GKeM1o...

0
265 B

181ms
150ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJVYY_nbo0FLQAAAYncbigj_Sz2SdBh3goo-hL-GKeM1o7NGGcOgVEZysTYAgFA
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: BE62B310498F4819A1592904BC2FFE8D Ref B: FRAEDGE1305 Ref C: 2023-08-09T22:32:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYChQ5PfPjZD1nHUR3hgQ==

Redirect headers

date: Wed, 09 Aug 2023 22:32:33 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 089482869C484E3D90CD638E1A89D5A4 Ref B: FRAEDGE1121 Ref C: 2023-08-09T22:32:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=572226&time=1691620353288&url=https%3A%2F%2Favitaltours.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQJVYY_nbo0FLQAAAYncbigj_Sz2SdBh3goo-hL-GKeM1o7NGGcOgVEZysTYAgFA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYChQ5MuFIlwTJNScd9oA==

GET
H2 200 gaconnector-server.js Show response
tracker.gaconnector.com/ 97 B
401 B 109ms
108ms Script
text/javascript 2606:4700:20::681a:26e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.gaconnector.com/gaconnector-server.js?page_url=https%3A%2F%2Favitaltours.com%2F&referer=
Requested by: Host: tracker.gaconnector.com
URL: https://tracker.gaconnector.com/gaconnector.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:26e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437eedd9273d04ff5d0b0483ee694335c4c337c4edbeefa75fbd01212c7a41e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CR6ASYuL64lTYXExu%2FQBZmhdvZaQNdQ1IIFP75XxbLm1NpP01JpASvHQZJMMqglJtUknBKCynJGzJUVVvmp8k6osQL2aei2gDrf5LQoLvQ1lZXquGcL8y4FlUFAHXsu8b76gxY%2FpYdqmXJ2VDX0pC9E%2BZGOF"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-ray: 7f4374a83ce2bbb6-FRA

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 62 KB
19 KB 283ms
141ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4591768.js?integration=WordPress&ver=10.1.23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18a126264ccf1b57353c1716284f1938d97f6c9c1107b42f0f5f1119fdc8bd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.405/bundles/project.js&cfRay=7f4374a91d844d5b-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"e50552ef5fa3c8468ae54211ce4b32f6"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.405/bundles/project.js
date: Wed, 09 Aug 2023 22:32:33 GMT
x-amz-version-id: 4regXpB5ZVq4jYlMfK8HxsaBt3Cun5OH
via: 1.1 872e43fac89d80c9557000efb9c31650.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 111708e7-75a9-4ffa-a2bc-4725f2559d04
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 111708e7-75a9-4ffa-a2bc-4725f2559d04
last-modified: Thu, 27 Jul 2023 03:59:43 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kbjZU1TXgQNagfZbRI7PBVFl7u%2BCpkUV6L7mVDoJRDJmwJsMjO9EWN7yOubD68l5xM%2FQVc2YfV4J6B8YOFTmttex87Uwz3F%2BQahH3GmmbMXPV4sBYCqy9buTmttTT8yErmfr0%2BxEreKyFdf"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xhv87
cf-ray: 7f4374a91d844d5b-FRA
x-amz-cf-id: lc_SJ15V_BLoXbYFG815Ze0uVQQtEu7H1M6PX8mv6G6tyQxkA4oZaA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 167ms
19ms Script
application/javascript 2606:4700::6811:65ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4591768.js?integration=WordPress&ver=10.1.23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:65ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0cef12e7cae22af7f8d6572e933e3902d1bd2512e38ca71176b80cc596f5460

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
x-amz-version-id: yGMcMPQkkEJgshvdTzOMnReBUTFy_tqy
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 327
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13743/bundles/project.js&cfRay=7f436cafdae45cb0-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: d2d0225e-39d3-42bc-8aa8-0b2d0f25480d
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d2d0225e-39d3-42bc-8aa8-0b2d0f25480d
last-modified: Tue, 08 Aug 2023 05:03:54 UTC
server: cloudflare
etag: W/"5c6028c0fdd08359e69b028938beeb7d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-6vqnb
cf-ray: 7f4374a92ff39a18-FRA
x-amz-cf-id: wnr8D1QitEzaIhQI6hAc2UYlNT9CFu26ngGYOGIOJ8Nc9lafLY0sZA==
x-hs-target-asset: conversations-embed/static-1.13743/bundles/project.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 258ms
124ms Script
application/javascript 2606:4700::6811:6dc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4591768.js?integration=WordPress&ver=10.1.23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
x-amz-version-id: EcjZkyUfgxNGQ.xnv1Vqq9Oda2f1T.dE
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: c49d4179-abd0-4d47-827a-669e2b463a05
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.394/bundles/project.js&cfRay=7f4374a91ad92c18-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c49d4179-abd0-4d47-827a-669e2b463a05
last-modified: Wed, 09 Aug 2023 09:05:38 UTC
server: cloudflare
etag: W/"6fb5b8aa66d730f2a49b41a9c712ffa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-h6thn
cf-ray: 7f4374a91ad92c18-FRA
x-amz-cf-id: i_VDLotHSwiyUSq4SiojV_LhgJIKOuj9AELaIHwYws7Ljbm7gPayvw==
x-hs-target-asset: collected-forms-embed-js/static-1.394/bundles/project.js

GET
H2 200 4591768.js Show response
js.hs-analytics.net/analytics/1691620200000/ 66 KB
21 KB 306ms
159ms Script
text/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1691620200000/4591768.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4591768.js?integration=WordPress&ver=10.1.23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c2f73dd09b8641a77b3430c7a3bc9070b735ad0b99a5ecae0c7d14527f61e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: J1DF4EK2DX5C8A6E
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d2c8152e-e006-443f-914e-ed237fdfc4eb
x-envoy-upstream-service-time: 17
x-amz-id-2: qVw5N8ajrvh349bbNFm4KgkGVkj9rIeAiaE5TyJs9If6rOu0X9nC1YzSln1c2eoLhc020LwV/gY=
x-evy-trace-listener: listener_https
x-request-id: d2c8152e-e006-443f-914e-ed237fdfc4eb
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 20 Jul 2023 16:00:04 GMT
server: cloudflare
etag: W/"de29827dbf7b315fae2b0da739db5215"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7f4374a92c421e31-FRA
expires: Wed, 09 Aug 2023 22:37:33 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/4591768/ 65 KB
20 KB 530ms
383ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/4591768/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4591768.js?integration=WordPress&ver=10.1.23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 772f19bc4c8581eb61074e68fbbac11e4c38d6b8a7b23d023f8389e03c58fe11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
x-amz-version-id: JUlPPWjI54s4OVxB1hSGgbeO6MBYbXzZ
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 05TC4NS504NY5YE1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 334927b5-3666-4ff2-89c8-ac175dad285e
x-envoy-upstream-service-time: 56
x-amz-id-2: MQTcPXZ1n7htHuKNK3Eb7K+vr3tV8xGVDyMQtPv23C/6cS+fu/3sgwwTOcxSCXukwu83l14jftTyxGvKcuGUiQ==
x-evy-trace-listener: listener_https
x-request-id: 334927b5-3666-4ff2-89c8-ac175dad285e
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 31 Jul 2023 22:02:47 GMT
server: cloudflare
etag: W/"ea87563beebb77a451f9ec8862d15648"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://avitaltours.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-5wnkk
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7f4374a92ec34da2-FRA
expires: Wed, 09 Aug 2023 22:37:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 140ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=689806011155486&ev=PageView&dl=https%3A%2F%2Favitaltours.com%2F&rl=&if=false&ts=1691620353334&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691620353332.983226715&it=1691620353138&coo=false&exp=a1&rqm=GET

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 09 Aug 2023 22:32:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 500 loading.gif
avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/inc/ 653 B
653 B 565ms
564ms Image
text/html 192.124.249.69
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/inc/loading.gif

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/css/screen.min.css?ver=6.2.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.69 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10069.sucuri.net

Software

nginx /

Resource Hash

84b34e8d2e5e6a97c43484bd636c2b602ab368c52f96199a65a7224519007693

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/css/screen.min.css?ver=6.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:34 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-proxy-cache-info: 0 NC:000000 UP:
content-type: text/html; charset=iso-8859-1
x-sucuri-cache: MISS
x-sucuri-id: 15019
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 653
x-xss-protection: 1; mode=block
x-proxy-cache: MISS

GET
H2 200 embeds.js Show response
js.peek.com/ 459 B
369 B 101ms
101ms Script
application/javascript 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/embeds.js

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=7-10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

ce5c276d49c4b5106351f16f523521fd6c4a06dcc0f74140331a1d7d779c93d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
content-encoding: gzip
via: 1.1 google, 1.1 varnish
date: Wed, 09 Aug 2023 22:32:33 GMT
age: 0
x-powered-by: Express
x-cache: HIT
content-length: 256
x-served-by: cache-fra-eddf8230071-FRA
last-modified: Wed, 02 Aug 2023 18:03:53 GMT
server: nginx
x-timer: S1691620353.367768,VS0,VE92
etag: W/"1cb-189b76ba728"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *, *
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type, Content-Type
x-cache-hits: 1

GET
H2 200 h Show response
js.peek.com/ 2 B
334 B 125ms
107ms Fetch
text/plain 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/h?tls=null&type=sp_page_view&lt=null&tl=null&uid=16916203533691170&src=&apik=null&dh=avitaltours.com&path=%2F&btns=0&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=7-10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Wed, 09 Aug 2023 22:32:33 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2
x-served-by: cache-fra-eddf8230088-FRA
server: nginx
x-timer: S1691620353.390179,VS0,VE97
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

GET
H2 200 607c5552afc5dfb8a8471d77 Show response
form.flodesk.com/forms/ 35 KB
6 KB 200ms
122ms XHR
text/html 2600:9000:223d:b600:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/607c5552afc5dfb8a8471d77
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1691620353010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:b600:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 909af9d3e6be5c9522218d320108b12025172229a895f81f2d02b7ecfa8e05cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: -FvJhV8ZNr96IqS9VjftgsoReU7Iwm0CdKR2Bp5DsObgj6cvFQfNBw==

GET
H2 200 6148973dbc3eea86ee42e677 Show response
form.flodesk.com/forms/ 26 KB
4 KB 398ms
321ms XHR
text/html 2600:9000:223d:b600:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/6148973dbc3eea86ee42e677
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1691620353010
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:b600:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 246e9f1a91b88ff88967db5ca0bed342cb4397b5779e0d6767bc5694156b2ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: lI6A0-tRuhWZLMZOR4EPR_sf9QoJxKU6HB3UyIZrJVSo4S0va95E0w==

GET
H2 204 0
bat.bing.com/action/ 0
287 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17549711&Ver=2&mid=bf2da011-253d-4307-a331-84e004d2c37d&sid=a2152fb0370411ee8dac4d3c67576118&vid=a2154ac0370411eeb7ba199a18bdb492&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Interactive%20Food%20%2B%20Drink%20Experiences%20%7C%20NYC,%20SF,%20LA,%20Virtual%20%7C%20Avital%3A&p=https%3A%2F%2Favitaltours.com%2F&r=&lt=3205&evt=pageLoad&sv=1&rn=691495

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 09 Aug 2023 22:32:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E44B26A4FEC844788F0C8544544E8CE0 Ref B: FRA31EDGE0711 Ref C: 2023-08-09T22:32:33Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mwgt_4.1.js Show response
cdn.jst.ai/ 209 KB
52 KB 75ms
26ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.77
Requested by: Host: d2j3qa5nc37287.cloudfront.net
URL: https://d2j3qa5nc37287.cloudfront.net/coupon_code1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f203eea0727085779ad89e74919e232f3c4da4ee4425a389fab50633262034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 09 Aug 2023 22:32:33 GMT
x-amz-version-id: oYJob8KZw7p4ZFIxtbZak8ZEBF.Uxfzs
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: TYE0F240CYHE5KDE
age: 24134
cf-polished: origSize=283433
x-amz-server-side-encryption: AES256
x-77-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 8Zi8n5AAOKEw43xTVJrgbVv2e1PIANUdxn9oKVPMJuqZ/ENB18e0bh2SH7zSDZj/CgeH/PcyPpI=
x-77-nzt: AcO1qhGMxfPB
cf-bgj: minify
last-modified: Wed, 09 Aug 2023 15:48:41 GMT
server: cloudflare
etag: W/"a6049650a2e45158f8bb157406681fe2"
x-77-nzt-ray: 4c1562244ba255a7bbb5d364de932d0a
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=700000
cf-ray: 7f4374a98fa31cbb-FRA
access-control-allow-headers: *
expires: Fri, 18 Aug 2023 00:59:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936198697/ 3 KB
2 KB 53ms
24ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936198697/?random=1691620353480&cv=11&fst=1691620353480&bg=ffffff&guid=ON&async=1&gtm=45be3870h1&u_w=1600&u_h=1200&url=https%3A%2F%2Favitaltours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Interactive%20Food%20%2B%20Drink%20Experiences%20%7C%20NYC%2C%20SF%2C%20LA%2C%20Virtual%20%7C%20Avital%3A&auid=31729417.1691620353&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-936198697&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fadf42c99db348a2825045095c939bf17c07da10621a063c9d089c828fecfcd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 205ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L4XSDG0T2J&gtm=45je3870&_p=140788285&_gaz=1&cid=1274009989.1691620354&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691620353&sct=1&seg=0&dl=https%3A%2F%2Favitaltours.com%2F&dt=Interactive%20Food%20%2B%20Drink%20Experiences%20%7C%20NYC%2C%20SF%2C%20LA%2C%20Virtual%20%7C%20Avital%3A&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4XSDG0T2J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avitaltours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 215ms
20ms Ping
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L4XSDG0T2J&cid=1274009989.1691620354&gtm=45je3870&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L4XSDG0T2J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avitaltours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 215ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L4XSDG0T2J&cid=1274009989.1691620354&gtm=45je3870&aip=1&z=2033246581

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 189ms
17ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Amiri:400i|Oswald:400

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=7-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d478ae35dab8b467ff5a50c5832b84ad92a10b4a6a6674592188edfb590919a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 22:07:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Aug 2023 22:32:33 GMT

GET
H2 200 h Show response
js.peek.com/ 2 B
65 B 117ms
114ms Fetch
text/plain 199.232.197.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.peek.com/h?tls=null&type=sp_embed_load_complete&lt=null&tl=null&uid=16916203533691170&src=&apik=null&dh=avitaltours.com&path=%2F&btns=0&bdcnt=0&bucnt=0&ls=null&m=0&cfh=0

Requested by

Host: js.peek.com
URL: https://js.peek.com/widget_button.js?ts=7-10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.197.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx / Express

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=3600; includeSubDomains
via: 1.1 google, 1.1 varnish
date: Wed, 09 Aug 2023 22:32:33 GMT
age: 0
x-powered-by: Express
x-cache: MISS
content-length: 2
x-served-by: cache-fra-eddf8230088-FRA
server: nginx
x-timer: S1691620354.574912,VS0,VE104
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 18ms
17ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=140788285&t=pageview&_s=1&dl=https%3A%2F%2Favitaltours.com%2F&ul=en-us&de=UTF-8&dt=Interactive%20Food%20%2B%20Drink%20Experiences%20%7C%20NYC%2C%20SF%2C%20LA%2C%20Virtual%20%7C%20Avital%3A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2059838767&gjid=2023300402&cid=1274009989.1691620354&tid=UA-23918221-1&_gid=430839498.1691620354&_r=1&gtm=457e3870&jsscut=1&z=1138213535

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avitaltours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 258 B
1 KB 139ms
138ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4591768&conversations-embed=static-1.13743&mobile=false&messagesUtk=943a90f82ff148e28487acfdeff79e77&traceId=943a90f82ff148e28487acfdeff79e77

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373f2d73648f365e9d667a3abb0f612fc41141a05a95993e92bd751f152e6931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6d3c7a15-8ab8-4685-84df-2af1fb55a362
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 203
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6d3c7a15-8ab8-4685-84df-2af1fb55a362
server: cloudflare
x-trace: 2B3DB9DC2FC2BC0C0186CCD3B33597FC81716839E7000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://avitaltours.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-6pzmp
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GEKdPS4zIh7%2BK3G68iV6r3CLanNQdo8yvjbUyRdadyWJEHBzVCBYsEzKwHFguE39mTwECiiVYSkSUUUsdPNs6%2Bt%2BB%2FEnvdw8Y1BODTPgevS4T0pnsm01CoufhIPL7drI0t9AHX7FEgt3UBhpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7f4374aadf244d5b-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 css
fonts.googleapis.com/ 23 KB
1 KB 154ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap

Requested by

Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1691620353010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0823fcbfd4b0bd912d1a665b5619ff82cb09e2c2be8eb5bc262c234690659451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 22:15:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Aug 2023 22:32:33 GMT

GET
H2 200 vyz8fzz.css
use.typekit.net/ 2 KB
872 B 158ms
10ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vyz8fzz.css

Requested by

Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1691620353010

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6e40a00802dd80435d72f5d3c16652b9891b6a8e4efc6c7c57d98eb6aea78c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 09 Aug 2023 22:32:33 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 649

GET
H/1.1 200
OK 947.f45864a720019a135d8f.js Show response
assets.flodesk.com/ 32 KB
12 KB 13ms
12ms Script
application/javascript 2600:9000:21f3:3200:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/947.f45864a720019a135d8f.js
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1691620353010
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3200:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddb844d60d2d29ca0a63ec6e005ab18475969232921955a9d6b9be4e8275dd65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 02:33:35 GMT
Content-Encoding: gzip
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 244739
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2023 02:32:59 GMT
Server: AmazonS3
ETag: W/"58e8836adab70573ea5f6b05b391f2a6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: -QodWQyp-AWxNNe41IYdaBEkXp3ZlGGalpnG6QeqM5IqbVmzdES_nQ==

GET
H/1.1 200
OK 650.0adf812821cb3db20b5d.js Show response
assets.flodesk.com/ 17 KB
6 KB 26ms
11ms Script
application/javascript 2600:9000:21f3:3200:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/650.0adf812821cb3db20b5d.js
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1691620353010
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3200:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec5859871ca2c30ea24cb1c80724d81d408afb701f2656852483f57f257f542b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Mon, 07 Aug 2023 02:33:35 GMT
Content-Encoding: gzip
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Age: 244739
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 07 Aug 2023 02:32:59 GMT
Server: AmazonS3
ETag: W/"cd9efbb735b4cb94d9ebb1567824fda8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: hYBSf2tT79PXqFeEL3jFj3ni-FDnfMJKXMmz17Wa6_77WIKL29yGPA==

GET
H2 200 /
www.google.com/pagead/1p-user-list/936198697/ 42 B
455 B 148ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936198697/?random=1691620353480&cv=11&fst=1691618400000&bg=ffffff&guid=ON&async=1&gtm=45be3870h1&u_w=1600&u_h=1200&url=https%3A%2F%2Favitaltours.com%2F&frm=0&tiba=Interactive%20Food%20%2B%20Drink%20Experiences%20%7C%20NYC%2C%20SF%2C%20LA%2C%20Virtual%20%7C%20Avital%3A&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1488306543&rmt_tld=0&ipr=y

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/936198697/ 42 B
154 B 158ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936198697/?random=1691620353480&cv=11&fst=1691618400000&bg=ffffff&guid=ON&async=1&gtm=45be3870h1&u_w=1600&u_h=1200&url=https%3A%2F%2Favitaltours.com%2F&frm=0&tiba=Interactive%20Food%20%2B%20Drink%20Experiences%20%7C%20NYC%2C%20SF%2C%20LA%2C%20Virtual%20%7C%20Avital%3A&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1488306543&rmt_tld=1&ipr=y

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK avital-cocktail-guide_bfb6d4fb-00fb-4ed9-9d3f-832a4c97a1f6.png
usercontent.flodesk.com/f0c0deb2-e558-4172-af22-6a404b9f902f/upload/ 751 KB
752 KB 450ms
325ms Image
image/png 2600:9000:2104:fc00:16:5ccd:c900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usercontent.flodesk.com/f0c0deb2-e558-4172-af22-6a404b9f902f/upload/avital-cocktail-guide_bfb6d4fb-00fb-4ed9-9d3f-832a4c97a1f6.png
Requested by: Host: avitaltours.com
URL: https://avitaltours.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:fc00:16:5ccd:c900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67328c8377c97d0c2d19e8d4a0d818ce422de758ed7fd6def3b357a1272693a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 22:32:34 GMT
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
Last-Modified: Fri, 14 May 2021 18:08:43 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
Etag: "fadcc0d05ce821e14704f60de5f897d2"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 769144
X-Amz-Cf-Id: jsyzcPQD5oTkylUGuQBqsxsfb0D82k34uAUf2LI6DXWU5nAJcMFWtA==

GET
H/1.1 200
OK humanist_521_light.woff
dxvgidz67iahm.cloudfront.net/assets/ 22 KB
23 KB 124ms
13ms Font
application/font-woff 18.66.121.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxvgidz67iahm.cloudfront.net/assets/humanist_521_light.woff
Requested by: Host: pirassets.s3.amazonaws.com
URL: https://pirassets.s3.amazonaws.com/assets/widget_button.css?id=5a7c877bc4c4b4cc5a00000a&ts=7-10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0f775ebbfa1e8ebb7cd071aa5d474d317ec01a499d4dbd1d70fb387ce41b3680

Request headers

Referer: https://pirassets.s3.amazonaws.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 15:10:54 GMT
x-amz-version-id: null
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 26500
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 22846
Last-Modified: Tue, 11 Nov 2014 08:07:00 GMT
Server: AmazonS3
ETag: "515c62fbeddff1e9fcbccd5b92768a8d"
Vary: Origin
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: 7nSDCPnt5G939OW8Dx1p-6DjUX72fPFn9a_frZAn08xItNg6W1TpPg==

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 136 B
1 KB 169ms
151ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=4591768&currentUrl=https%3A%2F%2Favitaltours.com%2F

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0268b589d424a686ee986465b7917ac6c852be4fd6908331002878205beee576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 88c06b9d-ae49-4dfd-aabc-90d3866d824f
content-encoding: br
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 88c06b9d-ae49-4dfd-aabc-90d3866d824f
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://avitaltours.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CFdoCF6WacEzYzg0007AZcSBpaiPGPRUb4e1jEXOyTVf%2F0tCU7ILpTcXjoGpqvTa5K6TRsxT4mD7G4witRnHHbK4c5Z7QpHkrivOzfm2foEm3vu4kAXjokhC2CMoZeyH%2FmGPya2RpCRIUJbAR1X5F6D57cZf5KhKFc%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 7f4374aabf0d4d5b-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-hgnfq

GET
H2 200 store_4.1.html Show response
cdn.jst.ai/ Frame 67D1 2 KB
844 B 31ms
30ms Document
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/store_4.1.html?v=5.77
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.77
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://avitaltours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 7f4374aad8e71cbb-FRA
content-encoding: br
content-type: text/html
date: Wed, 09 Aug 2023 22:32:33 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rw7BbNv/PF4AAA
x-77-nzt-ray: 908339305af946a70114d46408811c2d
x-77-pop: frankfurtDE
x-accel-date: 1691596229
x-age: 24124
x-amz-id-2: iDW1XehIxSQ9bluYrdhH+scmMzcp2sCQqhWb8RkGr8H0cp6kuhwd1s+Jcgcp1jX9nly5zQVeMHk=
x-amz-request-id: 4MVEMDMWX3PAHAPJ
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 115 B
432 B 135ms
120ms XHR
application/json 2606:4700::6811:6dc7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=4591768&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6dc7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

613006b56c570bbb1b8aa138b2ffd5c11a48c7e78a05ec37d763d51f1ceddea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://avitaltours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 880bf39d-9ff3-4522-88b4-897be129eb25
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 880bf39d-9ff3-4522-88b4-897be129eb25
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://avitaltours.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-hq6rz
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7f4374aacc3e2c18-FRA

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 137ms
136ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://avitaltours.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://avitaltours.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f4374a9fe4b4d5b-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 09 Aug 2023 22:32:33 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3JYHvj68em4N1bBtE33mwH10wzqhXPKuU2sF9GW6yvF9WLsnBfogP1FZSqk8IUHsDD8J3p34QyGwc117msqLbEwlwP86QOQ8VIx6nJGhYqHEr2NtP36ds9fiAkd%2F1Pz87jeFp34Cjf0P9hxqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-pnntv
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: f30308a6-64fd-4f72-9060-2e100ffea85b
x-request-id: f30308a6-64fd-4f72-9060-2e100ffea85b
x-trace: 2BC374DE80BB8FCB9CE3D0C54E23E07D8D4D05F5D7000000000000000000

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 83ms
13ms Stylesheet
text/css 2a02:26f0:780::210:a469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vyz8fzz&ht=tk&f=10875.32265&a=12822158&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyz8fzz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 49 KB
49 KB 63ms
31ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 20:49:41 GMT
x-content-type-options: nosniff
age: 438172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:13:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 20:49:41 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 42ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 480574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 09:02:59 GMT

GET
H/1.1 200
OK humanist_521.woff
dxvgidz67iahm.cloudfront.net/assets/ 23 KB
24 KB 29ms
28ms Font
application/font-woff 18.66.121.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxvgidz67iahm.cloudfront.net/assets/humanist_521.woff
Requested by: Host: pirassets.s3.amazonaws.com
URL: https://pirassets.s3.amazonaws.com/assets/widget_button.css?id=5a7c877bc4c4b4cc5a00000a&ts=7-10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e916483d82890f81479f8fcc733ddc42ece45f97d974220629897319f8b29c14

Request headers

Referer: https://pirassets.s3.amazonaws.com/
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 15:10:54 GMT
x-amz-version-id: null
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 26500
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 23504
Last-Modified: Tue, 11 Nov 2014 08:07:05 GMT
Server: AmazonS3
ETag: "248a6a1c1059bfbd2c7dcd283415bba6"
Vary: Origin
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: oiPeJ-UB2JoMvIuUhcGu1YA_-CZwwkr_PcjLE1LSdY4IDSar6F2V9g==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c03::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23918221-1&cid=1274009989.1691620354&jid=2059838767&gjid=2023300402&_gid=430839498.1691620354&_u=YADAAUAAAAAAACAAI~&z=1337011099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://avitaltours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Aug 2023 22:32:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://avitaltours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK counters.gif
forms.hsforms.com/embed/v3/ 35 B
1017 B 179ms
146ms Image
image/gif 2606:4700::6811:d2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 22:32:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 137be367-1f2c-490d-9e4b-ed98ae0326d6
x-envoy-upstream-service-time: 25
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 137be367-1f2c-490d-9e4b-ed98ae0326d6
Server: cloudflare
X-Trace: 2B12667CFB8954637C8C87D4E4ABA7ECFB61B79362000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-lvqkb
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 7f4374abdc6b0472-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 25ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23918221-1&cid=1274009989.1691620354&jid=2059838767&_u=YADAAUAAAAAAACAAI~&z=192836217

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 23ms
19ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23918221-1&cid=1274009989.1691620354&jid=2059838767&_u=YADAAUAAAAAAACAAI~&z=192836217

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 22:32:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E9EC 0
48 B 10ms
7ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://avitaltours.com
Referer: https://avitaltours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://avitaltours.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 09 Aug 2023 22:32:33 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 events Show response
form.flodesk.com/forms/6148973dbc3eea86ee42e677/ 5 B
275 B 117ms
115ms XHR
application/json 2600:9000:223d:b600:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/6148973dbc3eea86ee42e677/events
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/650.0adf812821cb3db20b5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:b600:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 12cf623b335ff94b09f6ad5b8a1872467473da89059ac87ab383a8caee35d064

Request headers

Referer: https://avitaltours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 09 Aug 2023 22:32:34 GMT
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 5
x-amz-cf-id: C54Ew9aWUgS1mhRWGqKTk_924lhxDBu7s8xKj0eq_oWTs-DPPWVc0w==

OPTIONS
H2 200 events
form.flodesk.com/forms/6148973dbc3eea86ee42e677/ Frame 0
0 102ms
101ms Preflight 2600:9000:223d:b600:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/6148973dbc3eea86ee42e677/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:b600:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://avitaltours.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Wed, 09 Aug 2023 22:32:33 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-cf-id: mCnH_mOoY8COZWtycrvfVtqsLRKpb3fRGTZRHZVRQyzpjWNs7cHMVA==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront

GET
H2 200 l
use.typekit.net/af/cfbead/0000000000000000000146b3/27/ 23 KB
23 KB 35ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cfbead/0000000000000000000146b3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vyz8fzz.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097

Request headers

Referer: https://use.typekit.net/vyz8fzz.css
Origin: https://avitaltours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:33 GMT
server: nginx
etag: "122498e3424e674610da39fb441d661549879239"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23244

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 157ms
118ms Image
image/gif 2606:4700::6811:d5f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: avitaltours.com
URL: https://avitaltours.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 22:32:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: a3e329ab-19ea-45fb-9b70-085f1d1e8fc4
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a3e329ab-19ea-45fb-9b70-085f1d1e8fc4
Last-Modified: Wed, 09 Aug 2023 22:32:34 GMT
Server: cloudflare
X-Trace: 2B886D351399CD886877A71118C3BCE4FDBA9D14F1000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-tkh7m
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 7f4374ac3c982bcd-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 161ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=249479340&v=1.1&a=4591768&ct=standard-page&rcu=https%3A%2F%2Favitaltours.com%2F&pu=https%3A%2F%2Favitaltours.com%2F&t=Interactive+Food+%2B+Drink+Experiences+%7C+NYC%2C+SF%2C+LA%2C+Virtual+%7C+Avital%3A&cts=1691620354559&vi=73e36e6329cc62cdf8ab56b31f5d16ea&nc=true&u=64237808.73e36e6329cc62cdf8ab56b31f5d16ea.1691620354554.1691620354554.1691620354554.1&b=64237808.1.1691620354555&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1381a25f-21ed-4942-bf95-ad32400bb0d1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1381a25f-21ed-4942-bf95-ad32400bb0d1
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUfLooxyx9BxzTuf2Lq6CA1WEObAr7BHQGXxkz0xv7omYz%2BfE8KZwEloZi84mxEvTPF3SIj1INIHhWPRARVbM6iiclABYavwadOACA5I34SJd%2F10ZyNjh9uVdroL%2BUjTvqDIyzoLxvfe9Zgxg665"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-v5xhn
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7f4374b02fe8925c-FRA
x-robots-tag: none

GET
H2 200 account_config_4.1.html Show response
my.jst.ai/ajax/ 184 B
312 B 133ms
132ms Script
application/json 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=3BAED963-BE5D-462C-85AE-71A66CF8AF30&p=0&cm=0&pl=33
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0//jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5307034f8a45c9ed9bd0533d551267baa57861b6b90a0ef2901f3ac82f0fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:34 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 15:32:34 PST
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; Charset=UTF-8
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
cache-control: no-store,private
cf-ray: 7f4374b0fc559193-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
alt-svc: h3=":443"; ma=86400
expires: Wed, 09 Aug 2023 22:32:34 GMT

GET
H2 200 findp Show response
aly.jst.ai/api/session/ 1 KB
865 B 173ms
127ms Script
application/javascript 2606:4700::6811:ca35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=3BAED963-BE5D-462C-85AE-71A66CF8AF30&genhash=&device_static_hash=&userid_hash=&pageId=gn59pl&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Favitaltours.com&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&sw=1600&sh=1200
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0//jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:ca35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca56274f51f99f3b080d4c1c736e52726b445e6cfda7d0293fd529478665cbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 22:32:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DAV, content-length, Allow
access-control-allow-credentials: true
cf-ray: 7f4374b14a498ff4-FRA
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
alt-svc: h3=":443"; ma=86400

GET
H3 200 store_4.1.html Show response
cdn.jst.ai/ Frame 0407 2 KB
1 KB 31ms
30ms Document
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/store_4.1.html?v=5.77
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.77
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://avitaltours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 7f4374b219645b4a-FRA
content-encoding: br
content-type: text/html
date: Wed, 09 Aug 2023 22:32:34 GMT
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AcO1rw7VP5L/PV4AAA
x-77-nzt-ray: 90833930771111b90214d46489f64636
x-77-pop: frankfurtDE
x-accel-date: 1691596229
x-age: 24125
x-amz-id-2: iDW1XehIxSQ9bluYrdhH+scmMzcp2sCQqhWb8RkGr8H0cp6kuhwd1s+Jcgcp1jX9nly5zQVeMHk=
x-amz-request-id: 4MVEMDMWX3PAHAPJ
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H/1.1 200
OK 70fd1963-ef40-4059-9fc9-45ec1c3e16f0
js.logentries.com/v1/logs/ 45 B
252 B 155ms
30ms Image
image/gif 54.194.201.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js.logentries.com/v1/logs/70fd1963-ef40-4059-9fc9-45ec1c3e16f0?e=eyJ0eXBlIjoicGFnZVZpZXciLCJ1aWQiOjE2OTE2MjAzNTQ5MzIzNDMyLCJzcmMiOiJwYWdlIiwiYWlkIjpudWxsLCJkaCI6ImF2aXRhbHRvdXJzLmNvbSIsInBhdGgiOiIlMkYiLCJidG5zIjowLCJjYWxzIjowLCJiZGNudCI6MH0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.201.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-201-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://avitaltours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Wed, 09 Aug 2023 22:32:35 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 45
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

384 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avitaltours.com/	1970-01-20 16:03:16	Name: _gcl_au Value: 1.1.31729417.1691620353
.avitaltours.com/	1970-01-20 18:15:45	Name: gaconnector_GA_Measurement_ID Value: UA-23918221-1
.avitaltours.com/	1970-01-20 18:15:45	Name: gaconnector_pages_visited_list Value: /
my.jst.ai/	1970-01-20 13:53:42	Name: __cflb Value: 04dToS6decDvtn94xCdmQthrL5q991KgegQ45AyWNm
.avitaltours.com/	1970-01-20 18:15:45	Name: gaconnector_page_visits Value: 2
.avitaltours.com/	1970-01-20 16:03:16	Name: _fbp Value: fb.1.1691620353332.983226715
.avitaltours.com/	1970-01-20 13:55:06	Name: _uetsid Value: a2152fb0370411ee8dac4d3c67576118
.avitaltours.com/	1970-01-20 23:15:16	Name: _uetvid Value: a2154ac0370411eeb7ba199a18bdb492
avitaltours.com/	1970-01-20 13:53:42	Name: _ju_v Value: 4.1_5.77
.bing.com/	1970-01-20 23:15:16	Name: MUID Value: 29496FD20EA168A8009D7CBA0F0D6930
.avitaltours.com/	1970-01-20 18:15:45	Name: gaconnector_all_traffic_sources Value: undefined/undefined, undefined/undefined
.doubleclick.net/	1970-01-20 13:53:41	Name: test_cookie Value: CheckForPermission
.avitaltours.com/	1970-01-20 23:29:40	Name: _ga_L4XSDG0T2J Value: GS1.1.1691620353.1.0.1691620353.60.0.0
.avitaltours.com/	1970-01-20 23:29:40	Name: _ga Value: GA1.2.1274009989.1691620354
.avitaltours.com/	1970-01-20 13:55:06	Name: _gid Value: GA1.2.430839498.1691620354
.avitaltours.com/	1970-01-20 13:53:40	Name: _gat_gtag_UA_23918221_1 Value: 1
.avitaltours.com/	1970-01-20 18:15:45	Name: gaconnector_GA_Client_ID Value: 1274009989.1691620354
.linkedin.com/	1970-01-20 16:03:16	Name: li_sugr Value: 19fef8af-3d9b-4d62-a0b1-80a7190c5e6a
.linkedin.com/	1970-01-20 22:39:16	Name: bcookie Value: "v=2&4e72cc9c-c50f-4da6-884c-d964b47999a1"
.linkedin.com/	1970-01-20 13:55:06	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3023:u=1:x=1:i=1691620353:t=1691706753:v=2:sig=AQFWB5QLc2DMLM9GAybxRNDlyVxsj4Ww"
.avitaltours.com/	1970-01-20 13:55:06	Name: _ju_dm Value: cookie
.avitaltours.com/	1970-01-20 14:36:52	Name: _ju_dn Value: 1
avitaltours.com/	1970-01-20 13:55:06	Name: ln_or Value: eyI1NzIyMjYiOiJkIn0%3D
.linkedin.com/	1970-01-20 14:36:52	Name: UserMatchHistory Value: AQKa4hW22RgxKAAAAYncbibKdAyIcS7aGRIgyEpqeTqCsekcvQdNE70m7gWf9Oq-B4VimMNnZLopgw
.linkedin.com/	1970-01-20 14:36:52	Name: AnalyticsSyncHistory Value: AQI1BHbNrRCjogAAAYncbibKqXCfrZ_D203PCQceNfd4_iVECJNn0onbbFHsBu99zBGCksBwbLXhY5hog9qCzw
.www.linkedin.com/	1970-01-20 22:39:16	Name: bscookie Value: "v=1&202308092232334b3a9dc4-a71e-4c3a-8e04-3960a65f757fAQEnV80HKHMVM2PjDmVRD2Mmm3uIGKvi"
.linkedin.com/	1970-01-20 18:12:52	Name: li_gc Value: MTswOzE2OTE2MjAzNTM7MjswMjECtIQMuPt2AtPFV0GwiUvg6Mgn1E6xXX9Y1/C1IEmEoQ==
.avitaltours.com/	1970-01-20 18:12:52	Name: __hstc Value: 64237808.73e36e6329cc62cdf8ab56b31f5d16ea.1691620354554.1691620354554.1691620354554.1
.avitaltours.com/	1970-01-20 18:12:52	Name: hubspotutk Value: 73e36e6329cc62cdf8ab56b31f5d16ea
.avitaltours.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.avitaltours.com/	1970-01-20 13:53:42	Name: __hssc Value: 64237808.1.1691620354555
.hubspot.com/	1970-01-20 13:53:42	Name: __cf_bm Value: DVqo96Vp7cHlfkVrz1wX0XXDnG2IQK9sE5UQEse0K0Q-1691620354-0-AVGWtrX7VGlB0hUOUCBnz31dRCAzfJG1pbYCWmmMOSBBzRrVl/9DqOWylWYHDVgHGdeWbWq8bTLVdmH5HYhT8KQ=
aly.jst.ai/	1970-01-20 13:53:42	Name: __cflb Value: 0H28w1Xe92a6MDGAYhusqbdskXm88bFcBQcv46Y2Xnm
.avitaltours.com/	1970-01-20 22:39:16	Name: _ju_dc Value: a2f261ee-3704-11ee-94cf-53532c127728
.avitaltours.com/	1970-01-20 13:53:42	Name: _ju_pn Value: 1
.avitaltours.com/	1970-01-20 18:15:45	Name: gaconnector_time_passed Value: 5003

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://avitaltours.com/wp-content/themes/avitaltours_2018/stylesheets/inc/loading.gif Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
aly.jst.ai
api.hubspot.com
assets.flodesk.com
avitaltours.com
bat.bing.com
cdn-images.mailchimp.com
cdn.jst.ai
cdn.linkedin.oribi.io
connect.facebook.net
cta-service-cms2.hubspot.com
d2j3qa5nc37287.cloudfront.net
dxvgidz67iahm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
forms.hscollectedforms.net
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hubspot.com
js.logentries.com
js.peek.com
js.usemessages.com
my.jst.ai
p.typekit.net
perf-na1.hsforms.com
pirassets.s3.amazonaws.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
snap.licdn.com
static.addtoany.com
stats.g.doubleclick.net
track.hubspot.com
tracker.gaconnector.com
use.typekit.net
usercontent.flodesk.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
18.66.121.142
18.66.121.91
18.66.127.89
192.124.249.69
199.232.197.208
2001:4860:4802:34::36
2600:9000:2104:fc00:16:5ccd:c900:93a1
2600:9000:21f3:3200:f:b2f5:a240:93a1
2600:9000:2204:ba00:15:a0d3:77c0:93a1
2600:9000:2204:fa00:2:53b2:240:93a1
2600:9000:223d:b600:f:9de7:2240:93a1
2606:4700:10::6816:46c5
2606:4700:20::681a:26e
2606:4700::6810:88ce
2606:4700::6811:65ac
2606:4700::6811:6dc7
2606:4700::6811:ca35
2606:4700::6811:cb35
2606:4700::6811:d2f3
2606:4700::6811:d5f3
2606:4700::6812:18c4
2606:4700::6812:893b
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c03::9a
2a02:26f0:3500:16::215:148d
2a02:26f0:3500:16::215:148f
2a02:26f0:780::210:a469
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.216.146.99
54.194.201.196
01c2f73dd09b8641a77b3430c7a3bc9070b735ad0b99a5ecae0c7d14527f61e2
0268b589d424a686ee986465b7917ac6c852be4fd6908331002878205beee576
026c249acda71b64fe2510542d88ae26073694f89b595b1fd0e9f3ad501bf6b4
05d18955853a018a783dde77bcf072fb4e36df5bffafefb7be0e5e97411ab092
0823fcbfd4b0bd912d1a665b5619ff82cb09e2c2be8eb5bc262c234690659451
0b1c11dd51f23595b54668926ef84c61133e278bce1e9a217c0dc89a9659d684
0f775ebbfa1e8ebb7cd071aa5d474d317ec01a499d4dbd1d70fb387ce41b3680
12cf623b335ff94b09f6ad5b8a1872467473da89059ac87ab383a8caee35d064
1547ceb6fe608dff1c98ec8f6b8a0d743df58901ca175a54c48abf3fcb9f86a1
18a126264ccf1b57353c1716284f1938d97f6c9c1107b42f0f5f1119fdc8bd5f
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c3a051b35b81ed63635b80d6ba1b5771441785b24ac67c5f1676c210b829eab
246e9f1a91b88ff88967db5ca0bed342cb4397b5779e0d6767bc5694156b2ac5
2d5307034f8a45c9ed9bd0533d551267baa57861b6b90a0ef2901f3ac82f0fb2
2de35677df9a82401950a9ce87ab92890b86218db8e8ba8d4a28269eae2854c0
2f472251b6b4a4a8d7ceed7539cb6ebea71caf28bccc0beda7a6866a6847b53e
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
373f2d73648f365e9d667a3abb0f612fc41141a05a95993e92bd751f152e6931
3d64fe6f42ea361aead5503e96adc170376553fddd3c2350d04e4e71b98b9942
437eedd9273d04ff5d0b0483ee694335c4c337c4edbeefa75fbd01212c7a41e8
43b7f0f2982dde0f2d7bce14be624d32410018455c03d3cf6158d925055d61ef
49429106d2f2556524afb0bfefa7c73590ddd3f474c269353f73793ed920820b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9687af855e3702920c9feedcf07596807bf43bcd8de0b543ffee66f98e1a22
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
53dd72fe41db7f0d7264af4a11371e2716e353350b1682c34a9c15b2a9af7345
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57571455236ce0efac1b6446d6730bc7e403351e8346016303570bd99262b797
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0
613006b56c570bbb1b8aa138b2ffd5c11a48c7e78a05ec37d763d51f1ceddea9
614353ad90b59859d111609e403f1860f6f3b5df2b619e6194a1d4857b292ad5
66f203eea0727085779ad89e74919e232f3c4da4ee4425a389fab50633262034
67328c8377c97d0c2d19e8d4a0d818ce422de758ed7fd6def3b357a1272693a8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ca725f4899c25c99bed2e42020974490efc9f9937bd22fd92be87dbc96ff8ce
6dad51367cc1a35b2040ab31e503643b230e70661d4d596dc647f90b6b1c7ac5
6e2a80706729933b0733a1c1588fcd0115055d4bcfd98bcd5e44bc4013ceadf3
6e40a00802dd80435d72f5d3c16652b9891b6a8e4efc6c7c57d98eb6aea78c40
71901b7f9f706416ccdb8d706f71494eea5cf61c5914dd287eb7f5cb29f51ca4
744ec41958e3aa8cd8ff639e83bd7a45226c201ca0bc2093c7d99ea0b339f096
772f19bc4c8581eb61074e68fbbac11e4c38d6b8a7b23d023f8389e03c58fe11
776b3d0d32f369a11741b6d7f384f35b0691a8a8a315f449f27cf49f42a42657
7938aa8936a483cabb91bafd0ef41ec691d97d785ce9fcc87775bd9790374fac
798342a1dc3726c584b79678391a92584f33798b1a9fd0186dc52e4a1318c810
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ce8be7848514c20f7f1b598091253b36237522af599c2f0eb66cc9c0d3af3c8
802165e526af0da1a2f767bda6322e6503bc1bfd88ae31b28bdf64cef91dadbe
8164c02d1f5d2d928752a22c3c5b11c3433331833b028cb7d5a34d9f7bdf5245
84b34e8d2e5e6a97c43484bd636c2b602ab368c52f96199a65a7224519007693
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875f8e591b4fbc6567e2b33553bea9ca2d0e18593bd857783a569fe7bf4ba097
8a1e062ac5d2749fc6c23649c9279bda04608d752eb0e7901b6f6e289b165b82
8eb6802b29b3b06d2b05a5457fd366396bb0ad825187239a4ae13300e68d0870
8f6d93e567b10a60389690bc82dfd7a0f84e8478152e59d2c5210598fe4841ce
909af9d3e6be5c9522218d320108b12025172229a895f81f2d02b7ecfa8e05cf
92545ae7b38b727089c99033d3557a18ee913a608fe8b26fb24973eb8660f17d
992ed9ebcdf550a20fe62e377bdd1b0eb337173a374234bec501b74080adbc48
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9dea0da18cf7f047a240a42c74ce0af5aaaa5894ece84f54ce311202aa3a0853
a2b52f4819c133bc281608895d14021d514a47cb8300a6d671226785319813f0
a3b258b4145c578d58836b9c4b98f32857a242d74a638584b1c32b22c7120198
abf75fd7094f448b11d7a8a176fd66c6f9c452c95cfcd8f5e4e164d287af4a27
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b06a74b7b35bf223a5e695431ce6f0e9897dc39bc856f23b40e7be5074ad9a88
b0cef12e7cae22af7f8d6572e933e3902d1bd2512e38ca71176b80cc596f5460
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3e662fe998b5a14cd5e1944705af7f4aa7f59882702f0536f0a803272aace79
b62aa84965dbf9d7f7235bd4012fc653174af3cbdd45f8bc442fea63d49e6e42
b6f4e220da1d394544fa342b883483af7f0294f92a7c988f6606ae78775d6aba
c786f897446b5af440503b9b67db4f87c652f9893bcd62e6d144f05933b671c8
ca246a2ca1e03c4b4480b54db971a6c75f61cf96c281ac43527596e498f70753
cb34d2ee2a93fd11b734c124a6fc661339585c63382d08eb31bf921b66519eac
ce5c276d49c4b5106351f16f523521fd6c4a06dcc0f74140331a1d7d779c93d3
d478ae35dab8b467ff5a50c5832b84ad92a10b4a6a6674592188edfb590919a2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dca56274f51f99f3b080d4c1c736e52726b445e6cfda7d0293fd529478665cbf
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dd886a200de027927efa457c2b4fa3ef4dd8555e1dbb441ba46d9fed398dedd3
ddb844d60d2d29ca0a63ec6e005ab18475969232921955a9d6b9be4e8275dd65
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de52d55ca3dbe498e35724fa83bc284e1f3589aa4d69e6b191055578696ee44f
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cffada9c9643f6e548214c3b0ff4e1d38618140c50b0ee57babab145160eba
e916483d82890f81479f8fcc733ddc42ece45f97d974220629897319f8b29c14
ec5859871ca2c30ea24cb1c80724d81d408afb701f2656852483f57f257f542b
ecae458a3e4abf2944460641c9ab1cc1b16fa5c8adfb0586c048d306e7dce940
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fa3dd06787441f0a3a4485e4bc8cf64b4ea7a7ddf144ea1b8e9d970fa372fcba
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fadf42c99db348a2825045095c939bf17c07da10621a063c9d089c828fecfcd5

avitaltours.com Open in urlscan Pro 192.124.249.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

99 %HTTPS

81 %IPv6

32 Domains

48 Subdomains

41 IPs

4 Countries

2780 kBTransfer

5206 kBSize

36 Cookies

0 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

avitaltours.com Open in urlscan Pro
192.124.249.69 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

99 %
HTTPS

81 %
IPv6

32
Domains

48
Subdomains

41
IPs

4
Countries

2780 kB
Transfer

5206 kB
Size

36
Cookies

111 HTTP transactions
0 data transactions