avantstay.com Open in urlscan Pro
18.66.192.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://links.avantstay.com/u/click?_t=9ed27804d6c64eac9a223d70cb8980cb&_m=d96c54d51f7e4de6b850f149451e8e73&_e=aqj7nKVMW4qJo...
Effective URL:
https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=emai...
Submission: On September 26 via api (September 26th 2024, 7:15:05 pm UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 32 domains to perform 138 HTTP transactions. The main IP is 18.66.192.38, located in United States and belongs to AMAZON-02, US. The main domain is avantstay.com. The Cisco Umbrella rank of the primary domain is 982834.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 7th 2023. Valid for: a year.

This is the only time avantstay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.85.65.113 52.85.65.113	16509 (AMAZON-02) (AMAZON-02)
24	18.66.192.38 18.66.192.38	16509 (AMAZON-02) (AMAZON-02)
8	52.15.224.98 52.15.224.98	16509 (AMAZON-02) (AMAZON-02)
3	44.237.246.103 44.237.246.103	16509 (AMAZON-02) (AMAZON-02)
4	172.66.0.33 172.66.0.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
15	13.35.58.148 13.35.58.148	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:f600:f:7aac:d8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.159.140.33 162.159.140.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.154.36 18.173.154.36	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	44.240.52.117 44.240.52.117	16509 (AMAZON-02) (AMAZON-02)
3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::84	54113 (FASTLY) (FASTLY)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
4	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2 2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
3	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.36.102 108.138.36.102	16509 (AMAZON-02) (AMAZON-02)
1	18.173.187.71 18.173.187.71	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
2	216.58.206.78 216.58.206.78	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1 6	44.241.211.120 44.241.211.120	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	2600:9000:26d... 2600:9000:26da:9600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.64.147.18 172.64.147.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:a13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:f61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2398	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:85f1:58fc:1ae3:edf7	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
138	44

1 52.85.65.113 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-65-113.muc50.r.cloudfront.net

links.avantstay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 18.66.192.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-38.muc50.r.cloudfront.net

avantstay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.15.224.98 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-224-98.us-east-2.compute.amazonaws.com

arriere.prod.avantstay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.237.246.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-246-103.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.66.0.33 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn1.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-cf.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 13.35.58.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-148.fra60.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:f600:f:7aac:d8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

imglite.avantstay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.33 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-assets.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-36.muc50.r.cloudfront.net

tracker.affirm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.240.52.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-102.muc50.r.cloudfront.net

sleeknotecustomerscripts.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-71.muc50.r.cloudfront.net

s.opensend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.78 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f14.1e100.net

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.241.211.120 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-211-120.us-west-2.compute.amazonaws.com

oirt.aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:9600:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.18 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a13 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:f61 (United States)

ASN13335 (CLOUDFLARENET, US)

wisepops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2398 (United States)

ASN13335 (CLOUDFLARENET, US)

sync-transcend-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:85f1:58fc:1ae3:edf7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:b13 (United States)

ASN13335 (CLOUDFLARENET, US)

activity.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	avantstay.com 1 redirects links.avantstay.com avantstay.com — Cisco Umbrella Rank: 982834 arriere.prod.avantstay.com imglite.avantstay.com	998 KB
15	segment.com cdn.segment.com — Cisco Umbrella Rank: 2021	192 KB
10	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 981	8 KB
6	aggle.net 1 redirects oirt.aggle.net — Cisco Umbrella Rank: 50437	2 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	6 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	22 KB
6	affirm.com cdn1.affirm.com — Cisco Umbrella Rank: 7968 api-cf.affirm.com — Cisco Umbrella Rank: 8481 www.affirm.com — Cisco Umbrella Rank: 7863 cdn-assets.affirm.com — Cisco Umbrella Rank: 8159 tracker.affirm.com — Cisco Umbrella Rank: 10662	155 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4111 google.com — Cisco Umbrella Rank: 1	611 B
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 stats.g.doubleclick.net — Cisco Umbrella Rank: 152	722 B
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2363 rs.fullstory.com — Cisco Umbrella Rank: 2475	82 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 358 px4.ads.linkedin.com — Cisco Umbrella Rank: 6989	3 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 378	15 KB
3	wisepops.net wisepops.net — Cisco Umbrella Rank: 15471	32 KB
3	wisepops.com 1 redirects loader.wisepops.com — Cisco Umbrella Rank: 21863 activity.wisepops.com — Cisco Umbrella Rank: 20271	925 B
3	google.de www.google.de — Cisco Umbrella Rank: 9833	191 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	319 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	25 KB
3	segment.io api.segment.io — Cisco Umbrella Rank: 1428	514 B
3	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 7403 flask.nextdoor.com — Cisco Umbrella Rank: 6935	4 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122	51 KB
2	adroll.com s.adroll.com — Cisco Umbrella Rank: 3879 d.adroll.com — Cisco Umbrella Rank: 1844	30 KB
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1133	610 B
2	t.co t.co — Cisco Umbrella Rank: 857	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1103	25 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	74 KB
1	sync-transcend-cdn.com sync-transcend-cdn.com — Cisco Umbrella Rank: 84751
1	transcend-cdn.com transcend-cdn.com — Cisco Umbrella Rank: 6089	44 KB
1	opensend.com s.opensend.com — Cisco Umbrella Rank: 106120	10 KB
1	sleeknote.com sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 23309	489 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 906	14 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 989	15 KB
0	amazonaws.com Failed s3-us-west-2.amazonaws.com Failed
138	32

	Domain	Requested by
24	avantstay.com	avantstay.com
15	cdn.segment.com	avantstay.com cdn.segment.com
10	ct.pinterest.com	s.pinimg.com cdn.segment.com edge.fullstory.com
8	arriere.prod.avantstay.com	avantstay.com
6	oirt.aggle.net	1 redirects edge.fullstory.com
6	www.facebook.com	avantstay.com
6	www.google-analytics.com	avantstay.com www.google-analytics.com www.googletagmanager.com
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	bat.bing.com	cdn.segment.com bat.bing.com avantstay.com
3	wisepops.net	edge.fullstory.com
3	px.ads.linkedin.com	1 redirects edge.fullstory.com
3	rs.fullstory.com	edge.fullstory.com
3	www.google.de	avantstay.com
3	www.googletagmanager.com	cdn.segment.com www.googletagmanager.com
3	www.googleadservices.com	cdn.segment.com www.googleadservices.com
3	api.segment.io	cdn.segment.com
2	activity.wisepops.com	edge.fullstory.com
2	pagead2.googlesyndication.com	avantstay.com
2	google.com	www.googletagmanager.com
2	www.google.com	2 redirects
2	analytics.twitter.com	avantstay.com
2	t.co	avantstay.com
2	s.pinimg.com	cdn.segment.com s.pinimg.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	edge.fullstory.com	cdn.segment.com edge.fullstory.com
2	www.affirm.com	cdn1.affirm.com
2	flask.nextdoor.com	avantstay.com
1	d.adroll.com	transcend-cdn.com
1	sync-transcend-cdn.com	transcend-cdn.com
1	loader.wisepops.com	1 redirects
1	transcend-cdn.com	avantstay.com
1	s.adroll.com	avantstay.com
1	px4.ads.linkedin.com	avantstay.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	edge.fullstory.com
1	s.opensend.com	avantstay.com
1	sleeknotecustomerscripts.sleeknote.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	cdn.segment.com
1	tracker.affirm.com	cdn1.affirm.com
1	cdn-assets.affirm.com	cdn1.affirm.com
1	api-cf.affirm.com	cdn1.affirm.com
1	imglite.avantstay.com	avantstay.com
1	cdn1.affirm.com	avantstay.com
1	ads.nextdoor.com	avantstay.com
1	links.avantstay.com	1 redirects
0	s3-us-west-2.amazonaws.com Failed	avantstay.com
138	47

This site contains links to these domains. Also see Links.

Domain
lighthouse.avantstay.com
dos.ny.gov
avantstay-public-assets.s3.us-west-1.amazonaws.com
www.trec.texas.gov
trends.avantstay.com
go.avantstay.com
shop.avantstay.com
help.avantstay.com
avantstay.workable.com
instagram.com
facebook.com
www.linkedin.com
www.glassdoor.com
privacy.avantstay.com
www.affirm.com

Subject Issuer	Validity	Valid
avantstay.com Amazon RSA 2048 M03	`2023-11-07` - `2024-12-05`	a year	crt.sh
*.prod.avantstay.com Amazon RSA 2048 M02	`2024-07-21` - `2025-08-18`	a year	crt.sh
nextdoor.com Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
affirm.com WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
edge.fullstory.com WR3	`2024-08-24` - `2024-11-22`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.googleadservices.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
t.co E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-19` - `2025-08-18`	a year	crt.sh
rs.fullstory.com WR3	`2024-08-25` - `2024-11-23`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.sleeknote.com Amazon RSA 2048 M02	`2024-01-23` - `2025-02-18`	a year	crt.sh
aggle.net Amazon RSA 2048 M02	`2024-05-24` - `2025-06-23`	a year	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
transcend-cdn.com WE1	`2024-09-13` - `2024-12-12`	3 months	crt.sh
sync-transcend-cdn.com WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
d.adroll.com Amazon RSA 2048 M02	`2024-09-09` - `2025-10-09`	a year	crt.sh
wisepops.net WE1	`2024-09-17` - `2024-12-16`	3 months	crt.sh
wisepops.com WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
Frame ID: 795E5A5E44E3B74F3809611B93610FFB
Requests: 129 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 1B66DCF8A73FC597E37663337962E615
Requests: 1 HTTP requests in this frame

Frame: https://sync-transcend-cdn.com/consent-manager/0da81816-85d0-49f5-ab1e-1d4328f81fee
Frame ID: 30D98395B4CF27D21043D335483CEFCC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Share and Earn - AvantStay

Page URL History Show full URLs

https://links.avantstay.com/u/click?_t=9ed27804d6c64eac9a223d70cb8980cb&_m=d96c54d51f7e4de6b850f149451e8... HTTP 303
https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=ref... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

138
Requests

96 %
HTTPS

35 %
IPv6

32
Domains

47
Subdomains

44
IPs

5
Countries

2128 kB
Transfer

6453 kB
Size

44
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://lighthouse.avantstay.com/
Title: Homeowner Portal

Search URL Search Domain Scan URL

URL: https://dos.ny.gov/system/files/documents/2021/08/fairhousingnotice.pdf
Title: NY STATE FAIR HOUSING NOTICE • NY STATE HUMAN RIGHTS LAW •

Search URL Search Domain Scan URL

URL: https://avantstay-public-assets.s3.us-west-1.amazonaws.com/assets/Documents/New+York+Compliance+SOP.pdf
Title: NY STANDARDIZED OPERATING PROCEDURE FOR PURCHASERS OF REAL ESTATE •

Search URL Search Domain Scan URL

URL: https://avantstay-public-assets.s3.us-west-1.amazonaws.com/assets/Documents/NY+Reasonable+Accomodation+Notice.pdf
Title: NY NOTICE DISCLOSING TENANTS’ RIGHTS TO REASONABLE ACCOMMODATIONS •

Search URL Search Domain Scan URL

URL: https://www.trec.texas.gov/sites/default/files/pdf-forms/IABS%201-0.pdf
Title: TX REAL ESTATE COMMISSION INFORMATION ABOUT BROKERAGE SERVICES

Search URL Search Domain Scan URL

URL: https://trends.avantstay.com/
Title: Vacation Rental Trends

Search URL Search Domain Scan URL

URL: https://go.avantstay.com/protect-your-stay/
Title: Protect Your Stay

Search URL Search Domain Scan URL

URL: https://shop.avantstay.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://help.avantstay.com/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://avantstay.workable.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://instagram.com/avantstay
Title: InstagramInstagram

Search URL Search Domain Scan URL

URL: https://facebook.com/avantstay
Title: FacebookFacebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/avantstay
Title: LinkedInLinkedIn

Search URL Search Domain Scan URL

URL: https://www.glassdoor.com/Reviews/AvantStay-Reviews-E1723986.htm
Title: GlassdoorGlassdoor

Search URL Search Domain Scan URL

URL: https://privacy.avantstay.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.affirm.com/disclosures
Title: Affirm Disclosures

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://links.avantstay.com/u/click?_t=9ed27804d6c64eac9a223d70cb8980cb&_m=d96c54d51f7e4de6b850f149451e8e73&_e=aqj7nKVMW4qJomIKYEHrVyXeAXHZYtdHjDPeURb5sM3Isffa0gzxR-nhrANXtpcAO4XtQhg89u_DGxNNYAf8C8zLswO08rBqSBWPytJ827U-lcMx2UJLLzbWpOMRVbx6g-P1g7nBPDesp2CplT3J45eSfNpB-s_xaFiRMAxuTkusGqSdq-1dqrZRqXgZaPxgPFm0OyaCkIwxTt1wopqBvVMJjmq2vAmYzH2O5a95zrBlG5BBiv8ZW7ruaq2ZE0qtIZkeY255rTi4tYBjUh3P77OU-ADZsH34pEks-5LCnGpkr2zcuRle04aA1a9hhrBk4tWtX1ejhv-7Zxu4GZ-Y4m6rlML5EVrYNenO8MyKmhfFt8hhW5koYDD4Lo3cyUu7GJ4I4kWY-oLt2C0cO0-A2u39KkRWnaqVTxGP-n8wNzM= HTTP 303
https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI3d7l66jhiAMVrZf9Bx2lOwvDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI3d7l66jhiAMVrZf9Bx2lOwvDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfDdAWDsFCzW-JyF7K-eUWYdBJxGLMxg&random=841085919&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI3d7l66jhiAMVrZf9Bx2lOwvDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfDdAWDsFCzW-JyF7K-eUWYdBJxGLMxg&random=841085919&resp=GooglemKTybQhCsO&ipr=y

Request Chain 75

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9Dm66jhiAMVvKD9Bx1ahQO8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9Dm66jhiAMVvKD9Bx1ahQO8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfVLljYX2U5bwKcks-dDZ1x1CZ3fLStg&random=2024356338&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9Dm66jhiAMVvKD9Bx1ahQO8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfVLljYX2U5bwKcks-dDZ1x1CZ3fLStg&random=2024356338&resp=GooglemKTybQhCsO&ipr=y

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tm=gtmv2&e_ipv6=AQIG910LPpw7lQAAAZIvwe4Q5nU6pojlixCyV_XKU0D8WUEmhjZN3V-BWm7gDN2lZqqMOqSn

Request Chain 108

https://oirt.aggle.net/r3r HTTP 301
https://oirt.aggle.net/r3r/d17a320e-fe8a-46ab-9997-67773dd01510

Request Chain 122

https://loader.wisepops.com/get-loader.js?v=1&site=aprvK2yJG6 HTTP 301
https://wisepops.net/loader.js?v=1&site=aprvK2yJG6

138 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request referral Show response
avantstay.com/
Redirect Chain

https://links.avantstay.com/u/click?_t=9ed27804d6c64eac9a223d70cb8980cb&_m=d96c54d51f7e4de6b850f149451e8e73&_e=aqj7nKVMW4qJomIKYEHrVyXeAXHZYtdHjDPeURb5sM3Isffa0gzxR-nhrANXtpcAO4XtQhg89u_DGxNNYAf8C8...
https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

6 KB
3 KB

152ms
53ms

Document
text/html

18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

39679a28010558ee16979426f91e9bf106befb009aa1db0d682e953de748068d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 108255
cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
content-type: text/html
date: Thu, 26 Sep 2024 09:31:35 GMT
etag: W/"4094daad786e41a87b6ccfe962ec776b"
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: Accept-Encoding Origin
via: 1.1 ae830955a4e25d8301abbde4cfd80dec.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-id: _2x319cz2Z7Htx0ovM7SZw8E0SpplWgjDwm2lg31qxbz49pryBGYfQ==
x-amz-cf-pop: CMH68-P4 MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: a6277dafa8b56007b1a03c82f880cc18
x-using-nginx-controller: true
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: base-uri 'none'; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; object-src 'none'; worker-src 'self' blob:; script-src 'report-sample' 'unsafe-eval' 'unsafe-inline' 'strict-dynamic' https: 'nonce-czCnch6dqavab/OyqTSaoA=='
date: Thu, 26 Sep 2024 19:14:47 GMT
location: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
request-time: 3
server: iterable-links 6e77
vary: Origin
via: 1.1 025655d33ea4a9c8f0ee3e05af37046e.cloudfront.net (CloudFront)
x-amz-cf-id: oSJCrSROMTkd-iLLU87n_LjRZfncJ9vlmQWBnPBFt9blBi6fidZGWg==
x-amz-cf-pop: MUC50-P6
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 fonts.css
avantstay.com/styles/ 3 KB
869 B 219ms
217ms Stylesheet
text/css 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/styles/fonts.css

Requested by

Host: avantstay.com
URL: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

abf02b102b9a3198ff54ed6495734d2591c3ba09ab90742cd09ec0b3d9cb4228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

content-encoding: gzip
etag: W/"de2-1922cc26f68"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: BnRn-C65u0vZ7sweity_BJocs50mTroysKyj9v_g-1gBAzR9wo22nA==
date: Thu, 26 Sep 2024 19:14:48 GMT
content-type: text/css; charset=UTF-8
last-modified: Thu, 26 Sep 2024 05:16:33 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P1

GET
H2 200 SangBleuSunrise-Bold.woff2
avantstay.com/fonts/SangBleuSunrise/ 40 KB
40 KB 585ms
584ms Font
font/woff2 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/fonts/SangBleuSunrise/SangBleuSunrise-Bold.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

2d9571a0e4effdb57e4571b54f851ac70ffd22421a8eb5baee62459d70aaad4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://avantstay.com
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

access-control-expose-headers: *
etag: W/"9e30-1922cc26f68"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: ABBGZZiRzWYb347EMbW5bKymX5CbV7l-FUhkunRA3azzUZ3cBidYNA==
date: Thu, 26 Sep 2024 19:14:48 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 05:16:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40496
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P1

GET
H2 200 13.f8e5dd4d.chunk.css
avantstay.com/static/css/ 4 KB
1 KB 47ms
45ms Stylesheet
text/css 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/css/13.f8e5dd4d.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

671580901ecf7ed7c150759e6d637f9d6b0d250968d31c504d662312ceb9aa3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: af43114edf4c8302d735da5f4172a466
content-encoding: br
etag: W/"88b48f6ca623ae4d744c3cd678e18d7d"
age: 107525
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: wCIv5XfTS5gXqhJZelQjgkhVIlPBndsBKhX4rPEZHX8wNNDwxTrPfw==
date: Thu, 26 Sep 2024 08:37:14 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55e94b07b6102f9f50d16b922c8d10ca.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 main.7d11a4fc.chunk.css
avantstay.com/static/css/ 5 KB
2 KB 46ms
45ms Stylesheet
text/css 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/css/main.7d11a4fc.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

0547b1e89df849a6792f21b3758bf30722023bedcf73d2b6bdc6ff077f6319dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: e1988934d847a632466a0619b6eb7336
content-encoding: br
etag: W/"aeda2845d00903889f078d2ce51e453c"
age: 107524
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yaDxZqArXFEKeu7DehwOHnpPZ_kiex_bv7ml25jNS_XIlWemGKaEIA==
date: Thu, 26 Sep 2024 08:37:14 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 03093c003b20d410ed3ec3e4bb2d569c.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 13.b13c8226.chunk.js Show response
avantstay.com/static/js/ 1 MB
350 KB 55ms
54ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/13.b13c8226.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

504bcee37098da8ed171881ac8d996c8ecc68cb12618e096d88e77fdb6670633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 29eaa2f98294b3f8d3bdc1394ab9bcb2
content-encoding: br
etag: W/"0830387fbd8e8ac1e37d579fa4513098"
age: 108361
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: gZjLBJjVLDou9fUJ5N9rv07LQVYnG_sF0XGMUbDjfeBb2oOLKERLug==
date: Thu, 26 Sep 2024 08:37:14 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 main.ba295ec8.chunk.js Show response
avantstay.com/static/js/ 650 KB
147 KB 197ms
196ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/main.ba295ec8.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

05de7ac3f23baa9c7b8c799c3c0df8cd8c214d40d0c56ba52340ab75e38159d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: fcb3d34fc3f43b109281c16eb564a897
content-encoding: br
etag: W/"24aabdf0feeae1d5134f60e868f3b2ae"
age: 108360
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -zw1Z4zERS6FEgypj8E-XURzQjUniIpSgvg3Gw4lgCdiWkhVkB-4SA==
date: Thu, 26 Sep 2024 08:37:14 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

OPTIONS
H2 204 graphql
arriere.prod.avantstay.com/public/ Frame 0
0 404ms
133ms Preflight 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=properties_getAvailableRegions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-avantstay-session-id
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 26 Sep 2024 19:14:49 GMT
x-using-nginx-controller: true

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
4 KB 716ms
207ms Script
application/javascript 44.237.246.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: avantstay.com
URL: https://avantstay.com/static/js/main.ba295ec8.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.246.103 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-246-103.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
etag: W/"66f2f17f-1d89"
x-envoy-upstream-service-time: 1
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: application/javascript
last-modified: Tue, 24 Sep 2024 17:06:07 GMT
server: istio-envoy
vary: Accept-Encoding

POST
H2 200 graphql Show response
arriere.prod.avantstay.com/public/ 19 KB
6 KB 181ms
179ms XHR
application/json 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=properties_getAvailableRegions
Requested by: Host: avantstay.com
URL: https://avantstay.com/static/js/13.b13c8226.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 56737b5a2e58cb4ed16bcc274f854aeaca9ed454d71da7186db6744785f880b7

Request headers

Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json
X-Avantstay-Session-ID: a3e7fb49-3e37-4d6b-90fc-e56e037016f6

Response headers

access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-using-nginx-controller: true
access-control-allow-origin: *
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID

GET
H2 200 affirm.js Show response
cdn1.affirm.com/js/v2/ 678 KB
153 KB 272ms
91ms Script
application/javascript 172.66.0.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn1.affirm.com/js/v2/affirm.js

Requested by

Host: avantstay.com
URL: https://avantstay.com/static/js/main.ba295ec8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f968cb2b5f6bdd99e1f63995a37b2296d8c43aed0d8d74d4879612df9ce2ff4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"d8ebcf58f88a988355680bbd78ea09e5"
age: 113
expires: Thu, 26 Sep 2024 19:19:49 GMT
date: Thu, 26 Sep 2024 19:14:49 GMT
x-affirm-cache-status: REVALIDATED
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 25 Sep 2024 23:10:17 GMT
strict-transport-security: max-age=31557600; includeSubDomains
link: <https://cdn1.affirm.com>; rel=preconnect; crossorigin, <https://cdn1.affirm.com>; rel=preconnect, <https://cdn-assets.affirm.com>; rel=preconnect; crossorigin, <https://cdn-assets.affirm.com>; rel=preconnect, <https://cdnjs.cloudflare.com>; rel=preconnect; crossorigin, <https://cdnjs.cloudflare.com>; rel=preconnect
cache-control: public, max-age=300
timing-allow-origin: *
x-affirm-request-id: ccd4cfd6-dae7-4dd3-cd24-863685303b5a
x-envoy-upstream-service-time: 391
cf-ray: 8c959440baeccac9-HAM
access-control-allow-origin: *
server: cloudflare

GET
H2 200 2.13c77712.chunk.css
avantstay.com/static/css/ 4 KB
1 KB 55ms
54ms Stylesheet
text/css 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/css/2.13c77712.chunk.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

d3c152ca093e7ec5c6057efc8103406e0b50ad7e3328f2f9fdd854193764709f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 7e90da978373f0ea224d9380ef54f752
content-encoding: br
etag: W/"f29551ed87b7f18ff69503a18fdd6bc6"
age: 101047
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: CFjkLU2z0USK-G4Sa1KUU-dkJ1IWjCLPlac_OeBLvfD6VNODMxBWnw==
date: Thu, 26 Sep 2024 08:37:16 GMT
content-type: text/css
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 9bb4d05ab08e4eaa205fa572ca4c835c.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 2.9e803cfb.chunk.js Show response
avantstay.com/static/js/ 146 KB
36 KB 59ms
58ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/2.9e803cfb.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

0500d900a4f752a3685ed812c4627c31cf423ec0fee85eebab46e8f2a794960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 432ff373c3d84e10e8bb56f76f9cf499
content-encoding: br
etag: W/"8b5b2062a4b653eca3a32c2840313460"
age: 101047
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 5qtJbPp45eMX7XC7xV_tTGQYvKwHmcdJFRtULY7Et7EGpzDg_n-9sQ==
date: Thu, 26 Sep 2024 08:37:15 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 ae830955a4e25d8301abbde4cfd80dec.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 54.7e67daf3.chunk.js Show response
avantstay.com/static/js/ 21 KB
8 KB 58ms
56ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/54.7e67daf3.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

3e0ac60eec781c7bbc2a5d0c043798eb96963f5042b9c8434c9806b62a9b0217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: bbbdd5f62a8b20440ca8073f01e6f182
content-encoding: br
etag: W/"1c2745f034404b3408fd117682311d59"
age: 103820
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: MbTh5hQqY7uHZsIISh_mcNw6KyPvrjrv2IDnitNd_kzHf7EdRHN8iQ==
date: Thu, 26 Sep 2024 19:14:47 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 55e94b07b6102f9f50d16b922c8d10ca.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 0.b0fd03a9.chunk.js Show response
avantstay.com/static/js/ 18 KB
5 KB 47ms
46ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/0.b0fd03a9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

4bbafe9f5e4b6d898f55808912cad9b7db9b91b6056ec07f9795d115184a7eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 5ffa2fd946c495b3ba9c32c95bff326f
content-encoding: br
etag: W/"bf85df19e46353090d74975413020450"
age: 107675
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: JR9UsXE1KYo4sDvshG0ga3IqPUWOy4TIw5ehBhA38CLxrgjUhjr7Cg==
date: Thu, 26 Sep 2024 09:11:08 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 7992425d40820d4ff716d7127846cfb2.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 1.10f06f1c.chunk.js Show response
avantstay.com/static/js/ 24 KB
9 KB 47ms
46ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/1.10f06f1c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

a17ec323f9cff43dc7d6d68814aeca4cc276e780a741676809ccff801c74a193

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 61c747fcb550ac4f2151a7de612f87cd
content-encoding: br
etag: W/"1805086b6c1c90b14f8cb0f99207ea1e"
age: 105449
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: M24JPESfM_35k_Ip-DZ9efSrLCBGb89YM7IucyLdBRgaxIxspRsIBQ==
date: Thu, 26 Sep 2024 08:37:16 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 949219e108de746f94237ff81555dda2.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 25.5f94f557.chunk.js Show response
avantstay.com/static/js/ 57 KB
17 KB 58ms
57ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/25.5f94f557.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

db6077654ffdc5d372dc6fc5869937bb3ed0353fc81d1493e11a534b9a2059ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 7f7844d6c2de3e236bb839676fac0cf5
content-encoding: br
etag: W/"c0f04fdeef2d9b4f951b20bb05c090a8"
age: 95105
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: QYeJjG7JiPUAxIEGJEOnLxtGS9cGvQUXlhYHiCWDpGI-lCAuqMwwEw==
date: Thu, 26 Sep 2024 19:14:47 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 0e3c225d58500145a5360bc7903299fe.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 148ms
38ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: avantstay.com
URL: https://avantstay.com/static/js/13.b13c8226.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: gzip
age: 6281
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 19:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 17:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/ 103 KB
28 KB 189ms
86ms Script
text/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Requested by: Host: avantstay.com
URL: https://avantstay.com/static/js/13.b13c8226.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7378757b932b127a01292f50213a03c857e3c9d902ab6dbd6ac3ec2e77317ff3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: U63uL14YvQYcBjS.nukBUWfvmVmFh9w1
etag: W/"b6b1027c5838d635a4247cbe96f9551a"
age: 4
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: A_qePia84f_hCpV22z74MbD-CbSsCk1OMolGDC4wuCmIFQLSpamGKg==
date: Thu, 26 Sep 2024 19:14:46 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jul 2024 21:03:05 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 SourceSansPro-Regular.woff2
avantstay.com/fonts/SourceSansPro/ 83 KB
83 KB 575ms
572ms Font
font/woff2 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/fonts/SourceSansPro/SourceSansPro-Regular.woff2

Requested by

Host: avantstay.com
URL: https://avantstay.com/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://avantstay.com
Referer: https://avantstay.com/styles/fonts.css

Response headers

access-control-expose-headers: *
etag: W/"14aec-1922cc26f68"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: X-fzTcKqcgqHjkP-rspPgxx_QG0WRGk1xSGerojXdzoLqmxNx3AeHg==
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 05:16:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
access-control-allow-origin: *
content-length: 84716
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P1

OPTIONS
H2 204 graphql
arriere.prod.avantstay.com/public/ Frame 0
0 178ms
133ms Preflight 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=referral_getReferralTerms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-avantstay-session-id,x-distribution-channel
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 26 Sep 2024 19:14:49 GMT
x-using-nginx-controller: true

OPTIONS
H2 204 graphql
arriere.prod.avantstay.com/public/ Frame 0
0 130ms
130ms Preflight 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=destinations_getDestinations
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-avantstay-session-id,x-distribution-channel
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 26 Sep 2024 19:14:49 GMT
x-using-nginx-controller: true

OPTIONS
H2 204 graphql
arriere.prod.avantstay.com/public/ Frame 0
0 130ms
130ms Preflight 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=referral_getReferralTerms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-avantstay-session-id,x-distribution-channel
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
date: Thu, 26 Sep 2024 19:14:49 GMT
x-using-nginx-controller: true

POST
H2 200 graphql Show response
arriere.prod.avantstay.com/public/ 4 KB
2 KB 147ms
145ms XHR
application/json 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=referral_getReferralTerms
Requested by: Host: avantstay.com
URL: https://avantstay.com/static/js/13.b13c8226.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 87da7dc6bdd6dc24992398ce53839263b8999503dbba39de3807dae982b6f641

Request headers

Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Distribution-Channel: WEBSITE
Content-Type: application/json
X-Avantstay-Session-ID: a3e7fb49-3e37-4d6b-90fc-e56e037016f6

Response headers

access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-using-nginx-controller: true
access-control-allow-origin: *
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID

POST
H2 200 graphql Show response
arriere.prod.avantstay.com/public/ 5 KB
2 KB 141ms
140ms XHR
application/json 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=destinations_getDestinations
Requested by: Host: avantstay.com
URL: https://avantstay.com/static/js/13.b13c8226.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2c9b402229c75c1102185ddaaf6716014c3434ded4d9968d8fad452c27439ebf

Request headers

Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Distribution-Channel: WEBSITE
Content-Type: application/json
X-Avantstay-Session-ID: a3e7fb49-3e37-4d6b-90fc-e56e037016f6

Response headers

access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-using-nginx-controller: true
access-control-allow-origin: *
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID

GET
H2 200 SourceSansPro-SemiBold.woff2
avantstay.com/fonts/SourceSansPro/ 82 KB
83 KB 565ms
556ms Font
font/woff2 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/fonts/SourceSansPro/SourceSansPro-SemiBold.woff2

Requested by

Host: avantstay.com
URL: https://avantstay.com/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://avantstay.com
Referer: https://avantstay.com/styles/fonts.css

Response headers

access-control-expose-headers: *
etag: W/"14808-1922cc26f68"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: lx-3l50UCYQbuDU9GfnxrkOdwwhb_kYZpAFp3pM7tkAN5TNgt_KuAw==
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 05:16:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83976
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P1

GET
H2 200 SourceSansPro-Bold.woff2
avantstay.com/fonts/SourceSansPro/ 82 KB
82 KB 577ms
575ms Font
font/woff2 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/fonts/SourceSansPro/SourceSansPro-Bold.woff2

Requested by

Host: avantstay.com
URL: https://avantstay.com/styles/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://avantstay.com
Referer: https://avantstay.com/styles/fonts.css

Response headers

access-control-expose-headers: *
etag: W/"1460c-1922cc26f68"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: AlzkEEzwxsXReRPHEEAw2GOJos8CFWxS12xmQCHBh3hninK-4Oz4qA==
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 05:16:33 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83468
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P1

GET
H2 200 icomoon.a605d9a4.ttf
avantstay.com/static/media/ 19 KB
13 KB 44ms
43ms Font
font/ttf 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/media/icomoon.a605d9a4.ttf

Requested by

Host: avantstay.com
URL: https://avantstay.com/static/css/main.7d11a4fc.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

e843785b7f2b538edbdbd2c2901491b157956d5fa46df0fa8c1b4f27dd661578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://avantstay.com
Referer: https://avantstay.com/static/css/main.7d11a4fc.chunk.css

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"af4937a6a19f73e7f7c9f10911632673"
age: 102527
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: aJKsrO5dfKd_h4uWPL7lDz0ghXWr-2jVqyh3ROJlgBWiJrmK9nYYcQ==
date: Thu, 26 Sep 2024 09:11:09 GMT
content-type: font/ttf
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 f815c100f85efac1175e2607c52608a4.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

POST
H2 200 graphql Show response
arriere.prod.avantstay.com/public/ 4 KB
2 KB 139ms
137ms XHR
application/json 52.15.224.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arriere.prod.avantstay.com/public/graphql?_q=referral_getReferralTerms
Requested by: Host: avantstay.com
URL: https://avantstay.com/static/js/13.b13c8226.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.224.98 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-224-98.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 87da7dc6bdd6dc24992398ce53839263b8999503dbba39de3807dae982b6f641

Request headers

Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-Distribution-Channel: WEBSITE
Content-Type: application/json
X-Avantstay-Session-ID: a3e7fb49-3e37-4d6b-90fc-e56e037016f6

Response headers

access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-using-nginx-controller: true
access-control-allow-origin: *
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Datadog-Origin,X-Datadog-Sampling-Priority,X-Forwarded-For,X-Datadog-Parent-Id,X-Teammate,Content-Type,X-AS-Span-Id,Authorization,X-Datadog-Sampled,X-Requested-With,X-AS-Trace-Id,X-Fullstory-Session-ID,X-Datadog-Trace-Id,X-Distribution-Channel,X-Fullstory-Session-URL,X-Avantstay-Session-ID

GET
H2 200 https%3A%2F%2Favantstay.com%2Fstatic%2Fmedia%2FinviteFriendImage.9409dd54.jpg
imglite.avantstay.com/ 92 KB
92 KB 213ms
76ms Image
image/webp 2600:9000:237d:f600:f:7aac:d8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imglite.avantstay.com/https%3A%2F%2Favantstay.com%2Fstatic%2Fmedia%2FinviteFriendImage.9409dd54.jpg?avif=false&height=1120&webp=true&width=800
Requested by: Host: avantstay.com
URL: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:f600:f:7aac:d8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c81ed6c82ca5d254806e7fd8da18707dd706d41071b2cfa8528dad9a9365c8c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: public, max-age=31536000
x-amz-apigw-id: eujaVH9rIAMEXWA=
age: 1
x-amzn-trace-id: Root=1-66f5b2a8-1b42203d698ab72c12a55bd0;Parent=73e1274e2ef2ada4;Sampled=0;Lineage=1:1fe4eee5:0
x-amzn-requestid: 6e0f2610-537c-4a66-b2b8-87c75889b742
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront), 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 93884
x-amz-cf-id: gUNn8tNCbvWMNcmR9LMGG4b1McRSoOAfpy3HeZ-D3jZbdA5RXH8h7g==
date: Thu, 26 Sep 2024 19:14:48 GMT
content-type: image/webp
x-amz-cf-pop: FRA60-P3, MUC50-P2
vary: Origin

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/ 7 KB
3 KB 136ms
49ms Fetch
application/json 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b2fb80843e534e76b7bb008e23499b857e187b70acd7fcc8eedffe8ffbaa6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: 60dt3Ys3InhRrpBTEFIxY8E.h6hLiTwp
etag: W/"4f7fef77ce4086e26cc94352620757d4"
age: 4725
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: ID1dc-lGBlK5kEzQauQh83xQrPT20bqqbBUdGhjHbPiqBxsujUhllA==
date: Thu, 26 Sep 2024 17:56:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 12:44:37 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 213ms
211ms Image
text/plain 44.237.246.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=f4d0a258-1465-469e-984e-0e679ea7b848&vrs=8.4&ev=PAGE_VIEW&pl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=cb9952a2-b330-48a9-abca-32e9371d36e2&pageid=5f135810-9474-4461-89b9-8b8c0cd26bce&sessionid=3372863d-51d8-406b-bb52-1c49380cb8a2&cd=%7B%7D
Requested by: Host: avantstay.com
URL: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.246.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-246-103.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

context-id: 789520a1-7f06-46bd-a66c-2784a526d3a0
date: Thu, 26 Sep 2024 19:14:49 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy

GET
H2 200 touch_track Show response
api-cf.affirm.com/api/v2/session/ 46 B
790 B 238ms
213ms Fetch
application/json 172.66.0.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-cf.affirm.com/api/v2/session/touch_track

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

412591e7b500552cb0cd02e3575531276915a8d5b9ba174c6f82144abc19a923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
affirm-axp-override
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, OPTIONS
affirm-chameleon-profile-id
date: Thu, 26 Sep 2024 19:14:49 GMT
x-affirm-cache-status: MISS
content-type: application/json
vary: Accept-Encoding,Origin, Cookie
access-control-allow-headers: Accept, Content-Type, X-Requested-With
strict-transport-security: max-age=31557600; includeSubDomains
cache-control: private, no-cache, no-store, must-revalidate
x-affirm-request-id: 43895932-74c5-4682-c6bf-a53d60e39dca
x-envoy-upstream-service-time: 24
access-control-allow-credentials: true
cf-ray: 8c9594432effcac9-HAM
access-control-allow-origin: https://avantstay.com
server: cloudflare

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 22 B
410 B 101ms
97ms Fetch
application/json 172.66.0.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
affirm-axp-override
content-encoding: gzip
cf-cache-status: HIT
age: 3309
access-control-allow-methods: GET, OPTIONS
affirm-chameleon-profile-id
date: Thu, 26 Sep 2024 19:14:49 GMT
x-affirm-cache-status: MISS
content-type: application/json
vary: Accept-Encoding,cookie, Origin,Origin
last-modified: Thu, 26 Sep 2024 17:53:11 GMT
access-control-allow-headers: Accept, Content-Type, X-Requested-With
strict-transport-security: max-age=31557600; includeSubDomains
cache-control: max-age=3600
x-affirm-request-id: 9fa6179b-9152-43c9-c3e9-6624b9d7f102
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
cf-ray: 8c9594433f06cac9-HAM
access-control-allow-origin: https://avantstay.com
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
419 B 57ms
48ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=680625991&t=pageview&_s=1&dl=https%3A%2F%2Favantstay.com%2F%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&dp=%2F&ul=de-de&de=UTF-8&dt=Share%20and%20Earn%20-%20AvantStay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=email_adhoc_holidaybookings_all_09262024&cs=email&cm=crmadhoc&_u=aEBAAEABAAAAACgDIAB~&jid=1344301609&gjid=671526242&cid=1172313301.1727378089&tid=UA-115105293-1&_gid=1309040402.1727378089&_r=1&_slc=1&z=43054201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://avantstay.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 40ms
39ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: a92RueFpwWNG4YB0W.6QPKGdauE3iLaV
age: 1825898
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: cmwB50JKfaQmbX4r04pEMbcFOun8ycG21HRfePNnkGC5RoruC_JgvA==
date: Thu, 05 Sep 2024 16:03:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 03 Sep 2024 19:49:17 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cookie_sent Show response
www.affirm.com/api/v2/ 22 B
131 B 89ms
89ms Fetch
application/json 172.66.0.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.affirm.com/api/v2/cookie_sent

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
affirm-axp-override
content-encoding: gzip
cf-cache-status: HIT
age: 3309
access-control-allow-methods: GET, OPTIONS
affirm-chameleon-profile-id
date: Thu, 26 Sep 2024 19:14:49 GMT
x-affirm-cache-status: MISS
content-type: application/json
vary: Accept-Encoding,cookie, Origin,Origin
last-modified: Thu, 26 Sep 2024 17:53:11 GMT
access-control-allow-headers: Accept, Content-Type, X-Requested-With
strict-transport-security: max-age=31557600; includeSubDomains
cache-control: max-age=3600
x-affirm-request-id: 9fa6179b-9152-43c9-c3e9-6624b9d7f102
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
cf-ray: 8c959444e98bcac9-HAM
access-control-allow-origin: https://avantstay.com
server: cloudflare

GET
H2 200 axpV2ExperimentList.json Show response
cdn-assets.affirm.com/upfunnel/experiments/ 2 B
679 B 498ms
399ms Fetch
application/json 162.159.140.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-assets.affirm.com/upfunnel/experiments/axpV2ExperimentList.json

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.33 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
cf-cache-status: DYNAMIC
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-amz-version-id: jrkQ.3n6Y7llRV8WaDWnret0x.5dDAho
access-control-allow-methods: GET
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/json
last-modified: Fri, 06 Sep 2024 11:29:47 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-id-2: f3fOFuhIe0dd9+u6J2KTPK6Flfn2w69+trKBhNtD9AiPKbr3vqb2Pn+uZVa0Ma0cCVz/cnUGQPobd5wI8IBViG9ZHKSFba2+szrhsxAS7hU=
strict-transport-security: max-age=31557600; includeSubDomains
x-amz-replication-status: COMPLETED
cache-control: max-age=600, must-revalidate
cf-ray: 8c959445881d62e3-HAM
x-amz-request-id: AF9XM4J31V6TEKHF
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 collect
tracker.affirm.com/ 14 B
410 B 237ms
142ms Ping
application/octet-stream 18.173.154.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.affirm.com/collect

Requested by

Host: cdn1.affirm.com
URL: https://cdn1.affirm.com/js/v2/affirm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-36.muc50.r.cloudfront.net

Software

openresty /

Resource Hash

70f07df8529a5da355e70cb8fd1a2c6cdbe6dec83a5332bfcf06f5a917e6e607

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=86400; includeSubDomains
x-affirm-request-id: 7463e9ce-00fb-4fbd-cf60-44d2a0959078
access-control-allow-credentials: true
via: 1.1 667b60dd320c04dc9adf041517122fc2.cloudfront.net (CloudFront)
access-control-allow-origin: https://avantstay.com
x-cache: Miss from cloudfront
content-length: 14
x-amz-cf-id: earGQbbcBLYSP5gI6j-4960uwnugiXCdNt4dOI_3BNiNDtnwmiBciw==
date: Thu, 26 Sep 2024 19:14:49 GMT
content-type: application/octet-stream
x-amz-cf-pop: MUC50-P3
server: openresty

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 40ms
39ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: vP0unh.TjiFaIe3QG8FvwWCBqNSPg0tw
age: 1825891
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: -kGjt_Be_0BU-FbzUImUKnO321wLu1DrQyjAXVtFtl-jQN4uev6YDQ==
date: Thu, 05 Sep 2024 16:03:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 03 Sep 2024 19:49:17 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cda14c6c2e9ab60a0cd5.js Show response
cdn.segment.com/next-integrations/actions/amplitude-plugins/ 4 KB
2 KB 39ms
39ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/cda14c6c2e9ab60a0cd5.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e509e651e110856343413513c9d2628c20ad33896eb2d15fb1e74b4b8edf0d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: rdGubcsFhWujV01kvk3aHlHua4eOfMIU
etag: W/"906d0ec074157ca487c53042a9d3dd58"
age: 40291
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: KULoEbzPU0w-y_-mo9bsyASLTOmpuK4OeG677tEqlBMEW3sOKykzxw==
date: Thu, 26 Sep 2024 08:03:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 11:17:56 GMT
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 9c7d8e35cf8144a0c49b.js Show response
cdn.segment.com/next-integrations/actions/fullstory/ 186 KB
57 KB 45ms
45ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/fullstory/9c7d8e35cf8144a0c49b.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ff3be30c995f580a2bc09c1cf4967a472d568f36ff3a077d2f44e91946fd47e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: rl0Lsnx_H3FF_C9aM8.vJziPtgndCiY9
etag: W/"7cf19df11cfd76475754b4505c7e169f"
age: 64164
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: oIFv2ieFJ80M71olZgOcSWelaEusDdaVsiInCyaL_Hdd0q6Q-Nj60A==
date: Thu, 26 Sep 2024 01:29:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 11:17:57 GMT
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ebaed0c566c3fbf2b460.js Show response
cdn.segment.com/next-integrations/actions/wisepops/ 172 KB
53 KB 79ms
79ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/wisepops/ebaed0c566c3fbf2b460.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 080a976acd38383b641054bada5c15d2644286f9a8d62135658abd0971a3923e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: pNDytX46_cva8BqDIczTHdGa6XFExw1y
etag: W/"789572b324f0774aa5d770b0a22385b5"
age: 52639
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: icfjgLdZYCv-eYQlSMGDEENV_S5riD2oKAiih5IbN6T1DBORlKINoQ==
date: Thu, 26 Sep 2024 09:11:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 11:17:58 GMT
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 d41568b7f25714884231.js Show response
cdn.segment.com/next-integrations/actions/845/ 27 KB
8 KB 66ms
66ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/d41568b7f25714884231.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/cda14c6c2e9ab60a0cd5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad4ec56c04477d9acc30ce9a07150d3b241ea38d96ec99aa0c6617e2379f1445

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: UfShnhVWWr257GH9PidWvXuITz0DciJM
etag: W/"fa32af4fb4b851cebc554c5c458878c3"
age: 40596
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: ieQNxWUs-biThZsOat6utKUrlimtGBIFodcQ7EmtbsYEwVwhjcoHRA==
date: Thu, 26 Sep 2024 07:58:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 17 Sep 2024 11:17:54 GMT
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 40ms
40ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=680625991&t=pageview&_s=2&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&dp=%2F&ul=de-de&de=UTF-8&dt=Share%20and%20Earn%20-%20AvantStay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=email_adhoc_holidaybookings_all_09262024&cs=email&cm=crmadhoc&_u=aEBAAEABAAAAACgDIAB~&jid=&gjid=&cid=1172313301.1727378089&tid=UA-115105293-1&_gid=1309040402.1727378089&z=1170586266

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

age: 6998
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 17:18:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 39ms
39ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=680625991&t=event&ni=0&_s=3&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&dp=%2F&ul=de-de&de=UTF-8&dt=Share%20and%20Earn%20-%20AvantStay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=administrative&ea=viewedPage&_u=aEBAAEABAAAAACgDIAD~&jid=&gjid=&cid=1172313301.1727378089&tid=UA-115105293-1&_gid=1309040402.1727378089&z=1773448661

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

age: 6998
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 17:18:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 206ms
206ms Image
text/plain 44.237.246.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=f4d0a258-1465-469e-984e-0e679ea7b848&vrs=8.4&ev=PAGE_VIEW&pl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&ndclid=&ndclid_src=0&rf=&sem=&tm=Manual&iid=09a3afd5-e630-4f3f-bf9f-17310a86fa50&pageid=5f135810-9474-4461-89b9-8b8c0cd26bce&sessionid=3372863d-51d8-406b-bb52-1c49380cb8a2&cd=%7B%7D
Requested by: Host: avantstay.com
URL: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.246.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-246-103.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

context-id: ec9c6387-3b90-464b-897b-e6a844a876c8
date: Thu, 26 Sep 2024 19:14:50 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 adwords.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/adwords/2.5.3/ 4 KB
2 KB 39ms
38ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/adwords/2.5.3/adwords.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20de2de93c034f0e1ed81727065936b52b3bedb10a612cc28afea038c740ef2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "f6246f378e8c1ade9a26d83796683c03"
x-amz-version-id: 9XlMV.3Ql5HVfGV7mJ2TN8HHHkXRas8d
age: 1814523
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: TP1rHfAr9yHpnZL6u5iCSizVilgpzaRPPbH-40hpURSn4D_WxeA5ZA==
date: Thu, 05 Sep 2024 19:12:48 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:14 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1356
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/ 10 KB
4 KB 39ms
39ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "a7cd49c834a0851140e3304c91cb34d0"
x-amz-version-id: cuitFtVByPnpmGgtaJu0tUis3_ZXBX9n
age: 1105985
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: jUzu0qma6hyOZWhm2nL-IT96RvbVqydn61shJFI_S1KGYbNCWeTkCg==
date: Sat, 14 Sep 2024 00:01:46 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:15 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3273
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 38ms
38ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "a2b1aa1a0e402b1f891c929f94449d47"
x-amz-version-id: bdsEH.0LgrjWd4kHDEZQV0GazYAEKsCs
age: 1724143
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: MZbB_etwO6f8uF-31c8iEm7SWl37Tc45MpmaWkHlCrh3vBgaEFuEgA==
date: Fri, 06 Sep 2024 20:19:08 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:15 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1343
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pinterest-tag.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/pinterest-tag/1.2.4/ 5 KB
2 KB 39ms
39ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/pinterest-tag/1.2.4/pinterest-tag.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e6821f36b881f3c77af1ea303c005705ae9f747ecb57c86908d67ddad59b2c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "fba1790820a2210b6779dbd103e7a18b"
x-amz-version-id: 7A8scUEgwKfYFoRkFWjYO9WS5r3ltfv6
age: 6064744
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: F5D_8FJvOvDS3KVTXc-ANLsu66IXS76bRNArE_C6_oxpMu48v_xuqw==
date: Thu, 18 Jul 2024 14:35:47 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:42:48 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1944
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 twitter-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/ 5 KB
2 KB 39ms
39ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f9db17db87a17891eee947a12ba2fb9d92aae5040c2c047d7eaece4b565c567

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "e01d319dec2747f020224330d27d488b"
x-amz-version-id: Zqav8Rd2oHiQkEpH.iDYrVDagnbk74hT
age: 1761429
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: d8iyGTJtXEtMw5nbbTo4SviVOTOIwfVIrYZRrNeWJxBXbdlWksIW5A==
date: Fri, 06 Sep 2024 09:57:42 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:15 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1971
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bing-ads.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/ 2 KB
2 KB 39ms
38ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/bing-ads/2.0.1/bing-ads.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91bd6d37a2d6c0a38558cfe458338d7f0437252d5d4e3ebfffa5d2ba8e5aaa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "3900da1d5e6e2ce7174a0f56f77b7b5b"
x-amz-version-id: FoTET4_68HQpVRKQ1li1OZXu7277KolH
age: 1761430
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: J7iSopgzBHOV8R9PWKv3A8KGmmNSXoFsl52HnVs0o_3RzRpTctXY0Q==
date: Fri, 06 Sep 2024 09:57:41 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:14 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1135
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 285 KB
77 KB 133ms
41ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/9c7d8e35cf8144a0c49b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7022b9e24be497983ba3d281099f4e83730064a964445aa7162f2d7ee877cfbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://avantstay.com
Referer: https://avantstay.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: br
x-goog-hash: crc32c=Wy9O1A==, md5=jWZlvx/AwzNfdKfBphY8wA==
etag: "8d6665bf1fc0c3335f74a7c1a6163cc0"
age: 2745
x-goog-stored-content-encoding: br
expires: Thu, 26 Sep 2024 19:29:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 78338
date: Thu, 26 Sep 2024 18:29:05 GMT
last-modified: Wed, 25 Sep 2024 17:17:31 GMT
content-type: application/javascript
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljtbMxtWe5RzOEd9a641b_cLEa4r3DZEhsEKMiAXUzw1uOn4kNr54HPVvvKs3Ff0ilXKZA
cache-control: public, max-age=3600,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727284651247001
content-length: 78338
server: UploadServer

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
171 B 656ms
213ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/9c7d8e35cf8144a0c49b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://avantstay.com
content-length: 21
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/json
vary: Origin

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
172 B 652ms
212ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/9c7d8e35cf8144a0c49b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://avantstay.com
content-length: 21
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/json
vary: Origin

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
171 B 843ms
408ms Fetch
application/json 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/9c7d8e35cf8144a0c49b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://avantstay.com
content-length: 21
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/json
vary: Origin

GET
H2 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 70 KB
22 KB 47ms
46ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/QpS5Bek5i6jVghuI7EBcwLpT3Z60Y1ZV/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "c467a63b2e7c3a99be423ace649014d8"
x-amz-version-id: aAixXKmCEkR1rfYrRzV2.EPYhnGmH0W2
age: 257913
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 3WfpEBQ8dbZ--L-4cSWtUh_-jUWErunKJQDsCjSHQ6k9f1n2_k7AXg==
date: Mon, 23 Sep 2024 19:36:18 GMT
content-type: application/javascript
last-modified: Thu, 08 Aug 2024 06:57:13 GMT
cache-control: public,max-age=31536000,immutable
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21911
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 56 KB
20 KB 111ms
51ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

007162d7f262f0d0cae5591fb6481ea8c1601bd60ab1944b383d97117a439e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: br
etag: 14407008304115357421
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 19:14:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 20672
x-xss-protection: 0
server: cafe

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 101ms
43ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4430, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: NjOvtNLb1lMb5/slkc05qnfysncydLECmmF/aKtloIOPSpr6MaPIkstRLMwQIf+zfBxXcUzl9QsufVgLFFPU3Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59070
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 344 KB
114 KB 171ms
64ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8NCP7D&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bd78f590d60c4c422ca73743b65e8a402318f1d138469c0fae3623ff331f5cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 26 Sep 2024 19:14:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Sep 2024 18:50:31 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 116166
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 141ms
42ms Script
application/javascript 2a04:4e42:400::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1878
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 141ms
42ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Thu, 26 Sep 2024 19:14:50 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220044-FRA
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 207ms
64ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F854E4A395DB491A9853B458208336D1 Ref B: FRA31EDGE0208 Ref C: 2024-09-26T19:14:50Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H2 200 web Show response
edge.fullstory.com/s/settings/JW0T0/v1/ 10 KB
2 KB 41ms
40ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/JW0T0/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4c4e379fb56910681c772365cf696333171c9cabea7b4072dcb1077d51a51c9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
content-encoding: gzip
x-goog-hash: crc32c=61HvsQ==, md5=YFJok0lXfc8BCVghyRzf3Q==
etag: "6052689349577dcf01095821c91cdfdd"
age: 2
x-goog-stored-content-encoding: gzip
expires: Thu, 26 Sep 2024 19:29:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1622
date: Thu, 26 Sep 2024 19:14:48 GMT
last-modified: Thu, 26 Sep 2024 19:13:06 GMT
content-type: application/json
x-guploader-uploadid: AD-8ljusWKEOi9lqlB-U7GRmHG-xzKmA5D3mKEQOnWzN_fx7_eeQHMDnazl57MgYb2pOAfUNuQ
cache-control: public,max-age=900,no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727326386648380
content-length: 1622
server: UploadServer

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/726184713/ 5 KB
2 KB 52ms
51ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/726184713/?random=1727378090424&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f096ce734167fdc84bb91efbbf38572df18a83346cd8abdf9119a8f0282c6388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2509
date: Thu, 26 Sep 2024 19:14:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/ 43 B
61 B 146ms
59ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/?random=1727378090432&cv=9&fst=1727378090432&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Ftab%5C%3Dfriends%26utm_source%5C%3Dnewsletter%26utm_medium%5C%3Demail%26utm_campaign%5C%3Drefer%26utm_campaign%5C%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%5C%3Demail%26utm_medium%5C%3Dcrmadhoc%3Btitle%3DShare%20and%20Earn%20-%20AvantStay%3Burl%3Dhttps%3A%2F%2Favantstay.com%2F%3Ftab%5C%3Dfriends%26utm_source%5C%3Dnewsletter%26utm_medium%5C%3Demail%26utm_campaign%5C%3Drefer%26utm_campaign%5C%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%5C%3Demail%26utm_medium%5C%3Dcrmadhoc%3Bhash%3D%3Bwidth%3D1600%3Bheight%3D1200%3Bname%3DShare%20and%20Earn%20-%20AvantStay&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Thu, 26 Sep 2024 19:14:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/726184713/ 5 KB
2 KB 55ms
54ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/726184713/?random=1727378090441&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b1047b748ff7ac9f1eca19e9a6173b8cd27245b159587606d7bc1313b7ead738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2519
date: Thu, 26 Sep 2024 19:14:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/ 43 B
61 B 145ms
63ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/?random=1727378090444&cv=9&fst=1727378090444&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=path%3D%2F%3Breferrer%3D%3Bsearch%3D%3Ftab%5C%3Dfriends%26utm_source%5C%3Dnewsletter%26utm_medium%5C%3Demail%26utm_campaign%5C%3Drefer%26utm_campaign%5C%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%5C%3Demail%26utm_medium%5C%3Dcrmadhoc%3Btitle%3DShare%20and%20Earn%20-%20AvantStay%3Burl%3Dhttps%3A%2F%2Favantstay.com%2F%3Ftab%5C%3Dfriends%26utm_source%5C%3Dnewsletter%26utm_medium%5C%3Demail%26utm_campaign%5C%3Drefer%26utm_campaign%5C%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%5C%3Demail%26utm_medium%5C%3Dcrmadhoc%3Bhash%3D%3Bwidth%3D1600%3Bheight%3D1200%3Bname%3DShare%20and%20Earn%20-%20AvantStay&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 37
date: Thu, 26 Sep 2024 19:14:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 1860478980705549 Show response
connect.facebook.net/signals/config/ 80 KB
16 KB 53ms
53ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1860478980705549?v=2.9.168&r=stable&domain=avantstay.com&hme=3ba426d944c98eb3ce406a0f93fc097d0320a486b65b445a33b2eda3a5aa3429&ex_m=70%2C119%2C105%2C109%2C61%2C4%2C98%2C69%2C16%2C95%2C87%2C51%2C54%2C170%2C173%2C185%2C181%2C182%2C184%2C29%2C99%2C53%2C76%2C183%2C165%2C168%2C178%2C179%2C186%2C129%2C41%2C34%2C141%2C15%2C50%2C192%2C191%2C131%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C91%2C17%2C14%2C94%2C90%2C89%2C106%2C52%2C108%2C39%2C107%2C30%2C92%2C26%2C166%2C169%2C138%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C74%2C100%2C27%2C75%2C9%2C8%2C79%2C48%2C21%2C102%2C101%2C103%2C96%2C10%2C20%2C3%2C38%2C19%2C84%2C56%2C82%2C33%2C73%2C0%2C93%2C32%2C81%2C86%2C47%2C46%2C85%2C37%2C5%2C88%2C80%2C44%2C35%2C83%2C2%2C36%2C63%2C42%2C104%2C45%2C78%2C68%2C110%2C60%2C59%2C31%2C97%2C58%2C55%2C49%2C77%2C72%2C24%2C111

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

8cf6ba7787157923c49017b9f1d5bb7c03b2e11082acd622733c205fa8a32580

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=74, mss=1232, tbw=67198, tp=62, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: ugk3g2/igRUJTApCQzhtcPlNqJOpJ1MEp5VuJKnMbM0ovxKFTRjrPeh7RTJKjsRecWtnP0aRloUyR/DZykyHGA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 16177
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 52ms
51ms Script
application/javascript 2a04:4e42:400::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23701
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 adsct
t.co/i/ 43 B
469 B 370ms
278ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=126419c6-ae2c-40e7-9cf6-fa240f7c01be&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3c93b0bb-24a7-4eb1-970f-4b1d79ce72bf&tw_document_href=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8y8e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 399bc5cbb055ec8c
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e6a4d2a20f592b43a55af8f7d544f6266b27b4e803b899abae1ced008236e836
cf-cache-status: DYNAMIC
cf-ray: 8c95944a3c43450a-TXL
x-response-time: 189
content-length: 43
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_f

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 259ms
158ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=126419c6-ae2c-40e7-9cf6-fa240f7c01be&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3c93b0bb-24a7-4eb1-970f-4b1d79ce72bf&tw_document_href=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8y8e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 5b06737d1e8df87e
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c242cd1c6e2a82a71138d61a5f2991358d4f5cbaebb99ebdec68944a5c492d90
x-response-time: 115
content-length: 43
date: Thu, 26 Sep 2024 19:14:50 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_f

GET
H2 200 adsct
t.co/i/ 43 B
630 B 284ms
194ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=41533231-201b-40c0-9b74-72d13a6dc615&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3c93b0bb-24a7-4eb1-970f-4b1d79ce72bf&tw_document_href=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8y8e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 0a0eebc5a4e29603
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 93794320300d23bcbf930555cdcc320b521328df7c5a936321516f8808b5ebcd
cf-cache-status: DYNAMIC
cf-ray: 8c95944a4c51450a-TXL
x-response-time: 115
content-length: 43
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_f

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 264ms
165ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=41533231-201b-40c0-9b74-72d13a6dc615&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3c93b0bb-24a7-4eb1-970f-4b1d79ce72bf&tw_document_href=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o8y8e&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: f06815ebb5279c90
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c242cd1c6e2a82a71138d61a5f2991358d4f5cbaebb99ebdec68944a5c492d90
x-response-time: 124
content-length: 43
date: Thu, 26 Sep 2024 19:14:50 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_f

GET
H3

200

/
www.google.de/pagead/1p-conversion/726184713/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_...
https://www.google.com/pagead/1p-conversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his...
https://www.google.de/pagead/1p-conversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=...

42 B
64 B

311ms
71ms

Image
image/gif

216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI3d7l66jhiAMVrZf9Bx2lOwvDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfDdAWDsFCzW-JyF7K-eUWYdBJxGLMxg&random=841085919&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 19:14:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/726184713/?random=1815397800&cv=9&fst=1727378090424&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI3d7l66jhiAMVrZf9Bx2lOwvDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfDdAWDsFCzW-JyF7K-eUWYdBJxGLMxg&random=841085919&resp=GooglemKTybQhCsO&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 19:14:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.de/pagead/1p-conversion/726184713/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=120...
https://www.google.com/pagead/1p-conversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

310ms
72ms

Image
image/gif

216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9Dm66jhiAMVvKD9Bx1ahQO8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfVLljYX2U5bwKcks-dDZ1x1CZ3fLStg&random=2024356338&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 19:14:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/726184713/?random=100691842&cv=9&fst=1727378090441&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C509562772%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tiba=Share%20and%20Earn%20-%20AvantStay&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjDybECSidldmVudC1zb3VyY2UsIHRyaWdnZXI9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIy9Dm66jhiAMVvKD9Bx1ahQO8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2F2YW50c3RheS5jb20v&is_vtc=1&cid=CAQSGwDpaXnfVLljYX2U5bwKcks-dDZ1x1CZ3fLStg&random=2024356338&resp=GooglemKTybQhCsO&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 19:14:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 149005163.js Show response
bat.bing.com/p/action/ 371 B
419 B 81ms
81ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/149005163.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01dfa8d42bf35759baf3b91c3ba7a28b83c26ab15eab56b5f0e9b5d3eb1051d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BE8540FEBCC74D82832F2D89F9AEDCC5 Ref B: FRA31EDGE0208 Ref C: 2024-09-26T19:14:50Z
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

POST
H2 200 page Show response
rs.fullstory.com/rec/ 1 KB
742 B 257ms
162ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ca182a951557bfc0317f089dababe7a4661315f200f13fdac1d92cf0f04ccaac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://avantstay.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 563
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/json; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 521ms
46ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1860478980705549&ev=PageView&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&rl=&if=false&ts=1727378090591&sw=1600&sh=1200&v=2.9.168&r=stable&a=seg&ec=0&o=12318&fbp=fb.1.1727378090581.441312379553346637&cs_est=true&ler=empty&cdl=API_unavailable&it=1727378090473&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1727378090126-f5bcd49a-1100-423e-b6a4-d485da728f6f&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2889, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 695ms
220ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1860478980705549&ev=PageView&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&rl=&if=false&ts=1727378090591&sw=1600&sh=1200&v=2.9.168&r=stable&a=seg&ec=0&o=12318&fbp=fb.1.1727378090581.441312379553346637&cs_est=true&ler=empty&cdl=API_unavailable&it=1727378090473&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1727378090126-f5bcd49a-1100-423e-b6a4-d485da728f6f&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419032408849562704"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf8c0c7b13752e5c8","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:2032434213530514","7830:2032434213530514","10853:2032434213530514","41:2032434213530514","8046:2032434213530514"]},"debug_reporting":true,"debug_key":"246448927174076017"}
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: ivryy/fgbyJWSVTRmwqZXP9KE5MZygYLFMAIZE0SKqzMwnyG4SiCeS8mmhSBwpwh9de4HFzvWRJ0zoPUG/QYfw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419032408849562704", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=7786, tp=-1, tpl=-1, uplat=179, ullat=1
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 519ms
45ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1860478980705549&ev=PageView&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&rl=&if=false&ts=1727378090596&sw=1600&sh=1200&v=2.9.168&r=stable&a=seg&ec=1&o=12318&fbp=fb.1.1727378090581.441312379553346637&cs_est=true&ler=empty&cdl=API_unavailable&it=1727378090473&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1727378090131-9a110002-3ef6-44d4-85da-728f6f207ffc&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2889, tp=-1, tpl=-1, uplat=2, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 666ms
193ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1860478980705549&ev=PageView&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&rl=&if=false&ts=1727378090596&sw=1600&sh=1200&v=2.9.168&r=stable&a=seg&ec=1&o=12318&fbp=fb.1.1727378090581.441312379553346637&cs_est=true&ler=empty&cdl=API_unavailable&it=1727378090473&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1727378090131-9a110002-3ef6-44d4-85da-728f6f207ffc&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419032409680426988"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf8c0c7b13752e5c8","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:2032434213530514","7830:2032434213530514","10853:2032434213530514","41:2032434213530514","8046:2032434213530514"]},"debug_reporting":true,"debug_key":"3893735663590679423"}
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 1ln2bHarB92kyzl2ELZct+wAodFqoF4+RLRKzVMf4Y/dggXM+YINhP2mTFyDBFufbEtW57/n3AIibTXeOubhnA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419032409680426988", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=3342, tp=-1, tpl=-1, uplat=150, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 375ms
46ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1860478980705549&ev=viewedPage&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&rl=&if=false&ts=1727378090607&cd[category]=administrative&cd[content_name]=%2Freferral&cd[title]=Share%20and%20Earn%20-%20AvantStay&cd[url]=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&cd[platform]=web&sw=1600&sh=1200&v=2.9.168&r=stable&a=seg&ec=2&o=12318&fbp=fb.1.1727378090581.441312379553346637&ler=empty&cdl=API_unavailable&it=1727378090473&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1727378090134-00023ef6-a4d4-45da-b28f-6f207ffc7aed&tm=2&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1297, tbw=2889, tp=-1, tpl=-1, uplat=2, ullat=1
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
847 B 538ms
212ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1860478980705549&ev=viewedPage&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&rl=&if=false&ts=1727378090607&cd[category]=administrative&cd[content_name]=%2Freferral&cd[title]=Share%20and%20Earn%20-%20AvantStay&cd[url]=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&cd[platform]=web&sw=1600&sh=1200&v=2.9.168&r=stable&a=seg&ec=2&o=12318&fbp=fb.1.1727378090581.441312379553346637&ler=empty&cdl=API_unavailable&it=1727378090473&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-1727378090134-00023ef6-a4d4-45da-b28f-6f207ffc7aed&tm=2&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419032409226836659"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: XaiFIMltPgh99EAIDeJf5iGSc+bhlnysPDnxQG7yglZyIWn28hEK7a2HfNASzBk6MQ1MNWYG85xnbMIOicmTMA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419032409226836659", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=14, mss=1297, tbw=6917, tp=-1, tpl=-1, uplat=170, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
671 B 576ms
66ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612900960607&cb=1727378090615&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: c1644993d2bbce70169f210012a02ab3
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
content-length: 186
x-pinterest-rid: 1630057874327612

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
326 B 577ms
69ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22name%22%3A%22Share%20and%20Earn%20-%20AvantStay%22%2C%22event_id%22%3A%220a8248a2-dee7-49e0-a712-db5fe8171ccb%22%7D&tid=2612900960607&cb=1727378090616&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: d05ae0f39be40e9ed2960e044a3179b6
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU5qUmxabUZrTlRndFl6ZGpNUzAwT1dabExUbGxNekF0TjJRNU1EazBOVE00WkRrNA
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
content-length: 186
x-pinterest-rid: 1517433140605887

GET
H2 200 / Show response
ct.pinterest.com/user/ 320 B
326 B 577ms
69ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%22name%22%3A%22Share%20and%20Earn%20-%20AvantStay%22%2C%22event_id%22%3A%22bba0f42a-1c85-4bed-9cbb-fd58b13edefb%22%7D&tid=2612900960607&cb=1727378090617&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 2f3a95ce08cbf2bb09b5dd259cbc7b39
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU9ETTNNR1EzTjJVdE5UazJaQzAwTWpWa0xUa3paRE10WlRJeE0ySTJOVEJrTlRCaQ
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
content-length: 186
x-pinterest-rid: 6997084707391066

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 344 KB
110 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7YL6FP9TP1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8NCP7D&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5769aabb7a572bd790034c54797ead4808330a4ac03934d8a8a2a5f1c7c6330f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Sep 2024 19:14:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112262
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 58ms
58ms XHR
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=680625991&t=pageview&_s=1&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&ul=de-de&de=UTF-8&dt=Share%20and%20Earn%20-%20AvantStay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACgDIAD~&jid=1117622942&gjid=1012101984&cid=1172313301.1727378089&tid=UA-115105293-1&_gid=1309040402.1727378089&_r=1&gtm=45He49n0n81K8NCP7Dv830218552za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=1465805108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://avantstay.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8NCP7D&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: gzip
age: 6281
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 19:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 17:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 392ms
38ms Script
application/javascript 2a02:26f0:3500:10::210:a9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8NCP7D&l=dataLayer

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: max-age=59216
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 26 Sep 2024 19:14:51 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 63570.js Show response
sleeknotecustomerscripts.sleeknote.com/ 1 B
489 B 322ms
44ms Script
text/javascript 108.138.36.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotecustomerscripts.sleeknote.com/63570.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8NCP7D&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-102.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: gzip
x-amz-version-id: LuOocE36_Vn.M8HZ5ExKBX0yV4ozzR.u
etag: "ac9f02b3a33550e7d565636540428067"
age: 5
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: GUV1DoPkSwa8vKNtzFjZbgrXGRcDurxe3sjex5vV_0WklNrjAF_Mwg==
date: Thu, 26 Sep 2024 19:14:47 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 07:18:49 GMT
cache-control: max-age=60
via: 1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 21
x-amz-cf-pop: MUC50-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 275 KB
94 KB 88ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-726184713&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8NCP7D&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1aacb9e8c86e7006d499506d337cc47a810945e84b21522c0864914882dc98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Thu, 26 Sep 2024 19:14:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Sep 2024 18:18:03 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96322
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 os.min.js Show response
s.opensend.com/ 34 KB
10 KB 381ms
60ms Script
text/javascript 18.173.187.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.opensend.com/os.min.js
Requested by: Host: avantstay.com
URL: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-71.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd7d32a54f8f81c325ffe074bd515707bd15c12daf19b51312943aaba69c4ff7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

x-amz-cf-pop: MUC50-P4
content-encoding: br
etag: W/"e2ff3025d52acb10d2cdde6fec6b8e99"
age: 62887
via: 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: n84xzlc_V9fsUDzmBa94bbfMJXkEJkDRp4zf_EKrM7nE0M-5COjNhQ==
date: Thu, 26 Sep 2024 01:46:45 GMT
content-type: text/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Mon, 09 Sep 2024 05:40:16 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
210 B 474ms
67ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2612900960607&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1727378090716
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/9c7d8e35cf8144a0c49b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: 4c7782f03310614f03a9b587a09afbda
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 26 Sep 2024 19:14:51 GMT
x-pinterest-rid: 2639416472976086
content-type: image/gif

GET
H2 204 0
bat.bing.com/action/ 0
286 B 80ms
80ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149005163&Ver=2&mid=65cf8d14-b73d-4e63-8f54-72663516462e&sid=9a6818607c3b11ef82394b95319acc97&vid=9a686ab07c3b11efb084a3fb0b2dadd9&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Share%20and%20Earn%20-%20AvantStay&kw=short%20term%20rentals,group%20travel,experiential%20travel,vacation,vacation%20rental&p=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&r=&lt=1726&evt=pageLoad&sv=1&cdb=ARoR&rn=825080

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69AD936EF826492D9CE1AD077F3068F3 Ref B: FRA31EDGE0208 Ref C: 2024-09-26T19:14:50Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 19:14:50 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 3 KB
3 KB 162ms
158ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=JW0T0&isInFrame=false&isNative=false
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:50 GMT
content-type: text/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin

POST
H2 204 collect Show response
region1.analytics.google.com/g/ 0
543 B 361ms
48ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7YL6FP9TP1&gtm=45je49n0v9103656083z8830218552za200zb830218552&_p=1727378090273&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533421~101671035~101747727&cid=1172313301.1727378089&ecid=1634696819&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727378090&sct=1&seg=0&dl=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&dt=Share%20and%20Earn%20-%20AvantStay&en=page_view&_fv=1&_ss=1&tfd=3764
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://avantstay.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
552 B 378ms
60ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7YL6FP9TP1&cid=1172313301.1727378089&gtm=45je49n0v9103656083z8830218552za200zb830218552&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533421~101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7YL6FP9TP1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://avantstay.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 384ms
74ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7YL6FP9TP1&cid=1172313301.1727378089&gtm=45je49n0v9103656083z8830218552za200zb830218552&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101533421~101671035~101747727&tag_exp=101533421~101671035~101747727&z=2118606809

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Sep 2024 19:14:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 200 726184713
google.com/pagead/form-data/ 0
0 347ms
71ms Ping
text/html 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/pagead/form-data/726184713?gtm=45be49n0v884549481z8830218552za201zb830218552&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&frm=0&pscdl=noapi&auid=1318367445.1727378091&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-726184713&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

POST
H3 204 726184713
google.com/ccm/form-data/ 0
20 B 234ms
62ms Ping
text/plain 216.58.206.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google.com/ccm/form-data/726184713?gtm=45be49n0v884549481z8830218552za201zb830218552&gcd=13l3lPl2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&frm=0&pscdl=noapi&auid=1318367445.1727378091&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-726184713&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil07s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://avantstay.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
615 B 467ms
213ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E1B8054CE75D4DB484D51CC2AD3B3424 Ref B: FRAEDGE2017 Ref C: 2024-09-26T19:14:51Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYjCo2KF0G/YnhcwHgoFQ==
x-li-proto: http/2
access-control-allow-origin: https://avantstay.com
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 19:14:51 GMT
vary: Origin

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
812 B 477ms
229ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tm=gtmv2
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://avantstay.com/

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 0006230a8d8a436df7ddb1d592a908cf
x-msedge-ref: Ref A: 860EBFB8708B45A09D304EE6A49ED685 Ref B: FRAEDGE1816 Ref C: 2024-09-26T19:14:51Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYjCo2KQ2333bHVkqkIzw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaig...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campai...

0
264 B

313ms
140ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tm=gtmv2&e_ipv6=AQIG910LPpw7lQAAAZIvwe4Q5nU6pojlixCyV_XKU0D8WUEmhjZN3V-BWm7gDN2lZqqMOqSn
Requested by: Host: avantstay.com
URL: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 91F8B3D95FB14C309EF71037FA9C2C32 Ref B: FRAEDGE1406 Ref C: 2024-09-26T19:14:51Z
x-li-fabric: prod-lva1
x-li-uuid: AAYjCo2OwOrkYzoNdqtIpA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2818114&time=1727378091194&url=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&tm=gtmv2&e_ipv6=AQIG910LPpw7lQAAAZIvwe4Q5nU6pojlixCyV_XKU0D8WUEmhjZN3V-BWm7gDN2lZqqMOqSn
x-msedge-ref: Ref A: 052BFCD179894C0D842F822E12E1F361 Ref B: FRAEDGE2017 Ref C: 2024-09-26T19:14:51Z
x-li-fabric: prod-lva1
x-li-uuid: AAYjCo2J1FoTfN5inV9ayw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 26 Sep 2024 19:14:51 GMT

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
685 B 67ms
66ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22name%22%3A%22Share%20and%20Earn%20-%20AvantStay%22%2C%22event_id%22%3A%220a8248a2-dee7-49e0-a712-db5fe8171ccb%22%7D&tid=2612900960607&cb=1727378091238&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22pin_unauth%22%3A%22dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: a1a335e74f548b1cfdc08c7db4e89150
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 26 Sep 2024 19:14:51 GMT
x-pinterest-rid: 1828476895865815
content-type: image/gif

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
686 B 73ms
73ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22name%22%3A%22Share%20and%20Earn%20-%20AvantStay%22%2C%22event_id%22%3A%22bba0f42a-1c85-4bed-9cbb-fd58b13edefb%22%7D&tid=2612900960607&cb=1727378091246&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22pin_unauth%22%3A%22dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 2
x-pinterest-rid-128bit: 6f0d31707f374fd3b9d942c47f8c2d6e
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 26 Sep 2024 19:14:51 GMT
x-pinterest-rid: 1339180837868379
content-type: image/gif

GET
H2 204 0
bat.bing.com/action/ 0
237 B 75ms
74ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=149005163&Ver=2&mid=65cf8d14-b73d-4e63-8f54-72663516462e&sid=9a6818607c3b11ef82394b95319acc97&vid=9a686ab07c3b11efb084a3fb0b2dadd9&vids=0&msclkid=N&ea=track&el=viewedPage&ec=administrative&p=https%3A%2F%2Favantstay.com%2Freferral&sw=1600&sh=1200&sc=24&evt=custom&cdb=ARoR&rn=426686

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C995422BC70946A1831BE937208D37D2 Ref B: FRA31EDGE0208 Ref C: 2024-09-26T19:14:51Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 26 Sep 2024 19:14:51 GMT

GET
H2

200

d17a320e-fe8a-46ab-9997-67773dd01510 Show response
oirt.aggle.net/r3r/
Redirect Chain

https://oirt.aggle.net/r3r
https://oirt.aggle.net/r3r/d17a320e-fe8a-46ab-9997-67773dd01510

76 B
236 B

211ms
210ms

Fetch
application/json

44.241.211.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/r3r/d17a320e-fe8a-46ab-9997-67773dd01510
Protocol: H2
Server: 44.241.211.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-211-120.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: a07e196169f67f29fca643ff7dd47aea43256736faf1a5a0bf8d622785a7d8ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-allow-origin: https://avantstay.com
content-length: 76
date: Thu, 26 Sep 2024 19:14:52 GMT
content-type: application/json
vary: Origin
server: gunicorn
access-control-allow-credentials: true

Redirect headers

location: https://oirt.aggle.net/r3r/d17a320e-fe8a-46ab-9997-67773dd01510
access-control-allow-credentials: true
access-control-allow-origin: https://avantstay.com
content-length: 313
date: Thu, 26 Sep 2024 19:14:52 GMT
content-type: text/html; charset=utf-8
vary: Origin
server: gunicorn

GET
H3 200 / Show response
ct.pinterest.com/user/ 35 B
438 B 91ms
90ms XHR
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=viewedPage&ed=%7B%22line_items%22%3A%5B%7B%22product_category%22%3A%22administrative%22%7D%5D%2C%22event_id%22%3A%22c03bf576-5b7a-4da2-9036-3af5cb87059c%22%7D&tid=2612900960607&pd=%7B%22pin_unauth%22%3A%22dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw%22%7D&cb=1727378091927&dep=4%2CTAGS_RECEIVED&stc=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
x-pinterest-rid-128bit: f78aec882d15d93b2a67c7c66afd3357
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443";ma=600
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: image/gif
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
content-length: 35
x-pinterest-rid: 3055630527206601

GET
H3 200 / Show response
ct.pinterest.com/v3/ 35 B
686 B 92ms
90ms Fetch
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=viewedPage&ed=%7B%22line_items%22%3A%5B%7B%22product_category%22%3A%22administrative%22%7D%5D%2C%22event_id%22%3A%22c03bf576-5b7a-4da2-9036-3af5cb87059c%22%7D&tid=2612900960607&pd=%7B%22pin_unauth%22%3A%22dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw%22%7D&cb=1727378091928&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 21
x-pinterest-rid-128bit: eba054ddb08ebf4635d3e8b50d7ee447
x-cdn: fastly
access-control-allow-credentials: true
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
access-control-allow-origin: https://avantstay.com
alt-svc: h3=":443";ma=600
content-length: 35
date: Thu, 26 Sep 2024 19:14:51 GMT
x-pinterest-rid: 3878699568409273
content-type: image/gif

GET
H2 200 48.bfd9523a.chunk.js Show response
avantstay.com/static/js/ 781 B
1 KB 54ms
48ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/48.bfd9523a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

ca8583bb9bfa4e2d1b06af0db95c67082afb1cc5260dd416594f5c7d9135d95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: c8f06fd7aaaaadd7d5e82118c2bdbfb9
content-encoding: gzip
etag: W/"da109e3b45ae7a606c5ddc234aa2baee"
age: 38982
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: _8tRClaALNqJbQ187TRrAb9s14ppQicB_gFV2Ahw8YrdM9uJ72pbcg==
date: Thu, 26 Sep 2024 08:25:09 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding,Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 38ed7a81ebf68698e87cb5fd9ad4a3b2.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 49.5e6428a4.chunk.js Show response
avantstay.com/static/js/ 645 B
1 KB 54ms
49ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/49.5e6428a4.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

8f3f9e7a29fe39a5cdf588ef1744210145dd064d0ca7452872f2219d4bbdf76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 9db19580bed8ce10a87ef0c7bafa5e20
content-encoding: gzip
etag: W/"a5b30e57eb87cbec6d6ed3618d224eb6"
age: 38983
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: xN6ixT-Tn8pKWVns0Dsw5b0FsHSmZYnKiNt1tKWw6nFdDs0rQvJYyA==
date: Thu, 26 Sep 2024 08:25:08 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding,Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 996b499c4a9b7f20b33db1aa6167db6c.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 50.446e3376.chunk.js Show response
avantstay.com/static/js/ 548 B
1 KB 62ms
57ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/50.446e3376.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

07c099c899dff527af4ae085ee5b19fff2d67cb04b531ab164066719bff0aa09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: c27411b6a80b403b9b492f3751fe1113
content-encoding: gzip
etag: W/"65b5205e60e03ec4367341d3c7435b14"
age: 38983
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: L6PVLuRdIzm-vx3nwVGww8XKa0ui_KWyo0LcvFFYirCf-uzba9hd8A==
date: Thu, 26 Sep 2024 08:25:08 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding,Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 d6eccaed6bcab76e8b9ccd6b59f866ba.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 51.447e53ce.chunk.js Show response
avantstay.com/static/js/ 743 B
1 KB 62ms
58ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/51.447e53ce.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

ab60c735b5c04c8fb64d4646c345b412c5ba55ba579811d256a318325464229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: 248211b9be9316df616471fa9ee1f3db
content-encoding: gzip
etag: W/"59241df59cf7a7c981927cf2d52cdb25"
age: 38982
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ww3YBYbNeSWDuFgwp78YW3CMXjcjyOMDNM97RZp0XIE-RizTAYRHQg==
date: Thu, 26 Sep 2024 08:25:09 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding,Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 52.58caeeaa.chunk.js Show response
avantstay.com/static/js/ 633 B
1 KB 61ms
57ms Script
text/javascript 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/static/js/52.58caeeaa.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

51d97dedf9ef752ff15448d3c0f41b18e0b4af5df3002b29d2b7dd03ad61a412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

content-encoding: gzip
etag: W/"cc1b7067982940ffc76ac7b85a023fda"
age: 102524
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: vcN_SOND83JmilYXcTou7zVCqji6ua8rp4MlpdEmBgIi6qxV2oWJJg==
date: Thu, 26 Sep 2024 08:29:17 GMT
content-type: text/javascript
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Accept-Encoding,Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 d6eccaed6bcab76e8b9ccd6b59f866ba.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 41ms
40ms Script
application/javascript 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
etag: "16d5d552603d86726ae439fc61299d42"
age: 3888
x-cdn: fastly
alt-svc: h3=":443";ma=600
content-length: 4103
date: Thu, 26 Sep 2024 19:14:51 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 1B66 0
0 150ms
67ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://avantstay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 26 Sep 2024 19:14:52 GMT
pinterest-version: d1f48dcf57598ed9a5410f2abb1bc1ec679a1bdf
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1329977915103795
x-pinterest-rid-128bit: 040184a3122b3860b8924eac30c37a08

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/FT4BYNQE3JCUHBCWKMARYC/ 98 KB
30 KB 870ms
45ms Script
text/javascript 2600:9000:26da:9600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/FT4BYNQE3JCUHBCWKMARYC/roundtrip.js
Requested by: Host: avantstay.com
URL: https://avantstay.com/static/js/48.bfd9523a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a013be874b83d302e8495ff25e85e586a8eb0b42f87149a34a5159ad9b093c62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

Access-Control-Max-Age: 600
Content-Encoding: gzip
X-Amz-Version-Id: xC1rIIlbI_uz40r.v5s3Qdhz9uimDN1c
Etag: W/"430819340b227cc6b4d249493bffa8fa"
Age: 514
Access-Control-Allow-Methods: GET
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: LX4aTF10ja9MxwKLPnY_0Nm821Dnrxs9_eF2lnqa6hEW5aQ9J2fXBQ==
Date: Thu, 26 Sep 2024 19:14:48 GMT
Content-Type: text/javascript; charset=utf-8
Vary: Accept-Encoding
Last-Modified: Mon, 23 Sep 2024 12:22:43 GMT
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked
Cache-Control: max-age=3600, must-revalidate
Connection: keep-alive
Access-Control-Allow-Credentials: false
Via: 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: MUC50-P4
Server: AmazonS3
X-Amz-Server-Side-Encryption: AES256

GET
H3 200 airgap.js Show response
transcend-cdn.com/cm/0da81816-85d0-49f5-ab1e-1d4328f81fee/ 106 KB
44 KB 203ms
131ms Script
text/javascript 172.64.147.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://transcend-cdn.com/cm/0da81816-85d0-49f5-ab1e-1d4328f81fee/airgap.js

Requested by

Host: avantstay.com
URL: https://avantstay.com/static/js/49.5e6428a4.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.147.18 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bb895edec3f0b7f5dda6570fce1af6df552bfb8a1eb53abf31d21f2681c32c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: HIT
etag: W/"092dede543f4dd47c3f8c9da0dcfc472"
age: 4
expect-ct: max-age=86400, enforce
access-control-allow-methods: GET,HEAD,OPTIONS
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 19:15:52 GMT
date: Thu, 26 Sep 2024 19:14:52 GMT
content-type: text/javascript
content-disposition: inline
vary: Accept-Encoding
cache-control: public, max-age=60
timing-allow-origin: *
referrer-policy: same-origin
cf-ray: 8c9594538d054510-TXL
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 189ms
98ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: avantstay.com
URL: https://avantstay.com/static/js/50.446e3376.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7f57f41b7746f421227a2508f6c570c03e415e65734f60b417d356d8774a446c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-encoding: br
etag: 5845654315649702698
x-content-type-options: nosniff
expires: Thu, 26 Sep 2024 19:14:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 26 Sep 2024 19:14:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52456
x-xss-protection: 0
server: cafe

GET reb2b.js.gz
s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQO92DH5YKN7/ 0
0

GET
H2

200

loader.js Show response
wisepops.net/
Redirect Chain

https://loader.wisepops.com/get-loader.js?v=1&site=aprvK2yJG6
https://wisepops.net/loader.js?v=1&site=aprvK2yJG6

93 KB
31 KB

468ms
12ms

Script
text/javascript

2606:4700:20::681a:f61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/loader.js?v=1&site=aprvK2yJG6
Protocol: H2
Server: 2606:4700:20::681a:f61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888732367371421ca402ff28e48e57236ccdb22e8f5c669253985918ac40c973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: public, max-age=1800, s-maxage=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
age: 3479
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLTHt5ISdHW02mMBYY0jyMSI8Sx7jq4K39eVhqLQueW9I48aCq7kL8ZZZ16q1rwJLOOeuSgfu7DwvNG3mxkb3Vg651O36ryRC6zwLbJB3J3%2FhcTath3r9pdBDxVW0Ct4ZsQXrjVv5CiFTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c95945a7a5cd37e-FRA
date: Thu, 26 Sep 2024 19:14:53 GMT
content-type: text/javascript
last-modified: Thu, 26 Sep 2024 18:16:54 GMT
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=3600
location: https://wisepops.net/loader.js?v=1&site=aprvK2yJG6
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdCwbplqESymFT9Nfl23g7mGOzxXXnuPr7OiVCCh7KwRrDzRQiy1AzrbghW0iuOpDVokgFuOMBX68RTn1Z%2BW3trcQUojkURcr6S5YsvJ%2BGrcwAdiYR5YvTc8rtLA1X4Levh1PcmMLFOBWNqnr4mIiyE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9594579e3f1e3e-FRA
expires: Thu, 26 Sep 2024 20:14:52 GMT
content-length: 167
date: Thu, 26 Sep 2024 19:14:52 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759875%2C44759926%2C44759842%2C31087437%2C31087439%2C44795922%2C95341937%2C95340253%2C95340255

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 26 Sep 2024 19:14:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 0da81816-85d0-49f5-ab1e-1d4328f81fee
sync-transcend-cdn.com/consent-manager/ Frame 30D9 0
0 328ms
79ms Document
application/xhtml+xml 2606:4700:4400::6812:2398
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync-transcend-cdn.com/consent-manager/0da81816-85d0-49f5-ab1e-1d4328f81fee

Requested by

Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/0da81816-85d0-49f5-ab1e-1d4328f81fee/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2398 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://avantstay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
age: 4901
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 8c959458cddf4db0-FRA
content-disposition: inline
content-encoding: br
content-type: application/xhtml+xml
date: Thu, 26 Sep 2024 19:14:52 GMT
etag: W/"e75f5fd6f2dab386a2d6b2ed2cb3492c"
expect-ct: max-age=86400, enforce
expires: Thu, 26 Sep 2024 19:15:52 GMT
referrer-policy: same-origin
server: cloudflare
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 csc Show response
oirt.aggle.net/ 288 B
785 B 327ms
267ms Fetch
application/json 44.241.211.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/csc
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.211.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-211-120.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 1590ed973baf41d61064783098551be7a3140951757abbad6fb535caf0fe812d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8
Referer: https://avantstay.com/

Response headers

cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: https://avantstay.com
content-length: 288
p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 26 Sep 2024 19:14:53 GMT
content-type: application/json
vary: Origin
server: gunicorn

OPTIONS
H2 200 csc
oirt.aggle.net/ Frame 0
0 658ms
227ms Preflight
text/html 44.241.211.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/csc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.211.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-211-120.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://avantstay.com
allow: OPTIONS, POST
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 26 Sep 2024 19:14:53 GMT
server: gunicorn
vary: Origin

GET
H2 200 FT4BYNQE3JCUHBCWKMARYC Show response
d.adroll.com/consent/check/ 546 B
639 B 324ms
69ms Script
application/javascript 2a05:d018:cc3:fe04:85f1:58fc:1ae3:edf7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/FT4BYNQE3JCUHBCWKMARYC?flg=1&pv=31795044761.79125&arrfrr=https%3A%2F%2Favantstay.com%2Freferral%3Ftab%3Dfriends%26utm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Drefer%26utm_campaign%3Demail_adhoc_holidaybookings_all_09262024%26utm_source%3Demail%26utm_medium%3Dcrmadhoc&_s=16b945d211821a391219b790f9533868&_b=2
Requested by: Host: transcend-cdn.com
URL: https://transcend-cdn.com/cm/0da81816-85d0-49f5-ab1e-1d4328f81fee/airgap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:85f1:58fc:1ae3:edf7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ba14688a54c0aaa2a9f716fb73d5bb1eb49a11c1747521ee9ab3e7753be48b10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/

Response headers

content-length: 546
date: Thu, 26 Sep 2024 19:14:53 GMT
content-type: application/javascript
server: nginx/1.22.1

POST
H2 200 id Show response
wisepops.net/ 139 B
609 B 349ms
221ms Fetch
application/json 2606:4700:20::681a:f61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/id?h=aprvK2yJG6&vid=&eid=
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af2e827524aa761b2bfee1f02135dbd082fe01ca558676ff2d57810dec8aa1c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://avantstay.com/

Response headers

access-control-max-age: 86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3dIrjKYwM6vVvgNMCKNdwDgO9qT2g5wkNpoPYWgVrpRAr5qNDfsBKSng9YbffyDqqKu488N%2FB%2BCVslx08Oo6Lu6GRNILVLs9vAxjF8ZXKLHCooB9%2FoW6FZRIgfenksjRUEFdBqt80OMUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
cf-ray: 8c95945cc9089274-FRA
access-control-allow-origin: *
date: Thu, 26 Sep 2024 19:14:53 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: *

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 285ms
213ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=JW0T0&UserId=ed4219ed-eb28-4695-9a76-0e20e7636342&SessionId=8cc4ce95-aaaf-4db9-a999-7997a8ca4e8b&PageId=e1c12675-9e17-4355-8255-aa345db837b8&Seq=1&ClientTime=1727378093468&PageStart=1727378090794&PrevBundleTime=0&LastActivity=2130&IsNewSession=true&ContentEncoding=gzip
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ce26abe2ec651f93ad8b4d2cd790f67a881203fc889607a19a274a873e20747f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://avantstay.com/

Response headers

via: 1.1 google
access-control-allow-origin: https://avantstay.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
date: Thu, 26 Sep 2024 19:14:53 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 favicon.png
avantstay.com/ 2 KB
3 KB 62ms
52ms Other
image/png 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

17227564ff09fdd0cff07c621f6410ad82f0fdd819a6d97d6bbd4d016150e69a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

x-request-id: bda900b330a7d1126dad706e9c02891e
etag: "bf710ddd3ed9bdbd190ba10dbbdc493a"
age: 101305
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: F8a511m6SxEOKNQAXKle6Udz5SwZigDeycZVb3nzxfUf84r4Zk9VZg==
date: Thu, 26 Sep 2024 09:00:52 GMT
content-type: image/png
last-modified: Wed, 25 Sep 2024 12:58:11 GMT
vary: Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0, s-maxage=31536000
referrer-policy: strict-origin-when-cross-origin
via: 1.1 4cdcf8406ed0f002560c00fdc60b6ee0.cloudfront.net (CloudFront), 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
content-length: 2320
x-xss-protection: 1; mode=block
x-amz-cf-pop: CMH68-P4, MUC50-P1

GET
H2 200 favicon.ico
avantstay.com/ 15 KB
3 KB 508ms
477ms Other
image/x-icon 18.66.192.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avantstay.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-38.muc50.r.cloudfront.net

Software

Resource Hash

3a4429e118ada6258255e4ffae8d8a9100c10dd8f12436cd9693d61ec2f8191c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://avantstay.com/referral?tab=friends&utm_source=newsletter&utm_medium=email&utm_campaign=refer&utm_campaign=email_adhoc_holidaybookings_all_09262024&utm_source=email&utm_medium=crmadhoc

Response headers

content-encoding: gzip
etag: W/"3c2e-1922cc26f68"
x-content-type-options: nosniff
x-cache: Miss from cloudfront
x-amz-cf-id: 2wTkXQF9CTYXTt4w1zTnP2Dc7kST3-jRXaseby5dXKmuoUuw6zMFdA==
date: Thu, 26 Sep 2024 19:14:53 GMT
content-type: image/x-icon
last-modified: Thu, 26 Sep 2024 05:16:33 GMT
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: public, max-age=0
referrer-policy: strict-origin-when-cross-origin
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-using-nginx-controller: true
accept-ranges: bytes
x-xss-protection: 1; mode=block
x-amz-cf-pop: MUC50-P1

POST
H2 200 my-wisepop Show response
wisepops.net/ 243 B
575 B 388ms
341ms XHR
application/json 2606:4700:20::681a:f61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wisepops.net/my-wisepop
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00645a9389408aeecc41d888c393c9f7702e73a97b23e135deaf79d29c36b5b5

Request headers

Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-max-age: 86400
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLLhyOODXeHs2EFSdrq5WpH8idTdEtlG0SlyC24dm%2BttHNyDjIH%2FOv27bbdR71b8v2%2FFVC1ezPg5T4QmYikAQH98MmwHqM1HLsFJbeFKxRL5w%2FDIZiPmoQhJFcoPMtt6APeeJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, POST, GET
date: Thu, 26 Sep 2024 19:14:54 GMT
content-type: application/json
vary: Accept-Encoding
x-cloud-trace-context: cbba12b0850b3e964e41b594f8ce662b
access-control-allow-headers: *
cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c95945ebbcf9274-FRA
access-control-allow-origin: *
content-length: 209
server: cloudflare

POST
H2 200 / Show response
activity.wisepops.com/ 0
279 B 251ms
247ms Fetch 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.45&site=aprvK2yJG6
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

source: loader
Referer: https://avantstay.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JrK%2Fdy02gAGJuwM2hEe24h%2BAzGSvdx7hcSSnSjHoiXGp2WdO1y3E9rcEnfGToFT5hU498HIMwL4udFMKqJb11rlTBT06I%2FLd%2FH7DOwiMWdFQJurfbeUbOYVEi%2B%2B7WYQfnh%2B%2F5d%2Bf%2F7iFM4JdaTAjKWmwOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9594674bd618b7-FRA
access-control-allow-origin: *
content-length: 0
date: Thu, 26 Sep 2024 19:14:55 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

OPTIONS
H2 200 /
activity.wisepops.com/ Frame 0
0 397ms
204ms Preflight 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://activity.wisepops.com/?v=2.1.45&site=aprvK2yJG6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,source
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type, source
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 8c959465fa4018b7-FRA
content-length: 0
date: Thu, 26 Sep 2024 19:14:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rxmm%2BZSnXW8k7EYMGSkLjmuFUazHTN0aTTl4A1GMEEF7zHnYvFqlPwxTdX4oegy9HkmMLNKRYrCUQ0HHubkxZn%2FPHxUMQRhWIbA0Q2lF9iTG6Kjm5aymd3GML86mO2QvfarYTfnwIHnuAfY32SezUXQtPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 ack
oirt.aggle.net/ Frame 0
0 825ms
825ms Preflight
text/html 44.241.211.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/ack
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.211.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-211-120.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://avantstay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://avantstay.com
allow: POST, OPTIONS
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 26 Sep 2024 19:14:58 GMT
server: gunicorn
vary: Origin

POST
H2 200 ack Show response
oirt.aggle.net/ 16 B
225 B 254ms
252ms Fetch
application/json 44.241.211.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oirt.aggle.net/ack
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.241.211.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-241-211-120.us-west-2.compute.amazonaws.com
Software: gunicorn /
Resource Hash: 422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json;charset=UTF-8
Referer: https://avantstay.com/

Response headers

cache-control: no-store
access-control-allow-credentials: true
access-control-allow-origin: https://avantstay.com
content-length: 16
p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 26 Sep 2024 19:14:59 GMT
content-type: application/json
vary: Origin
server: gunicorn

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/b2bjsstore/b/ZQO92DH5YKN7/reb2b.js.gz

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.avantstay.com/	1970-01-20 23:51:04	Name: iterableEmailCampaignId Value: 11183080
.avantstay.com/	1970-01-20 23:51:04	Name: iterableTemplateId Value: 14711566
.avantstay.com/	1970-01-20 23:51:04	Name: iterableMessageId Value: d96c54d51f7e4de6b850f149451e8e73
.avantstay.com/	1970-01-21 08:35:14	Name: iterableEndUserId Value: gary.hammer%40swri.org
links.avantstay.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 99ddaa5c447e5fa531d43d8b4744eb9671241306-1727378087779-bf67caf41935ba5f37d4f8bb
.affirm.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 7vnUTwE141UZzwWcnu58lhvehuEg85DTUmg1SbxMXiE-1727378089102-0.0.1.1-604800000
.avantstay.com/	1970-01-20 23:51:04	Name: _gid Value: GA1.2.1309040402.1727378089
.avantstay.com/	1970-01-21 00:32:50	Name: ndp_session_id Value: 3372863d-51d8-406b-bb52-1c49380cb8a2
.avantstay.com/	1970-01-20 23:49:38	Name: _gat Value: 1
.affirm.com/	1970-01-21 09:25:38	Name: tracker_device Value: 7fd5d061-3b83-4cc8-a631-b41435d825c7
.affirm.com/	1970-01-21 09:25:38	Name: t_v2_s Value: IjdmZDVkMDYxLTNiODMtNGNjOC1hNjMxLWI0MTQzNWQ4MjVjNyI.GddEKQ.6WMGg61r_YofCRDAeupYTPJzxVM
.affirm.com/	1970-01-21 09:25:38	Name: 3060738.3440491 Value: 7fd5d061-3b83-4cc8-a631-b41435d825c7
api-cf.affirm.com/	1970-01-21 09:25:38	Name: session Value: eyJfcGVybWFuZW50Ijp0cnVlfQ.GddEKQ.-7W1B-aUcsor9xDwgKo_8RMUm74
avantstay.com/	1970-01-21 09:25:38	Name: tracker_device Value: 7fd5d061-3b83-4cc8-a631-b41435d825c7
.avantstay.com/	1970-01-21 08:35:14	Name: ajs_anonymous_id Value: bcd49a11-0002-4ef6-a4d4-85da728f6f20
.avantstay.com/	1970-01-21 08:35:14	Name: analytics_session_id Value: 1727378090145
.avantstay.com/	1970-01-21 08:35:14	Name: analytics_session_id.last_access Value: 1727378090152
.avantstay.com/	1970-01-21 01:59:14	Name: _fbp Value: fb.1.1727378090581.441312379553346637
.doubleclick.net/	1970-01-20 23:49:38	Name: test_cookie Value: CheckForPermission
.avantstay.com/	1970-01-21 01:59:14	Name: _gcl_au Value: 1.1.1318367445.1727378091
.avantstay.com/	1970-01-20 23:49:38	Name: _gat_UA-115105293-1 Value: 1
.twitter.com/	1970-01-21 09:25:38	Name: personalization_id Value: "v1_/MvUVaPVJZzcj1XN+lMorw=="
.avantstay.com/	1970-01-20 23:49:39	Name: fs_lua Value: 1.1727378090514
.avantstay.com/	1970-01-21 08:35:14	Name: fs_uid Value: #JW0T0#ed4219ed-eb28-4695-9a76-0e20e7636342:8cc4ce95-aaaf-4db9-a999-7997a8ca4e8b:1727378090514::1#/1758914092
.bing.com/	1970-01-21 09:11:14	Name: MUID Value: 20AFD06FDB0763782644C569DA8C621C
.t.co/	1970-01-21 09:25:38	Name: muc_ads Value: 5ca0d5f0-b08c-42af-abe0-92f307aada33
.t.co/	1970-01-20 23:49:39	Name: __cf_bm Value: n9_1L3Gm.mFEaw7MorrC2HEqRk5P_BIl9a_IuOR_ZhU-1727378090-1.0.1.1-6TiZjWGe8dluH5V3teiWoKimNwS2r9hx_eXBPM5GV2Vp.tk.1JvbWsYCWC1Fw26WzDp6P64EKooA9Jp8q323KA
.avantstay.com/	1970-01-21 09:25:38	Name: _ga_7YL6FP9TP1 Value: GS1.1.1727378090.1.0.1727378090.60.0.1634696819
.avantstay.com/	1970-01-21 09:25:38	Name: _ga Value: GA1.1.1172313301.1727378089
.pinterest.com/	1970-01-21 08:35:14	Name: ar_debug Value: 1
.avantstay.com/	1970-01-21 08:35:14	Name: _pin_unauth Value: dWlkPU4ySmhPREF6TldRdE1UYzJNeTAwTTJGakxXRTNZV1F0WmpObVl6Z3daVFF6TW1NMw
.avantstay.com/	1970-01-20 23:51:04	Name: _uetsid Value: 9a6818607c3b11ef82394b95319acc97
.avantstay.com/	1970-01-21 09:11:14	Name: _uetvid Value: 9a686ab07c3b11efb084a3fb0b2dadd9
.bing.com/	1970-01-21 09:11:14	Name: MSPTC Value: 74HWZVUMTfMYJkNyfz_FtCqhBkicvE4Nc0dCId6OpN8
.linkedin.com/	1970-01-21 08:35:14	Name: bcookie Value: "v=2&d18dedce-3fb8-475f-8003-6d64c07194bf"
.linkedin.com/	1970-01-21 04:08:50	Name: li_gc Value: MTswOzE3MjczNzgwOTE7MjswMjGD0ea785vI9nufyq6/NJyEXXZ/7jL49vl6k4MMK7C1GQ==
.linkedin.com/	1970-01-20 23:51:04	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2945:u=1:x=1:i=1727378091:t=1727464491:v=2:sig=AQFnxmirReogddUUdMabsEE670-Cigvs"
.ct.pinterest.com/	1970-01-21 08:35:14	Name: _pinterest_ct_ua Value: "TWc9PSZ2Q2t2TytaSFp4WFFnaVRjL2Qra1VET1QzK3VzOTIzalJ1SHJJZjVlRklVdjArTHBQZDUvajVSMklzTlM3bVJPL0EwM0NHeHZma1owWHBtdUtweFBtWEx3Tnc4RXcvVitPZTkzNE1nOE45OD0mOEI1ZjkwQ3RWOEFLN3NMUXJJbnpBL1hEVUhzPQ=="
avantstay.com/	1970-01-21 09:25:38	Name: wisepops Value: %7B%22popups%22%3A%7B%7D%2C%22sub%22%3A1%2C%22ucrn%22%3A46%2C%22cid%22%3A%2266060%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.aggle.net/	1970-01-21 08:35:14	Name: __uidcei Value: d17a320e-fe8a-46ab-9997-67773dd01510
.aggle.net/	1970-01-21 08:35:14	Name: __ustcel Value: gAAAAABm9bKtzE4udl3QJRygQgH-uXmz7hzqO2y66ZBkwdkUQ9dRPfbEgla5FdPh39FSzdwr6rpe4pQ9dGT7CRuYND-PbFa9JprKoadgZ99EdxDbfre3ENA
avantstay.com/	1970-01-21 09:25:38	Name: wisepops_visitor Value: %7B%22aprvK2yJG6%22%3A%227fc05f61-315f-4ca1-b17d-283685ead28b%22%7D
avantstay.com/	1970-01-21 09:25:38	Name: wisepops_visits Value: %5B%222024-09-26T19%3A14%3A52.008Z%22%5D
avantstay.com/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222024-09-26T19%3A14%3A52.008Z%22%2C%22mtime%22%3A1727378093814%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22sticky%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%22source%22%3A%22newsletter%22%2C%22medium%22%3A%22email%22%2C%22campaign%22%3A%22refer%22%7D%2C%22testIp%22%3Anull%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.wisepops.com
ads.nextdoor.com
analytics.twitter.com
api-cf.affirm.com
api.segment.io
arriere.prod.avantstay.com
avantstay.com
bat.bing.com
cdn-assets.affirm.com
cdn.segment.com
cdn1.affirm.com
connect.facebook.net
ct.pinterest.com
d.adroll.com
edge.fullstory.com
flask.nextdoor.com
google.com
googleads.g.doubleclick.net
imglite.avantstay.com
links.avantstay.com
loader.wisepops.com
oirt.aggle.net
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rs.fullstory.com
s.adroll.com
s.opensend.com
s.pinimg.com
s3-us-west-2.amazonaws.com
sleeknotecustomerscripts.sleeknote.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-transcend-cdn.com
t.co
tracker.affirm.com
transcend-cdn.com
wisepops.net
www.affirm.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
s3-us-west-2.amazonaws.com
104.244.42.3
108.138.36.102
13.107.42.14
13.35.58.148
142.250.184.194
142.250.184.206
142.250.185.100
142.250.185.226
142.250.185.66
146.75.120.157
151.101.128.84
151.101.192.84
151.101.64.84
157.240.252.13
162.159.140.33
172.64.147.18
172.66.0.227
172.66.0.33
18.173.154.36
18.173.187.71
18.66.192.38
2001:4860:4802:34::36
216.58.206.67
216.58.206.78
2600:9000:237d:f600:f:7aac:d8c0:93a1
2600:9000:26da:9600:6:9280:1080:93a1
2606:4700:20::681a:a13
2606:4700:20::681a:b13
2606:4700:20::681a:f61
2606:4700:4400::6812:2398
2620:1ec:21::14
2620:1ec:33::10
2a00:1450:4001:80b::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c1d::9a
2a02:26f0:3500:10::210:a9b
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::84
2a05:d018:cc3:fe04:85f1:58fc:1ae3:edf7
35.186.194.58
35.201.112.186
44.237.246.103
44.240.52.117
44.241.211.120
52.15.224.98
52.85.65.113
00645a9389408aeecc41d888c393c9f7702e73a97b23e135deaf79d29c36b5b5
007162d7f262f0d0cae5591fb6481ea8c1601bd60ab1944b383d97117a439e0d
01dfa8d42bf35759baf3b91c3ba7a28b83c26ab15eab56b5f0e9b5d3eb1051d6
0500d900a4f752a3685ed812c4627c31cf423ec0fee85eebab46e8f2a794960e
0547b1e89df849a6792f21b3758bf30722023bedcf73d2b6bdc6ff077f6319dd
05de7ac3f23baa9c7b8c799c3c0df8cd8c214d40d0c56ba52340ab75e38159d4
07c099c899dff527af4ae085ee5b19fff2d67cb04b531ab164066719bff0aa09
080a976acd38383b641054bada5c15d2644286f9a8d62135658abd0971a3923e
0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590
0e509e651e110856343413513c9d2628c20ad33896eb2d15fb1e74b4b8edf0d8
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1590ed973baf41d61064783098551be7a3140951757abbad6fb535caf0fe812d
17227564ff09fdd0cff07c621f6410ad82f0fdd819a6d97d6bbd4d016150e69a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ff3be30c995f580a2bc09c1cf4967a472d568f36ff3a077d2f44e91946fd47e
20de2de93c034f0e1ed81727065936b52b3bedb10a612cc28afea038c740ef2f
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2c9b402229c75c1102185ddaaf6716014c3434ded4d9968d8fad452c27439ebf
2d9571a0e4effdb57e4571b54f851ac70ffd22421a8eb5baee62459d70aaad4f
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39679a28010558ee16979426f91e9bf106befb009aa1db0d682e953de748068d
3a4429e118ada6258255e4ffae8d8a9100c10dd8f12436cd9693d61ec2f8191c
3e0ac60eec781c7bbc2a5d0c043798eb96963f5042b9c8434c9806b62a9b0217
412591e7b500552cb0cd02e3575531276915a8d5b9ba174c6f82144abc19a923
422ed3ad15da2c2647708eb9302934c5494a80e04bd30732dd749956feef331d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bbafe9f5e4b6d898f55808912cad9b7db9b91b6056ec07f9795d115184a7eeb
4c4e379fb56910681c772365cf696333171c9cabea7b4072dcb1077d51a51c9b
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4df53644d1c9fd651ccfd697977eb07d94cd744b0a4997568d67cc25ef44e483
504bcee37098da8ed171881ac8d996c8ecc68cb12618e096d88e77fdb6670633
505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c
51d97dedf9ef752ff15448d3c0f41b18e0b4af5df3002b29d2b7dd03ad61a412
56737b5a2e58cb4ed16bcc274f854aeaca9ed454d71da7186db6744785f880b7
5769aabb7a572bd790034c54797ead4808330a4ac03934d8a8a2a5f1c7c6330f
5bd78f590d60c4c422ca73743b65e8a402318f1d138469c0fae3623ff331f5cb
671580901ecf7ed7c150759e6d637f9d6b0d250968d31c504d662312ceb9aa3f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab
7022b9e24be497983ba3d281099f4e83730064a964445aa7162f2d7ee877cfbd
70f07df8529a5da355e70cb8fd1a2c6cdbe6dec83a5332bfcf06f5a917e6e607
7378757b932b127a01292f50213a03c857e3c9d902ab6dbd6ac3ec2e77317ff3
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
74b2fb80843e534e76b7bb008e23499b857e187b70acd7fcc8eedffe8ffbaa6f
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7bb895edec3f0b7f5dda6570fce1af6df552bfb8a1eb53abf31d21f2681c32c6
7e6821f36b881f3c77af1ea303c005705ae9f747ecb57c86908d67ddad59b2c7
7f57f41b7746f421227a2508f6c570c03e415e65734f60b417d356d8774a446c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87da7dc6bdd6dc24992398ce53839263b8999503dbba39de3807dae982b6f641
888732367371421ca402ff28e48e57236ccdb22e8f5c669253985918ac40c973
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8cf6ba7787157923c49017b9f1d5bb7c03b2e11082acd622733c205fa8a32580
8f3f9e7a29fe39a5cdf588ef1744210145dd064d0ca7452872f2219d4bbdf76d
8f9db17db87a17891eee947a12ba2fb9d92aae5040c2c047d7eaece4b565c567
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
924aebf24af414b12986f4af470b2ac7b61d765897f9e222c0af15805de9ae40
979d977217c7032b1cd864c0b65ce5d4ff834aa9ca116198873299b5a60cfc9a
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
a013be874b83d302e8495ff25e85e586a8eb0b42f87149a34a5159ad9b093c62
a07e196169f67f29fca643ff7dd47aea43256736faf1a5a0bf8d622785a7d8ba
a17ec323f9cff43dc7d6d68814aeca4cc276e780a741676809ccff801c74a193
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab60c735b5c04c8fb64d4646c345b412c5ba55ba579811d256a318325464229f
abf02b102b9a3198ff54ed6495734d2591c3ba09ab90742cd09ec0b3d9cb4228
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad4ec56c04477d9acc30ce9a07150d3b241ea38d96ec99aa0c6617e2379f1445
af2e827524aa761b2bfee1f02135dbd082fe01ca558676ff2d57810dec8aa1c9
b1047b748ff7ac9f1eca19e9a6173b8cd27245b159587606d7bc1313b7ead738
b1aacb9e8c86e7006d499506d337cc47a810945e84b21522c0864914882dc98c
ba14688a54c0aaa2a9f716fb73d5bb1eb49a11c1747521ee9ab3e7753be48b10
c81ed6c82ca5d254806e7fd8da18707dd706d41071b2cfa8528dad9a9365c8c9
ca182a951557bfc0317f089dababe7a4661315f200f13fdac1d92cf0f04ccaac
ca8583bb9bfa4e2d1b06af0db95c67082afb1cc5260dd416594f5c7d9135d95a
ce26abe2ec651f93ad8b4d2cd790f67a881203fc889607a19a274a873e20747f
d3c152ca093e7ec5c6057efc8103406e0b50ad7e3328f2f9fdd854193764709f
db6077654ffdc5d372dc6fc5869937bb3ed0353fc81d1493e11a534b9a2059ab
dd7d32a54f8f81c325ffe074bd515707bd15c12daf19b51312943aaba69c4ff7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e843785b7f2b538edbdbd2c2901491b157956d5fa46df0fa8c1b4f27dd661578
e8e9572f007fadd6e99822807a113a4917836c22152b04c4f515eb1c98d06084
e91bd6d37a2d6c0a38558cfe458338d7f0437252d5d4e3ebfffa5d2ba8e5aaa2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f096ce734167fdc84bb91efbbf38572df18a83346cd8abdf9119a8f0282c6388
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
f968cb2b5f6bdd99e1f63995a37b2296d8c43aed0d8d74d4879612df9ce2ff4d

avantstay.com Open in urlscan Pro 18.66.192.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

96 %HTTPS

35 %IPv6

32 Domains

47 Subdomains

44 IPs

5 Countries

2128 kBTransfer

6453 kBSize

44 Cookies

16 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

avantstay.com Open in urlscan Pro
18.66.192.38 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

96 %
HTTPS

35 %
IPv6

32
Domains

47
Subdomains

44
IPs

5
Countries

2128 kB
Transfer

6453 kB
Size

44
Cookies

138 HTTP transactions
0 data transactions