www.raynatours.com Open in urlscan Pro
2606:4700:20::681a:c1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.raynatours.com/
Effective URL:
https://www.raynatours.com/
Submission: On January 25 via api (January 25th 2024, 9:34:41 am UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 42 domains to perform 136 HTTP transactions. The main IP is 2606:4700:20::681a:c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.raynatours.com.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.

This is the only time www.raynatours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700:20:... 2606:4700:20::681a:c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:244... 2600:9000:2447:2e00:1c:c5b0:3380:21	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:20a... 2600:9000:20a0:8c00:3:6e16:88c0:21	16509 (AMAZON-02) (AMAZON-02)
26	2a04:4e42:8e:... 2a04:4e42:8e::720	54113 (FASTLY) (FASTLY)
1	2600:9000:21f... 2600:9000:21f3:ee00:12:7439:dc0:21	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:211... 2600:9000:211e:8000:7:2db5:59c0:21	16509 (AMAZON-02) (AMAZON-02)
4	95.211.169.194 95.211.169.194	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	99.86.4.6 99.86.4.6	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2600:9000:249... 2600:9000:2490:9800:11:652e:c280:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	5.196.111.73 5.196.111.73	16276 (OVH) (OVH)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2.19.126.72 2.19.126.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	63.33.78.63 63.33.78.63	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	52.215.255.98 52.215.255.98	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.158.26.107 18.158.26.107	16509 (AMAZON-02) (AMAZON-02)
1	52.89.135.99 52.89.135.99	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	52.28.236.76 52.28.236.76	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:a74b:1068:1430:1246	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.154.71.202 54.154.71.202	16509 (AMAZON-02) (AMAZON-02)
1	35.156.125.55 35.156.125.55	16509 (AMAZON-02) (AMAZON-02)
1	108.129.8.189 108.129.8.189	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3034::6815:58c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
136	52

11 2606:4700:20::681a:c1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.raynatours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2447:2e00:1c:c5b0:3380:21 (United States)

ASN16509 (AMAZON-02, US)

djz6nvrucsv66.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:20a0:8c00:3:6e16:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1i3enf1i5tb1f.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a04:4e42:8e::720 (United States)

ASN54113 (FASTLY, US)

cdn-images-rayna.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:ee00:12:7439:dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d61181q6hf07.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:211e:8000:7:2db5:59c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1vqfl8cu8qgdj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.169.194 (De Lier, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

wa.connectingdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-6.fra6.r.cloudfront.net

cdn.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2490:9800:11:652e:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk-02.moengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.196.111.73 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip73.ip-5-196-111.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.126.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-72.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.232 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.78.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-78-63.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.255.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-255-98.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.26.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-26-107.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.135.99 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-135-99.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.236.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-236-76.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:a74b:1068:1430:1246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.71.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-71-202.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.125.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-125-55.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.8.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-8-189.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:58c1 (United States)

ASN13335 (CLOUDFLARENET, US)

ap.stape.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	imgix.net cdn-images-rayna.imgix.net	1 MB
25	cloudfront.net djz6nvrucsv66.cloudfront.net d1i3enf1i5tb1f.cloudfront.net d61181q6hf07.cloudfront.net d1vqfl8cu8qgdj.cloudfront.net	951 KB
11	moengage.com cdn.moengage.com — Cisco Umbrella Rank: 17067 sdk-02.moengage.com — Cisco Umbrella Rank: 12413	91 KB
11	raynatours.com 1 redirects www.raynatours.com	36 KB
9	criteo.com 3 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4057 gum.criteo.com — Cisco Umbrella Rank: 423 mug.criteo.com — Cisco Umbrella Rank: 3123 sslwidget.criteo.com — Cisco Umbrella Rank: 2254 dis.criteo.com — Cisco Umbrella Rank: 608	33 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 c.clarity.ms — Cisco Umbrella Rank: 1351 e.clarity.ms — Cisco Umbrella Rank: 18370	29 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	876 B
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	4 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	16 KB
4	connectingdesk.com wa.connectingdesk.com	11 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	673 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1743	1 KB
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	141 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	174 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	180 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	186 B
1	stape.info ap.stape.info — Cisco Umbrella Rank: 217326	745 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 784	339 B
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2112	45 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2988	39 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4474	235 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3209	399 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	36 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 870	226 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	145 B
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1144	424 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1421	890 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10355	266 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	200 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 731	343 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1147	164 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 773	321 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 412	141 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2620	165 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1704	100 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	163 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	816 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	235 B
136	42

	Domain	Requested by
26	cdn-images-rayna.imgix.net	www.raynatours.com djz6nvrucsv66.cloudfront.net
12	d1i3enf1i5tb1f.cloudfront.net	www.raynatours.com wa.connectingdesk.com
11	www.raynatours.com	1 redirects www.raynatours.com djz6nvrucsv66.cloudfront.net
9	sdk-02.moengage.com	cdn.moengage.com
8	d1vqfl8cu8qgdj.cloudfront.net	djz6nvrucsv66.cloudfront.net wa.connectingdesk.com
4	gum.criteo.com	3 redirects dynamic.criteo.com
4	wa.connectingdesk.com	www.raynatours.com djz6nvrucsv66.cloudfront.net
4	djz6nvrucsv66.cloudfront.net	www.raynatours.com
3	ib.adnxs.com	2 redirects
3	e.clarity.ms	www.clarity.ms
3	www.google.de
3	www.clarity.ms	www.raynatours.com www.clarity.ms bat.bing.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com
2	dis.criteo.com
2	c.clarity.ms	1 redirects
2	www.google.com
2	region1.analytics.google.com	www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	www.raynatours.com connect.facebook.net
2	cdn.moengage.com	www.googletagmanager.com
2	www.googletagmanager.com	www.raynatours.com www.googletagmanager.com
1	www.facebook.com
1	ap.stape.info	connect.facebook.net
1	beacon.krxd.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	match.sharethrough.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	jadserve.postrelease.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	ad.360yield.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	hb.yahoo.net
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	cm.g.doubleclick.net	1 redirects
1	sslwidget.criteo.com	dynamic.criteo.com
1	mug.criteo.com
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
1	d61181q6hf07.cloudfront.net	www.raynatours.com
136	56

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.facebook.com
twitter.com
ae.linkedin.com
www.instagram.com
www.youtube.com
www.technoheaven.net
connectingdesk.com

Subject Issuer	Validity	Valid
raynatours.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.connectingdesk.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-20` - `2024-05-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.moengage.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-03` - `2024-02-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.taboola.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
hb.yahoo.net R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
itm.ivitrack.com R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M02	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.outbrain.com Thawte TLS RSA CA G1	`2023-11-20` - `2024-11-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M03	`2024-01-24` - `2025-02-21`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ap.stape.info GTS CA 1P5	`2024-01-08` - `2024-04-07`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.raynatours.com/
Frame ID: A099B3D9BAD0E9F28AC7CEEE587291AE
Requests: 103 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.raynatours.com&origin=onetag
Frame ID: B66EC2324206F270BC4E7EFD6EB606E0
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_gid=CAESEDX9s575pmncEsU3HBlF_Rc&google_cver=1&google_ula=913071,0
Frame ID: 11CA71EB5AFE87A09C046363CFF4A6C7
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Leading Tour Operator and Destination Management Company Dubai - Rayna Tours

Page URL History Show full URLs

http://www.raynatours.com/ HTTP 301
https://www.raynatours.com/ Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MoEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.moengage\.\w+

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

95 %
HTTPS

40 %
IPv6

42
Domains

56
Subdomains

52
IPs

7
Countries

2989 kB
Transfer

5145 kB
Size

45
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=971564337939&text=Hello%20I%20want%20to%20know%20about%20bespoke%20romantic%20dinner%20in%20desert%20experience

Search URL Search Domain Scan URL

URL: https://www.facebook.com/raynagroup

Search URL Search Domain Scan URL

URL: https://twitter.com/raynagroup

Search URL Search Domain Scan URL

URL: https://ae.linkedin.com/company/raynatours

Search URL Search Domain Scan URL

URL: https://www.instagram.com/raynatours_

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/raynagroup

Search URL Search Domain Scan URL

URL: https://www.technoheaven.net/travel-management-system.aspx
Title: Technoheaven Consultancy Pvt. Ltd.

Search URL Search Domain Scan URL

URL: http://connectingdesk.com/
Title: CDESK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.raynatours.com/ HTTP 301
https://www.raynatours.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5759D8CED5BC404C87524DE57A56DD0E&RedC=c.clarity.ms&MXFR=101FA2EB156664EC39DCB6FA11666A46 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5759D8CED5BC404C87524DE57A56DD0E&MUID=1BE58E9DA0B86CE538F09A8CA1D36D7B

Request Chain 91

https://gum.criteo.com/sid/json?origin=onetag&domain=raynatours.com&sn=ChromeSyncframe&so=0&topUrl=www.raynatours.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-THoZnwwUnVnZEpqR3RsMm9JdXVZQU00bUpsQVhBbjNROTE3cnZNQytIYjlqSHI0NlFCR2xjYXcvcEoydk4xSnlnb2NwcDMrbG9wbTA1ZGJxb3ZDN1oxVG5tcHRKR2hQSGRlYnVua2hjQ2pGRnhwMlJqTjVCdUJRWCtKRFdBeUh6UTR3VC9nMm5qNllGY0xVTUVDSFNiYXNEMHlLcDB5MTQ2eTNPaXEzRkdzeElnblVBYnNicEhablBTYnk1WUR6UloxM0xkZFIreHEyWjJJK2kyR0sxSEdIUmM3QnBJZUY0NzNkS1Avd1AzV0FJMFJDVnFnckFsd1ZnSGRweHVhN29MaFdFNldsNlFUMDhkbjZnUHI2TzBxVjBHWTlRMk5RVThtQ3ZkSW02cnhwWDJjQT18&cppv=2

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_cm&google_hm=ay1yR2JZY1A4NUk0SWl2SEZkTEM2bGQ5UVg0OVhVWHo1aUVwNWk1UQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_gid=CAESEDX9s575pmncEsU3HBlF_Rc&google_cver=1&google_ula=913071,0

Request Chain 99

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5157515189207839146

Request Chain 110

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uok1av85I4IivHFdLC6ld9QX49UYlP4UvQvlrw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uok1av85I4IivHFdLC6ld9QX49UYlP4UvQvlrw&C=1

Request Chain 111

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=i4_AyEJTP8ax8wjsueIlFK9a6N8hXNzQ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=i4_AyEJTP8ax8wjsueIlFK9a6N8hXNzQ

Request Chain 129

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uJL1kB9r0041cpQ3ajPTzxWYfgZlFlAt

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.raynatours.com/
Redirect Chain

http://www.raynatours.com/
https://www.raynatours.com/

89 KB
17 KB

2603ms
2580ms

Document
text/html

2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a7b1d45fd09751931aec19002271f88dd12617d15de1671d37caa4eda8cb0e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 84af855a4971996e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 25 Jan 2024 09:34:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z%2BoYrjRONUqt8FxXdwHUJPNtwygX4Me0uaxq%2BPX6e2KCWsuMhgIvxHHFJg2ei1wSyJmKSkRkzIpkPz4gx7AcivR29aNYR7ExnmufurlQLWgfQNHoM%2FKgUcnhXooIYDWfzP4hArGlTKM4%2BimHq7Svw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552001; includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: sameorigin
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 84af855a0dcd3a6d-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 25 Jan 2024 09:34:32 GMT
Expires: Thu, 25 Jan 2024 10:34:32 GMT
Location: https://www.raynatours.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giLWoHb4OF86E50BfqIvTekwO1lblnAntEzKnSUcOs9nMTTw96L%2FimGtO9eg8ITGa8LStskNHLIUIJSP1KDtCjULbgIxbsGJQtG6QYTf0m7k6pK%2B2O8ZrPNL5DZv3EVcfNAXk%2BeDlbzvNeJpAi9XYw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 webmaincss.css
djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/ 212 KB
37 KB 91ms
28ms Stylesheet
text/css 2600:9000:2447:2e00:1c:c5b0:3380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:2e00:1c:c5b0:3380:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd5abf73103374a840fe693e3f8fcd9fa61f1c017aa7a71a95f02a43d96de086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:08:49 GMT
content-encoding: br
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 12346
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: no-referrer
last-modified: Tue, 07 Nov 2023 05:58:21 GMT
server: AmazonS3
etag: W/"2a7ca87849022b9399e9ff2d25bb2cf8"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: gdJVTBs6WEUDhncw5qS-7ghJylbv0QB3ZRuPIULoPTcPBRDDDOgJzA==

GET
H2 200 raynahomepagenew.css
www.raynatours.com/assets/css/Web/ 15 KB
4 KB 297ms
293ms Stylesheet
text/css 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/assets/css/Web/raynahomepagenew.css

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

740632d495ba23f410ec4f74fdc8fd061d9b3b50398d3a50dd5d25f98b13ebb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Sun, 21 Jan 2024 07:56:02 GMT
server: cloudflare
etag: W/"01514473f4cda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIEGD%2F6lNeUs8%2Fr0MjLSh3%2FQ5vjmD9iEDRqdB0OABfHpbenyGtPVueeK78xHsUjAThkWdShQ1gJboyggQGTilqMJMukYgQ91X4VHd1yXDva3bErjdCi4M4AEqqceUO9KJ4Ye%2Bfs5ghioIwy9MU%2B0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84af856a78bb996e-FRA
expires: Mon, 01 May 2024 00:00:00 GMT

GET
H2 200 bannerpattern.css
www.raynatours.com/assets/css/Common/ 3 B
433 B 25ms
22ms Stylesheet
text/css 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/assets/css/Common/bannerpattern.css

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48439
cf-polished: status=cannot_optimize
x-powered-by: ASP.NET
content-length: 3
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sun, 21 Jan 2024 07:56:02 GMT
server: cloudflare
etag: "01514473f4cda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLvlDUOfnTKcRQ7FoIAY3yTZAYZMyWlhcGdzMGKtF2eGcspR5M2JFGJhguXO6pXFNxerCKX7Asz45WmAtKg%2FpzNgY7UG%2FqoyVE4YH46sqr5KTx714h62KfxsjwTJShDJ%2FdAeWPzxz9HilhvoiTGTAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84af856a78bf996e-FRA
expires: Wed, 01 May 2024 00:00:00 GMT

GET
H2 200 color.css
www.raynatours.com/App_Themes/default/ 9 KB
3 KB 26ms
23ms Stylesheet
text/css 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/App_Themes/default/color.css

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1d1c730bfb778bfbad222ec8c7516bc93b911b2a2577edc771134d6fbbf8137

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90807
cf-polished: origSize=9621
x-powered-by: ASP.NET
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sun, 21 Jan 2024 07:56:02 GMT
server: cloudflare
etag: W/"01514473f4cda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrvJWvpiKuDL85xwysKesrXyqTc7NPpp6TsW8XVmVy9hmczsOmy6diXsH%2FVK9Mc8Zm2ia0EH6a8vQRqItcrPknhIqm56fFQkMzq1xlPrjt0rC1%2FZdnWaQC6%2FYHqoa6egGB3fKQ80gDRoaWPJc2Mj7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84af856a78c1996e-FRA
expires: Wed, 01 May 2024 00:00:00 GMT

GET
H2 200 raynatourslogo.png
d1i3enf1i5tb1f.cloudfront.net/assets/Images/AGT-06437/ 19 KB
19 KB 86ms
23ms Image
image/png 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Images/AGT-06437/raynatourslogo.png

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

beec29e70aaaa8883238226ca1bc76989074241b26e397c01a75ccbf83469bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: ZG2DCshZcKPORkubKwTWsQk_iXwQWAfx
date: Wed, 24 Jan 2024 10:33:05 GMT
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 82890
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 19293
referrer-policy: origin
last-modified: Tue, 02 May 2023 08:40:52 GMT
server: AmazonS3
etag: "bd0f038df81c58d4c21667b691292f09"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: EdDUu3wmLmlMm6hPTzkTAfWtbMa17-UxBk-_lxhtVrcT0O8MfWvH1g==

GET
H2 200 singapore-web-bnr-tours.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/406/ 82 KB
83 KB 50ms
11ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/406/singapore-web-bnr-tours.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

12eb68615bfb1176e591465c8d1ed2bb923426f73e05942bf1ccf214e2484078

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 441132
x-cache: HIT, HIT
x-imgix-id: 55fd0c28ef38a12408aba935a48dd8ee638e0d9a
cross-origin-resource-policy: cross-origin
content-length: 84436
x-served-by: cache-sjc10051-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Sat, 20 Jan 2024 07:02:22 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 r-points-bnr-new.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/284/ 83 KB
83 KB 61ms
23ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/284/r-points-bnr-new.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c6537aaac9d9ae1340b09ba56b0e86636dfc283ef351d028e29edc81d75ea1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 1289977
x-cache: HIT, HIT
x-imgix-id: 0abeee06fc2ef28484297e06d64687925655ffd0
cross-origin-resource-policy: cross-origin
content-length: 85291
x-served-by: cache-sjc10037-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Wed, 10 Jan 2024 11:14:57 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sonu-nigam-concert-web-bnr.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/392/ 45 KB
45 KB 63ms
26ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/392/sonu-nigam-concert-web-bnr.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6d28c0739771dc7021d9280e25e4f9174d4f5ac327834b4e9e6cbf19ca38bd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 909143
x-cache: HIT, HIT
x-imgix-id: e384a54c253f7557767a7612e7fc066a63917f43
cross-origin-resource-policy: cross-origin
content-length: 45628
x-served-by: cache-sjc10078-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Sun, 14 Jan 2024 21:02:11 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 snap-and-win-web-banner.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/383/ 55 KB
56 KB 64ms
26ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/383/snap-and-win-web-banner.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8a36f323d062270892e3717f581c9b428ad6d5290196bc5526a7b0f37b3d76de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 92765
x-cache: HIT, HIT
x-imgix-id: aec2a5e53bf6e4eb713167655cde249ff77c950a
cross-origin-resource-policy: cross-origin
content-length: 56713
x-served-by: cache-sjc10041-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.132136
last-modified: Wed, 24 Jan 2024 07:48:30 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 paramotor-adventure-web-bnr.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/334/ 82 KB
82 KB 63ms
26ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/334/paramotor-adventure-web-bnr.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5e488080a22b02dddbaaaf79a640e4304ba8136c95bd1fadeeecaf85e4c27c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 1116810
x-cache: HIT, HIT
x-imgix-id: a01d5024692724362f7b84ece221f433a6c34a40
cross-origin-resource-policy: cross-origin
content-length: 83677
x-served-by: cache-sjc1000143-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 12 Jan 2024 11:21:04 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bespokedinner-banner.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/343/ 112 KB
112 KB 63ms
26ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/343/bespokedinner-banner.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

294fadbc701860b71071c8d1f2f5975d3328598214b74a6a28ea160cf873bfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 695064
x-cache: HIT, HIT
x-imgix-id: 5d1831767fcf941b5f440fa0450e80a4595c72c4
cross-origin-resource-policy: cross-origin
content-length: 114462
x-served-by: cache-sjc10038-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Wed, 17 Jan 2024 08:30:10 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 breakfast-in-thesky-web-bnr.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/405/ 64 KB
64 KB 20ms
20ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/405/breakfast-in-thesky-web-bnr.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

907e6e47faea313368438dcb6a8b82b650f92a432e2edf9a10f5c0e815c08bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 597855
x-cache: HIT, HIT
x-imgix-id: 3edd92e62987ec40aa56c1a9748505d58cf9e71f
cross-origin-resource-policy: cross-origin
content-length: 65765
x-served-by: cache-sjc1000097-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Thu, 18 Jan 2024 11:30:19 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chinese-nye-img-worlds-bnr-web.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/407/ 102 KB
102 KB 25ms
25ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/407/chinese-nye-img-worlds-bnr-web.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cae76f34fc47c3aeeaafa1f89a01a74e4a9a2326e1364287487da28c4c890e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
x-content-type-options: nosniff
age: 91412
x-cache: HIT, HIT
x-imgix-id: 75b7e3020261a720daeba7d4447fa3a35d575191
cross-origin-resource-policy: cross-origin
content-length: 104043
x-served-by: cache-sjc1000115-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.132136
last-modified: Wed, 24 Jan 2024 08:11:02 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ajaxloader.gif
d61181q6hf07.cloudfront.net/content/img/ 3 KB
4 KB 47ms
12ms Image
image/gif 2600:9000:21f3:ee00:12:7439:dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d61181q6hf07.cloudfront.net/content/img/ajaxloader.gif

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ee00:12:7439:dc0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ff0799f0d12107ad79007c850589962ffffa7a005ee4b3c92ce9203217a0db76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 08:42:13 GMT
via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA2-C2
age: 4001
x-cache: Hit from cloudfront
content-length: 3199
referrer-policy: origin
last-modified: Mon, 08 May 2017 10:20:58 GMT
etag: "c495b5c8e4c7d21:0"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ywFr98n3Y_S5hp1fkYL_UhSzn747KleF3XJGRgYyInBze7aRmzzY2Q==

GET
H2 200 slider-four.gif
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/ 45 KB
45 KB 90ms
29ms Image
image/gif 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/slider-four.gif

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

363ce3f765e4cfbda2df6dc17e8fdc917b490e30781550a10f38c54acc87216b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5D5OvP3JicU.82EVs_9KX4s7c4.xI7zL
date: Wed, 24 Jan 2024 12:04:58 GMT
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 77376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 45646
referrer-policy: origin
last-modified: Fri, 07 Jul 2023 10:53:54 GMT
server: AmazonS3
etag: "0a951a7f17ec00d173333de626923da8"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AVldkXQl1e4BTfiSFM3rE-ZX8Zr0hwPqw0lmR5yPvmLJaEm8vUqdUw==

GET
H2 200 slider-price-four.gif
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/ 49 KB
50 KB 103ms
42ms Image
image/gif 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/slider-price-four.gif

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3665dce05162d2168e15c96d3f5045c8e423db26dea3e6a89867c07b9d55d92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: eBO9coaWy48m8GaF34DyZYWJ0tcpVU.8
date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 9894
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 50635
referrer-policy: origin
last-modified: Fri, 07 Jul 2023 10:53:56 GMT
server: AmazonS3
etag: "5c002f49b3dc55056ce96ddcf3f7c80a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sIdvd7TQevYq7V8rj1iTPiQL89JhWjCY-6Gnviz6Kc024w1DGKyLGg==

GET
H2 200 Footer.css
www.raynatours.com/assets/css/Common/Footer/ 3 KB
1 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/assets/css/Common/Footer/Footer.css

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8bb1c7276bbebe604607aea7b21e72eb0c95c21a2c32672e09e345f31a83e022

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3373
cf-polished: origSize=3545
x-powered-by: ASP.NET
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Sun, 21 Jan 2024 07:56:02 GMT
server: cloudflare
etag: W/"01514473f4cda1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa0gqF4JuTlP4dPCFkiLxVKnMy8EC4KWCX41yJjtPV4Q0LJYmrfQhcoHBAQtg5rQHRCvbZ72iM3hjL9HaalUS0DBEXMM1a%2F8RxrI6IQYc019lD7cEtqwcZj9UG%2Bh4fXufXNzLiKpcnnBwdCg59%2BUXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84af856a78c2996e-FRA
expires: Wed, 01 May 2024 00:00:00 GMT

GET
H2 200 rocket-loader.min.js Show response
www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 11ms
11ms Script
application/javascript 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 15:56:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65aa9bb3-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmXYbv3NFF8HP6tLVxbChhg11wN1OcQtugoxlmO5KaVIK6dFDM18bfszwdNPGroUx3yPdtI1qkyTidf0udHJEU0TTDIL472GpwjAk%2FSOjmtRqlmOYVkTPNn4Za5Tx1nhpNY8pEvJR6dsHXCBrooR%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84af856a78c4996e-FRA
expires: Sat, 27 Jan 2024 09:34:34 GMT

GET
H2 200 Home-Strip.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/ 19 KB
7 KB 26ms
25ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/Home-Strip.svg

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/App_Themes/default/color.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

151c5d53e0433a82cb7a3eaa0bfe494b037bda723a7f41afadd3c1af49789980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: gH7EBFnlJjZVEEfshVxyzsFvTSWsRlo4
content-encoding: br
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 3373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Wed, 13 Sep 2023 04:32:00 GMT
server: AmazonS3
etag: W/"9451c5952111d4422fd7c7495ded4e02"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: JmNC7bZVxAP_W6nYgx-plUjs5lk8b9zHR-Jijt4LF5cak-GGnkg8RA==

GET
H2 200 svgBG4.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/ 13 KB
4 KB 41ms
41ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/svgBG4.svg

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/App_Themes/default/color.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9642e70b61b27e5fc4b378189ecd8414ec547a860e7d657ad160987aed827e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: lYCW7A6i32ben6WHGXUH1rma2S4I_Rpz
content-encoding: gzip
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 4066
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Fri, 28 Apr 2023 10:02:25 GMT
server: AmazonS3
etag: W/"3f9158e1adf19431c7be512c06d73798"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: b-jDnefR_ldvXCphzaL4-tvkyaFcYBMZmBVw3zL_U3Qe3Q2vUE-SZg==

GET
H2 200 holiday-strip.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/ 11 KB
4 KB 16ms
16ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/holiday-strip.svg

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/App_Themes/default/color.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ee42287864a676e181f14f4a55355b95aa54909cc31e82eae2b152a81b182bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: raBWs2Z3hPzDZdA33VTjDcI8zabx21Ai
content-encoding: br
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 07:07:58 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 8797
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Sat, 25 Mar 2023 07:40:13 GMT
server: AmazonS3
etag: W/"8066ad6ac21a4d5f563421cd6abfba8e"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: ThrfyDuKEGLUsBi0-rzUc4MllGwuosS68eLQPd87j4Uy8S7iJxqwWg==

GET
H2 200 svgBG5.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/ 64 KB
22 KB 27ms
27ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/svgBG5.svg

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/App_Themes/default/color.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b0aeb682d202e5d4792ca5485b6aacd562b4190fb267997bc76391512af4f617

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: RBQAbUjUXd5RHWo9GLyyxqDhkMLKk8un
content-encoding: br
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 2579
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Fri, 25 Mar 2022 09:04:52 GMT
server: AmazonS3
etag: W/"41a18de3e6a64b0e9ee7358c74799507"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: j1wAbCxoS5-cguKlFSCls1F31BC2juCJAd4F_m3wbU0ztPQfyFFmxg==

GET
H2 200 T-fevicon.png
d1i3enf1i5tb1f.cloudfront.net/assets/img/ 46 KB
47 KB 45ms
44ms Image
image/png 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/img/T-fevicon.png

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/assets/css/Common/Footer/Footer.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f22a6945b082a629996cace5c936866d4ecd6b8c9f257c6430f301a46833fc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: HoOZijR3eu8vrKM_vDc6UWBX2jQp2O5z
date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 3959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 47442
referrer-policy: origin
last-modified: Tue, 18 Apr 2023 05:25:35 GMT
server: AmazonS3
etag: "19711b9a04bc6ea9648b92c757d84d7a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: HvGUI_OlI-m8jQ8ibFT_wOSEpVdP0vteuT93MoaXTvWskT4FYpXjaw==

GET
H2 200 GT-Eesti-Pro-Display-Regular.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/ 52 KB
53 KB 97ms
47ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/GT-Eesti-Pro-Display-Regular.woff2

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cb5141afada03d4a510516b5eb9735a5c126a2603ab164b4b566a6be05fcbd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 53592
referrer-policy: origin
last-modified: Thu, 09 Aug 2018 13:30:30 GMT
etag: "09f1524e52fd41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: h2Ub4cfoIUuUJiUC8HC-KHAdbsx_-ofrggQRmv69ga-5CkGpFlxT-A==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 GT-Eesti-Pro-Display-Medium.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/ 56 KB
56 KB 89ms
40ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/GT-Eesti-Pro-Display-Medium.woff2

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

842eecfed91c885c848d53c2584aecaa0422aa972155e94696c1dc8d3450f13d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 57012
referrer-policy: origin
last-modified: Thu, 09 Aug 2018 13:30:28 GMT
etag: "072e422e52fd41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: S8zQAe-tIKQYMVVxgoLmHfDU_g2C3QER9mgsizwYuhcmDjP66V6tqw==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 GT-Eesti-Pro-Display-Light.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/ 55 KB
55 KB 72ms
23ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/GT-Eesti-Pro-Display-Light.woff2

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

97d1c605849716cb0fa8cecd76fea43be43f244eaaf73387adb40f66c77c87f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 55836
referrer-policy: origin
last-modified: Thu, 09 Aug 2018 13:30:28 GMT
etag: "072e422e52fd41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WglfjI03FiJ5NYXt2cpfGwVDRX9wFALXJ6VR_rEBEdCjhCC9AciItA==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/demohome/new_fonts/ 75 KB
76 KB 84ms
35ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/demohome/new_fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 77160
referrer-policy: origin
last-modified: Thu, 22 Aug 2019 08:35:30 GMT
etag: "075358ec458d51:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: o6LH30VKUZayEgpolp_Pe220rYQpThxV3yDn_8uWN8miX30Wp9p7Xw==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 jsGoogleTagManager.js Show response
www.raynatours.com/assets/js/Common/ 6 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/assets/js/Common/jsGoogleTagManager.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2b24085e7e780d8bfb3f43ab95060100f9bff88f2757b01a81d229349ca096b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2090178
cf-polished: origSize=12819
x-powered-by: ASP.NET
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Fri, 29 Dec 2023 06:34:02 GMT
server: cloudflare
etag: W/"06973213ada1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnsjWzFDWwTTnNfdk8e6K2LzOHOHCueolpNBtOZBwLJ3ezLXCkPhIfqvB50meIOhahT5Qk9B8kpZz1WqH%2BvCT30CD5vlTNDbZmg3qxKOjpcMmZvDN33KGkNUPHmx0u%2FviVTepjKYLXPAAGQwNJUstA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84af856c7a97996e-FRA
expires: Wed, 01 May 2024 00:00:00 GMT

GET
H2 200 cdeskpl.js Show response
wa.connectingdesk.com/app/widgets_v2/ 1 KB
1 KB 69ms
16ms Script
application/javascript 95.211.169.194
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.connectingdesk.com/app/widgets_v2/cdeskpl.js
Requested by: Host: www.raynatours.com
URL: https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.169.194 De Lier, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 19185688f814e37a417b6c90fb014ba3b4d62993345bf8fd5be1644994706f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
last-modified: Sat, 11 Nov 2023 07:31:09 GMT
server: Microsoft-IIS/10.0
etag: "5ef6e497114da1:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 1361

GET
H2 200 Citysearch.js Show response
www.raynatours.com/assets/js/Web/tour/ 7 KB
3 KB 28ms
27ms Script
application/javascript 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/assets/js/Web/tour/Citysearch.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cfeb0a942e0709473325c491c3164558cae14d5b3e47b994af900f8c6a44ab25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1373023
cf-polished: origSize=12860
x-powered-by: ASP.NET
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: minify
last-modified: Mon, 08 Jan 2024 07:11:36 GMT
server: cloudflare
etag: W/"04a6ea142da1:0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Jv7hF9ZT1%2FObQECeIyLdyF%2FD6MtEtoJkyZRbE5IVUGfD2QuXvTu45PKjqZvwPIBFKvCLnxw1paAyh%2FKARhjyIC7wODc%2FeLo708h90WJtzsyEyNrL%2BU7fWp2dNvfYAxTAfkXjcDeGKhF50Ybz98IDA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 84af856c7a99996e-FRA
expires: Wed, 01 May 2024 00:00:00 GMT

GET
H2 200 angular.js Show response
djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/ 184 KB
59 KB 52ms
52ms Script
application/javascript 2600:9000:2447:2e00:1c:c5b0:3380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/angular.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:2e00:1c:c5b0:3380:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c3575e308a84034c3715d1f6e6e32e6728e5545e5573fb1cb7217b255687e07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 05:25:01 GMT
content-encoding: br
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 14974
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: no-referrer
last-modified: Fri, 12 Jan 2024 12:19:55 GMT
server: AmazonS3
etag: W/"9c70ad03ffa99f2f5cb52e22f6ee0bc1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: TGzXQ11poD1MiKKAGd2MgC6s27ph5cgU3dz5sPhv5H4widiG7M10Rg==

GET
H2 200 other.js Show response
djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/ 540 KB
158 KB 19ms
19ms Script
application/javascript 2600:9000:2447:2e00:1c:c5b0:3380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:2e00:1c:c5b0:3380:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f89283138840c66dcfb344b1d2eb672a6663de262c8171dea21334099e2bfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:58:22 GMT
content-encoding: gzip
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 30973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: no-referrer
last-modified: Tue, 07 Nov 2023 05:59:03 GMT
server: AmazonS3
etag: W/"5f3d55bcfb0b7987ce4a9039c4e0767e"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: guvD2Zmk6xF_NK9-05JPyFPc8l2NxBOGXYvu-cAycRlvWQ3zVd-R8A==

GET
H2 200 jquery.min.js Show response
djz6nvrucsv66.cloudfront.net/assets/Responsive/js/ 223 KB
69 KB 19ms
19ms Script
application/javascript 2600:9000:2447:2e00:1c:c5b0:3380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://djz6nvrucsv66.cloudfront.net/assets/Responsive/js/jquery.min.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:2e00:1c:c5b0:3380:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff74fe47a4a6c781880006ea7de067289bfb8205bb380c727e42f551ccd8ff20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 06:36:47 GMT
content-encoding: gzip
via: 1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 10727
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: no-referrer
last-modified: Fri, 18 Aug 2023 06:07:19 GMT
server: AmazonS3
etag: W/"973dffba1d0a0727519b26208d3431ea"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: JK2dJvTfGmG8DJPBR8UJRVvWG3Epp6Du0GUqe-4flpSuI-k63B6PXA==

GET
H2 200 chat_widget_s.css
wa.connectingdesk.com/app/widgets_v2/ 9 KB
2 KB 12ms
12ms Stylesheet
text/css 95.211.169.194
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.connectingdesk.com/app/widgets_v2/chat_widget_s.css
Requested by: Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.169.194 De Lier, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d8734f9c1f4cf833d3293d4f3080eda3537700137510c76d6221c2498c02cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 10:42:45 GMT
server: Microsoft-IIS/10.0
etag: "8040a172fe6d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2157

POST
H2 200 chat_widget_h_v2.php Show response
wa.connectingdesk.com/app/widgets_v2/ 6 KB
6 KB 43ms
15ms XHR
text/html 95.211.169.194
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.connectingdesk.com/app/widgets_v2/chat_widget_h_v2.php
Requested by: Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.169.194 De Lier, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/5.6.31, ASP.NET
Resource Hash: fda957a1b6ea88d6d95b2f95846b3c63555c08f598b9daa0d80596968148e986

Request headers

Accept: */*
Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 09:34:34 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: PHP/5.6.31, ASP.NET
content-length: 5977
content-type: text/html; charset=UTF-8

GET
H2 200 chat_widget_j.js Show response
wa.connectingdesk.com/app/widgets_v2/ 1 KB
1 KB 13ms
12ms Script
application/javascript 95.211.169.194
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.connectingdesk.com/app/widgets_v2/chat_widget_j.js?_=1706175275057
Requested by: Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.169.194 De Lier, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9a9921518ddf28417cf9aaec2af0fdd17f420429deb9012764853cb116df8495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
last-modified: Sat, 11 Nov 2023 11:33:14 GMT
server: Microsoft-IIS/10.0
etag: "b8ddfadb9214da1:0"
x-powered-by: ASP.NET
content-type: application/javascript
accept-ranges: bytes
content-length: 1403

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
86 KB 50ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af27aeb4b665035e5ea061f430032c628a23060a10df7984dced62fd01069051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87748
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jan 2024 09:34:35 GMT

POST
H2 200 GetStaticLanguageJson Show response
www.raynatours.com/AjaxCall.aspx/ 10 B
372 B 120ms
120ms XHR
application/json 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/AjaxCall.aspx/GetStaticLanguageJson

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

780e1b18e0904b2686e7e68ae54ea50056ef4e5667be2a918485704234516280

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.raynatours.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
referrer-policy: strict-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLdYVYdTacgT%2BUM85Dr0r7Y%2BPYZ0DLugi3jOh0jYs7uEWvusIxcYuhfsuRoYjTL6VmdgKI3AYu0yFUAL0nDIDmwGjJz7nZbFDTkjAkewQ4GqwvUkhPVcnsnV9WmdFZ%2B%2FU5bM7vNBZ07mkWZ2TggZoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 84af856d4b3a996e-FRA
content-length: 10
x-xss-protection: 1; mode=block

POST
H2 200 LoadCartAPI Show response
www.raynatours.com/AjaxCall.aspx/ 44 B
359 B 1072ms
1071ms XHR
application/json 2606:4700:20::681a:c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raynatours.com/AjaxCall.aspx/LoadCartAPI

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/angular.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8685f06f71aad4b0352a9fe7a5da1cd5e7cb2c497bd40d8f7923278a8c297cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 09:34:36 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
referrer-policy: strict-origin
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKI0MVfYq54hG7ODsGrPX4awYwFYeoemOvArAdV7pre5Xx9oucmn6yJXIIybTrcpZ%2BgPrja6OiKGgJsZvVbZW3KAEJ1NL1lDpJo4gVXvw8Z%2FwlWiKj2Hg4Mhfz7AMd%2Fvti4tFwwKoG678guEzQXZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
cf-ray: 84af856e2c26996e-FRA
content-length: 44
x-xss-protection: 1; mode=block

GET
H2 200 svgHeader.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/ 7 KB
3 KB 24ms
24ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/svgHeader.svg

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/App_Themes/default/color.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b085e182625629b2e6e3002ec5304dda05829055c8d5d2fcb10af0dcb32a623e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: CfD05eVKw5ghUI04mT63LodKmzynkTWp
content-encoding: br
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 6555
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Fri, 25 Mar 2022 09:04:56 GMT
server: AmazonS3
etag: W/"d455ea3308361da85ebcbccfe9ea8ad5"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: 70NXNkAaea2v_TXaSP7zaEd5RuKXnCqYizGJours1MxVpwaaeeOtew==

GET
H2 200 singapore-web-bnr-tours.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/406/ 82 KB
83 KB 7ms
7ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/406/singapore-web-bnr-tours.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

12eb68615bfb1176e591465c8d1ed2bb923426f73e05942bf1ccf214e2484078

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 441133
x-cache: HIT, HIT
x-imgix-id: 55fd0c28ef38a12408aba935a48dd8ee638e0d9a
cross-origin-resource-policy: cross-origin
content-length: 84436
x-served-by: cache-sjc10051-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Sat, 20 Jan 2024 07:02:22 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 chinese-nye-img-worlds-bnr-web.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/407/ 102 KB
102 KB 11ms
10ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/407/chinese-nye-img-worlds-bnr-web.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cae76f34fc47c3aeeaafa1f89a01a74e4a9a2326e1364287487da28c4c890e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 91413
x-cache: HIT, HIT
x-imgix-id: 75b7e3020261a720daeba7d4447fa3a35d575191
cross-origin-resource-policy: cross-origin
content-length: 104043
x-served-by: cache-sjc1000115-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.132136
last-modified: Wed, 24 Jan 2024 08:11:02 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 r-points-bnr-new.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/284/ 83 KB
83 KB 10ms
10ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/284/r-points-bnr-new.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c6537aaac9d9ae1340b09ba56b0e86636dfc283ef351d028e29edc81d75ea1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1289978
x-cache: HIT, HIT
x-imgix-id: 0abeee06fc2ef28484297e06d64687925655ffd0
cross-origin-resource-policy: cross-origin
content-length: 85291
x-served-by: cache-sjc10037-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Wed, 10 Jan 2024 11:14:57 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 breakfast-in-thesky-web-bnr.jpg
cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/405/ 64 KB
64 KB 13ms
13ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/Imagewise-Banner/405/breakfast-in-thesky-web-bnr.jpg?w=1920&h=540&auto=compress%2Cformat

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_js/minified-files/other.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

907e6e47faea313368438dcb6a8b82b650f92a432e2edf9a10f5c0e815c08bf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 597856
x-cache: HIT, HIT
x-imgix-id: 3edd92e62987ec40aa56c1a9748505d58cf9e71f
cross-origin-resource-policy: cross-origin
content-length: 65765
x-served-by: cache-sjc1000097-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Thu, 18 Jan 2024 11:30:19 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 AjaxLoader.gif
d1vqfl8cu8qgdj.cloudfront.net/assets/img/ 3 KB
4 KB 58ms
35ms Image
image/gif 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/img/AjaxLoader.gif

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 3208
referrer-policy: origin
last-modified: Mon, 08 May 2017 12:04:39 GMT
etag: "17cb445f3c7d21:0"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: xjw9eKGlOFfKNl9d-I35UKrVsZlTdF6-McVPfQ11Mr6YjT02Q0cJnQ==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 svgBG6.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/ 44 KB
12 KB 16ms
16ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/default/svgBG6.svg?v1

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/App_Themes/default/color.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5306ce00a65bd1e14a33ceda7c0a3eff07ea02a535a98cf8884add033c738c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: JOcPLxaj11VVeeDgy7bz361._y8cwLT0
content-encoding: br
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Wed, 24 Jan 2024 09:56:53 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 85063
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Sat, 18 Nov 2023 08:54:23 GMT
server: AmazonS3
etag: W/"a87355ee92b429572fc7d6b19607decc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: emzzBzI7b7LUysNINB-mPCJfY3atVYB41WbtTlIPRHmmjwVRUgU6GA==

GET
H2 200 GT-Eesti-Pro-Display-Bold.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/ 56 KB
56 KB 43ms
43ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/GT-Eesti-Pro-Display-Bold.woff2

Requested by

Host: djz6nvrucsv66.cloudfront.net
URL: https://djz6nvrucsv66.cloudfront.net/assets/minified-files_css/minified-files/webmaincss.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

df4aafd09fae97c2ceead4c81722b2b7a5c4a5723756fd674108b9695ecf7423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-length: 57192
referrer-policy: origin
last-modified: Thu, 09 Aug 2018 13:30:28 GMT
etag: "072e422e52fd41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: B_T2Ban8CIovgN1USjHBLhzExtIxYoD-bWWcFdTpKspah4B8Nm_dGA==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 abu-dhabi.jpg
cdn-images-rayna.imgix.net/imgiximages/city-images/13236/ 48 KB
48 KB 16ms
14ms Image
image/png 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/city-images/13236/abu-dhabi.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

43ae4110a18db39e72c1e2bd5520b456bdc588474ffaafe03436546d1ac198ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1354287
x-cache: HIT, HIT
x-imgix-id: a6e570fa53cad53e450bdb4ddbdc7f99ef44f4d9
cross-origin-resource-policy: cross-origin
content-length: 48688
x-served-by: cache-sjc1000127-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Wed, 05 Jul 2023 06:33:27 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dubai-city.png
cdn-images-rayna.imgix.net/imgiximages/city-images/13668/ 99 KB
99 KB 10ms
8ms Image
image/png 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/city-images/13668/dubai-city.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ed432a6b17a82d0a9b39bd28b345a036022b8ed6f53750a70ce3662ce18fa00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 432982
x-cache: HIT, HIT
x-imgix-id: 6d5dddb0e0cc1c4ce21321617e36072a634ad2f5
cross-origin-resource-policy: cross-origin
content-length: 101205
x-served-by: cache-sjc10040-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Wed, 05 Jul 2023 06:35:44 GMT
server: Google Frontend
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ras-al-khaimah-city.png
cdn-images-rayna.imgix.net/imgiximages/city-images/14644/ 118 KB
118 KB 34ms
32ms Image
image/png 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/city-images/14644/ras-al-khaimah-city.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8e004c683d7089053da1d5e7aa52ab75f839c76dde80e34749c0cbce4efccc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 4542970
x-cache: HIT, HIT
x-imgix-id: ed8c426a41e07f531db7012efbb0682e1ea97f3c
cross-origin-resource-policy: cross-origin
content-length: 120544
x-served-by: cache-sjc10077-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Wed, 05 Jul 2023 06:34:38 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 singapore-city.png
cdn-images-rayna.imgix.net/imgiximages/city-images/23726/ 105 KB
105 KB 20ms
18ms Image
image/png 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages/city-images/23726/singapore-city.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a0cabe5dc11f7c2cd2fb2357503141a9b105b3b842487a25c8434286751fece4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1507010
x-cache: HIT, HIT
x-imgix-id: 45ead6704567c586ec516232d0e80cbaf2e68e15
cross-origin-resource-policy: cross-origin
content-length: 107193
x-served-by: cache-sjc10066-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Wed, 05 Jul 2023 06:14:51 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Aqua-Water-Park-front.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-3625// 13 KB
13 KB 15ms
14ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-3625//Aqua-Water-Park-front.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c23031217ee5894762f56a2401975e6735bec2e027a9dafddffb791a4b7822ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 4175085
x-cache: HIT, HIT
x-imgix-id: 23e2453cb06b2ed4f15f554581032964d508d7b8
cross-origin-resource-policy: cross-origin
content-length: 13312
x-served-by: cache-sjc10064-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 08 Dec 2023 01:49:50 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 burj-kalifa-front.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-18// 7 KB
7 KB 13ms
12ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-18//burj-kalifa-front.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

1f2f303dd89048cd2679022f67c950bb7749f410c6f6fea65fe09c4c997f7c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1094848
x-cache: HIT, HIT
x-imgix-id: 09da9c7496a00ed88686cba6ecf3b80eb7063d99
cross-origin-resource-policy: cross-origin
content-length: 7383
x-served-by: cache-sjc10023-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 12 Jan 2024 17:27:06 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 111.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-3636// 16 KB
16 KB 26ms
24ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-3636//111.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

286a7cd56c2cca74d13db706c9e6fa08dad817b366ce8bd3c0850c6d5b8ef912

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 4219630
x-cache: HIT, HIT
x-imgix-id: 2805c02a4923f035d05fd230992a625fc812994a
cross-origin-resource-policy: cross-origin
content-length: 16299
x-served-by: cache-sjc1000101-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 07 Dec 2023 13:27:24 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dubai-dolphinerium-dubai-front.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-65// 19 KB
20 KB 30ms
29ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-65//dubai-dolphinerium-dubai-front.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

dff999398a69af88e508d311bc99de4ef8e23f9a5269f2894ab8099c87e796f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 599826
x-cache: HIT, HIT
x-imgix-id: e5b715335fc8201d9a4502094063744171b16bd8
cross-origin-resource-policy: cross-origin
content-length: 19917
x-served-by: cache-sjc1000126-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Thu, 18 Jan 2024 10:57:29 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Dubai_Frame.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-5066// 21 KB
21 KB 35ms
34ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-5066//Dubai_Frame.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

b40a7537943d81fddcc1c09bfac41afcffdc50cd31ac6be912478a5795db083c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1467776
x-cache: HIT, HIT
x-imgix-id: d566ef9c036e45c4ba034c91751057b019cc3013
cross-origin-resource-policy: cross-origin
content-length: 21617
x-served-by: cache-sjc10023-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Mon, 08 Jan 2024 09:51:39 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Desert-safar-banner.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-508805// 12 KB
13 KB 27ms
26ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-508805//Desert-safar-banner.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

fb176315b8e8770088d09cdf1baa13a1f72fb5b51b2c4ade98b3553fc6a316a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1054386
x-cache: HIT, HIT
x-imgix-id: 83c7ff67720013d1c34d34411a28ca6d80f8d0f2
cross-origin-resource-policy: cross-origin
content-length: 12707
x-served-by: cache-sjc10081-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Sat, 13 Jan 2024 04:41:28 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Balloon-Flights-with-Breakfast.JPG
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-508655// 10 KB
10 KB 29ms
28ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-508655//Balloon-Flights-with-Breakfast.JPG?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

32cf52f642774baac7e5184acb95671ca840128f13b7e7ec0b2be28048af8531

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 588748
x-cache: HIT, HIT
x-imgix-id: 4ff6bac51d3a0681ea8c2545690576d391eebe01
cross-origin-resource-policy: cross-origin
content-length: 10423
x-served-by: cache-sjc1000138-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Thu, 18 Jan 2024 14:02:06 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 33.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-4753// 15 KB
15 KB 25ms
25ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-4753//33.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5a022fd23388d416a0b20acd9f7d1b3a5d1e3583e08e71ebe1fb6d3ba3973330

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1794923
x-cache: HIT, HIT
x-imgix-id: 81af7d13d2f9d8c14c4a740acce62f03ba8b7b9d
cross-origin-resource-policy: cross-origin
content-length: 15284
x-served-by: cache-sjc10066-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 04 Jan 2024 14:59:11 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dubai-paramoter-front.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-508859// 2 KB
3 KB 31ms
31ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-508859//dubai-paramoter-front.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ba9b302128dfe638be3600bc669f8d4b8b6454301245d668ca59af4e25d70591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 1570802
x-cache: HIT, HIT
x-imgix-id: b68e68de63787765010714062d6adcddfe3a7317
cross-origin-resource-policy: cross-origin
content-length: 2529
x-served-by: cache-sjc10051-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 01.140328
last-modified: Sun, 07 Jan 2024 05:14:33 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ski-dubai-front.jpg
cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-172// 9 KB
9 KB 31ms
31ms Image
image/avif 2a04:4e42:8e::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-images-rayna.imgix.net/imgiximages//Tour-Images//false-172//ski-dubai-front.jpg?w=270&h=309&auto=compress%2Cformat&crop=faces&fit=min

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8e::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

510f1ae566debf894ff003f1cc69d10dd3aa1b5bf59bddf7c205e6c03928781e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
age: 254018
x-cache: HIT, HIT
x-imgix-id: 4a1a54078325ac1f7af96a62406b483a9c9b9676
cross-origin-resource-policy: cross-origin
content-length: 8969
x-served-by: cache-sjc1000092-SJC, cache-fra-etou8220054-FRA
x-imgix-render-farm: 02.131624
last-modified: Mon, 22 Jan 2024 11:00:56 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Cdesk.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/ 1 KB
1 KB 26ms
26ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/Cdesk.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97e1bde1eba14d9d248fa39d4783b04bf400f60da6f79459a79a884e13167a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 7gKtD_bki.CqVC5zBtc_92BQOw3K765k
content-encoding: gzip
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 15180
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Mon, 21 Nov 2022 06:45:22 GMT
server: AmazonS3
etag: W/"394e4b00089d66814d1054c386e45786"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: W0x1FAVnnD69JpMo7-UGTNb8Y1hPQiNsX3EcSRf6ntxiAX3zVfYMQw==

GET
H2 200 GT-Eesti-Pro-Display-Regular.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/ 52 KB
53 KB 16ms
14ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/GT-Eesti-Pro-Display-Regular.woff2

Requested by

Host: wa.connectingdesk.com
URL: https://wa.connectingdesk.com/app/widgets_v2/chat_widget_s.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

cb5141afada03d4a510516b5eb9735a5c126a2603ab164b4b566a6be05fcbd49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wa.connectingdesk.com/
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 53592
referrer-policy: origin
last-modified: Thu, 09 Aug 2018 13:30:30 GMT
etag: "09f1524e52fd41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -nH4m4jUkYJBzf8sddvkDg4s7cHGqiuIS7xlcalvFjVsnaMGG4TEWw==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 GT-Eesti-Pro-Display-Light.woff2
d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/ 55 KB
55 KB 16ms
15ms Font
application/font-woff2 2600:9000:211e:8000:7:2db5:59c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1vqfl8cu8qgdj.cloudfront.net/assets/fonts/gteesti/GT-Eesti-Pro-Display-Light.woff2

Requested by

Host: wa.connectingdesk.com
URL: https://wa.connectingdesk.com/app/widgets_v2/chat_widget_s.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:8000:7:2db5:59c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

97d1c605849716cb0fa8cecd76fea43be43f244eaaf73387adb40f66c77c87f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://wa.connectingdesk.com/
Origin: https://www.raynatours.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:34 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
content-length: 55836
referrer-policy: origin
last-modified: Thu, 09 Aug 2018 13:30:28 GMT
etag: "072e422e52fd41:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pqOBx0XZznFw1loQUZqcGPQ34G3YA_W1AZqbvc6mOJ6DOdnFB9kIow==
expires: Tue, 30 May 2023 00:00:00 GMT

GET
H2 200 whatsapp-strips.svg
d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/ 6 KB
2 KB 40ms
40ms Image
image/svg+xml 2600:9000:20a0:8c00:3:6e16:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1i3enf1i5tb1f.cloudfront.net/assets/Whitelabel/svg/whatsapp-strips.svg

Requested by

Host: wa.connectingdesk.com
URL: https://wa.connectingdesk.com/app/widgets_v2/chat_widget_s.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:8c00:3:6e16:88c0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b909e0b8cd56eeb21a7a555ee953265695163924dccbbfb5cda6109842d8c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wa.connectingdesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: _bOCw6l5_Eg1Y3x.zxonaR0HTH_dD66S
content-encoding: br
via: 1.1 d53a72f970327ac790782b2a7692e5f6.cloudfront.net (CloudFront)
date: Thu, 25 Jan 2024 07:05:09 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P2
age: 8966
x-cache: Hit from cloudfront
referrer-policy: origin
last-modified: Thu, 24 Nov 2022 10:34:55 GMT
server: AmazonS3
etag: W/"79ba7d74f4b42a3a75c712abb49f831a"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: sgDHnXMi9MrcE3VYJIxG0x8NnvNOjq1BEFfE0NieOJoUqi87c_nWfg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
93 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R8Q1G2HVKK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92588f541e75fd1b9c03a93d468fbfcda15f13fd1a36196825c62bb77cb61c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jan 2024 09:34:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 49ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 25 Jan 2024 09:34:34 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4A990D16E34C4C9A92611DC0C1DFD709 Ref B: FRAEDGE1116 Ref C: 2024-01-25T09:34:35Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 moe_webSdk.min.latest.js Show response
cdn.moengage.com/webpush/ 208 KB
59 KB 67ms
8ms Script
application/javascript 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88be79c03612a94839ba7c6ed426610166a0ce6ca0ed74f71647b329a30d3b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:33:32 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 10:27:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 64
x-amz-server-side-encryption: AES256
etag: W/"9fffe2a34eefc79032415b0a09d0db3d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: sGsQvug-SppMHWkSPj-FSWzS8HJMjqdgFu0aVpy6BOWf1ZE6Zv2U7Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.raynatours.com
URL: https://www.raynatours.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jan 2024 09:34:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57021
x-xss-protection: 0
pragma: public
x-fb-debug: 3q4kdBZvxVOX3Fzh2uRpuWOg1S5VtMgil+IjSA1fyG42LTKYdzigjWvavXW3ySvgYcgDW+Yhftgro2z7l8hBVw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 itww5ikzlu Show response
www.clarity.ms/tag/ 650 B
1015 B 126ms
100ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/itww5ikzlu
Requested by: Host: www.raynatours.com
URL: https://www.raynatours.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 933ce3066c5151608f345f9d7fecd2c625e058e40ade79200c7507c537f14340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jan 2024 09:34:35 GMT
x-azure-ref: 20240125T093435Z-kydrhzqsrt0bd0rf0fxubeny5000000001hg00000000qc8c
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 46 KB
20 KB 42ms
14ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=44968

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5d2f7790db0a90cec0c075686e161802bd00b9f1d9b357fd89285220d8bda8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/987968341/ 3 KB
2 KB 66ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/987968341/?random=1706175275384&cv=11&fst=1706175275384&bg=ffffff&guid=ON&async=1&gtm=45He41m0v9113927035&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.raynatours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&pscdl=noapi&auid=187311308.1706175275&uamb=0&uaw=0&data=event%3Dhome%3Btravel_destid%3D%3Btravel_pagetype%3Dhome%3Btravel_totalvalue%3D%3Bdestination%3D%3Bgoogle_business_vertical%3Dtravel&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e8d88504deb9821d36c48b627a8271e05b33f821534b18b49b065bf75099b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10866807015/ 3 KB
1 KB 67ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10866807015/?random=1706175275387&cv=11&fst=1706175275387&bg=ffffff&guid=ON&async=1&gtm=45He41m0v9113927035&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.raynatours.com%2F&hn=www.googleadservices.com&frm=0&tiba=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&pscdl=noapi&auid=187311308.1706175275&uamb=0&uaw=0&data=event%3Dhome%3Btravel_destid%3D%3Btravel_pagetype%3Dhome%3Btravel_totalvalue%3D%3Bdestination%3D%3Bgoogle_business_vertical%3Dtravel&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a0189115b4986995edf4c18b9dd0f22b47e33ddb1ba9c8284daee6270f41b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1349
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 37ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R8Q1G2HVKK&gtm=45je41m0v875008837z89113927035&_p=1706175275071&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1996234571.1706175275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&sid=1706175275&sct=1&seg=0&dl=https%3A%2F%2Fwww.raynatours.com%2F&dt=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3473
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8Q1G2HVKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.raynatours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 51ms
17ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R8Q1G2HVKK&cid=1996234571.1706175275&gtm=45je41m0v875008837z89113927035&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8Q1G2HVKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.raynatours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 45ms
22ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R8Q1G2HVKK&cid=1996234571.1706175275&gtm=45je41m0v875008837z89113927035&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2041762722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1203279876357554 Show response
connect.facebook.net/signals/config/ 386 KB
117 KB 518ms
517ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1203279876357554?v=2.9.142&r=stable&domain=www.raynatours.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2ac8261222267a0b27f4fb89457e5c95f1362ba862359a94e09d464d33552d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jan 2024 09:34:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: PZooBRWjWcxrfWdz7lT4/ehT9uPs+3b0Htly6ROUp9s/Ql/0G3/f4dDHyqeqh6NaYlWONik4EzUzbGlRW5lEsA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/987968341/ 42 B
109 B 49ms
20ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/987968341/?random=1706175275384&cv=11&fst=1706173200000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v9113927035&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.raynatours.com%2F&frm=0&tiba=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&data=event%3Dhome%3Btravel_destid%3D%3Btravel_pagetype%3Dhome%3Btravel_totalvalue%3D%3Bdestination%3D%3Bgoogle_business_vertical%3Dtravel&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_mzvMy0LiMqu8hUTYTbVNRo2by9up2A&random=753590578&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/987968341/ 42 B
155 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/987968341/?random=1706175275384&cv=11&fst=1706173200000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v9113927035&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.raynatours.com%2F&frm=0&tiba=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&data=event%3Dhome%3Btravel_destid%3D%3Btravel_pagetype%3Dhome%3Btravel_totalvalue%3D%3Bdestination%3D%3Bgoogle_business_vertical%3Dtravel&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_mzvMy0LiMqu8hUTYTbVNRo2by9up2A&random=753590578&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187046462.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 31ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187046462.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

31e5f4ae7952d557d0bad835637d6b21f8c168c08abff6547012e7c7cf2c6627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 25 Jan 2024 09:34:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41AAAFEDA5624B8C9A707987B70EE4B5 Ref B: FRAEDGE1116 Ref C: 2024-01-25T09:34:35Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
287 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187046462&tm=gtm002&Ver=2&mid=d7f3b512-b9f2-45a1-8d08-fe24a469b8de&sid=f3b42c20bb6411ee8787411666ceeb66&vid=f3b43920bb6411ee8188a3e1a7f5096c&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&p=https%3A%2F%2Fwww.raynatours.com%2F&r=&lt=3069&evt=pageLoad&sv=1&rn=975278

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jan 2024 09:34:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E09014766C094485900A84835A6D3EFB Ref B: FRAEDGE1116 Ref C: 2024-01-25T09:34:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10866807015/ 42 B
456 B 40ms
18ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10866807015/?random=1706175275387&cv=11&fst=1706173200000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v9113927035&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.raynatours.com%2F&frm=0&tiba=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&data=event%3Dhome%3Btravel_destid%3D%3Btravel_pagetype%3Dhome%3Btravel_totalvalue%3D%3Bdestination%3D%3Bgoogle_business_vertical%3Dtravel&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_DxPNSAVSqdFH6gktygMrmS2hoMpuGw&random=4046962399&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10866807015/ 42 B
109 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10866807015/?random=1706175275387&cv=11&fst=1706173200000&bg=ffffff&guid=ON&async=1&gtm=45He41m0v9113927035&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.raynatours.com%2F&frm=0&tiba=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&data=event%3Dhome%3Btravel_destid%3D%3Btravel_pagetype%3Dhome%3Btravel_totalvalue%3D%3Bdestination%3D%3Bgoogle_business_vertical%3Dtravel&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_DxPNSAVSqdFH6gktygMrmS2hoMpuGw&random=4046962399&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B66E 14 KB
6 KB 43ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.raynatours.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=44968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.raynatours.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 09:34:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 412074
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 moe_webSdk_webp.min.latest.js Show response
cdn.moengage.com/webpush/ 87 KB
26 KB 8ms
8ms Script
application/javascript 99.86.4.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.moengage.com/webpush/moe_webSdk_webp.min.latest.js?app_id=IVGUX2VETR0TLXL59NYKWX6A&cluster=DC_2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGDQZR5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-6.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3de0b665b8ede91d1caeb3a383785cc65d73259ec85cd15e3b96ebcb7248d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:21:40 GMT
content-encoding: gzip
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 10:27:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 776
x-amz-server-side-encryption: AES256
etag: W/"4eb252ffc3c675d965d314af3f527bd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: UL3-Au28rn4fR70yCs-rjkCwG9Vn4lWJx6eQMeeEYYtcOXx_o_G2pg==

GET
H2 200 websdksettings Show response
sdk-02.moengage.com/ 5 KB
2 KB 46ms
12ms XHR
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/websdksettings?app_id=IVGUX2VETR0TLXL59NYKWX6A&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e17416010c1d983aed0fc294b39008266256a957bf67eb61ea823ba668c9aef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: aj912PXZ77M8EsEyUGqcz8Dv3pHNAeShYxdO8_Hn-CAStTJCvfXuJQ==
expires: Thu, 25 Jan 2024 09:34:34 GMT

GET
H2 401 live Show response
sdk-02.moengage.com/v1/experiences/web/ 167 B
715 B 41ms
23ms XHR
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v1/experiences/web/live?app_id=IVGUX2VETR0TLXL59NYKWX6A&unique_id=b6910de9-a0d0-4e0f-9154-5d0b415f3ff9&sdk_ver=2.20.0&platform=web&USER_TYPE=New&DAY_OF_THE_WEEK=Thursday&TIME_OF_THE_DAY=10&current_url=https%3A%2F%2Fwww.raynatours.com%2F&all_exp=false&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk_webp.min.latest.js?app_id=IVGUX2VETR0TLXL59NYKWX6A&cluster=DC_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5437f6a644912b406011c9ba00eaf5d941e27d9c690f940f4e6f939ebcf58e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
moe-request-id: PdTQZiYf
x-amz-cf-pop: FRA56-P6
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: *
x-cache: Error from cloudfront
access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
content-length: 171
x-amz-cf-id: tTrwp1iDll-RnNlKTmev8p9Diq_Amft8D3WtpDSpXNg5ZePS9P_OpA==

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 23ms
22ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/itww5ikzlu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: br
last-modified: Thu, 18 Jan 2024 15:10:56 GMT
etag: W/"0x8DC1837ABBF2420"
vary: Accept-Encoding
x-azure-ref: 20240125T093435Z-kydrhzqsrt0bd0rf0fxubeny5000000001hg00000000qc8t
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 21cd6617-801e-0077-7baf-4bfb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5759D8CED5BC404C87524DE57A56DD0E&RedC=c.clarity.ms&MXFR=101FA2EB156664EC39DCB6FA11666A46
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5759D8CED5BC404C87524DE57A56DD0E&MUID=1BE58E9DA0B86CE538F09A8CA1D36D7B

42 B
443 B

30ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5759D8CED5BC404C87524DE57A56DD0E&MUID=1BE58E9DA0B86CE538F09A8CA1D36D7B
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:34 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:34 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A5A2A9C58D64A5AB83218C4578A5B47 Ref B: FRAEDGE1116 Ref C: 2024-01-25T09:34:35Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5759D8CED5BC404C87524DE57A56DD0E&MUID=1BE58E9DA0B86CE538F09A8CA1D36D7B
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 187046462 Show response
www.clarity.ms/tag/uet/ 829 B
1 KB 103ms
103ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187046462
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187046462.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1adf48038b82fa23ca846cdfb67b7392026450f10d3b223508cd9ff4c5deae5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jan 2024 09:34:35 GMT
x-azure-ref: 20240125T093435Z-kydrhzqsrt0bd0rf0fxubeny5000000001hg00000000qc8x
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 IVGUX2VETR0TLXL59NYKWX6A Show response
sdk-02.moengage.com/v3/sdkconfig/web/ 269 B
669 B 94ms
93ms XHR
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/sdkconfig/web/IVGUX2VETR0TLXL59NYKWX6A?
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fbe474876c9b2933075089e54be3332bfc8c3579c420aa997c3c84c22665ea19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: x8-BVjQ89wRZEgjE6_itGVRzs0K-pgbE9GjVsGwAEl9eS1-fIuji3w==
expires: Thu, 25 Jan 2024 09:34:34 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B66E
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=raynatours.com&sn=ChromeSyncframe&so=0&topUrl=www.raynatours.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=-THoZnwwUnVnZEpqR3RsMm9JdXVZQU00bUpsQVhBbjNROTE3cnZNQytIYjlqSHI0NlFCR2xjYXcvcEoydk4xSnlnb2NwcDMrbG9wbTA1ZGJxb3ZDN1oxVG5tcHRKR2hQSGRlYnVua2hjQ2pGRnhwMlJqTjVCdUJRWCtKRF...

438 B
657 B

15ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-THoZnwwUnVnZEpqR3RsMm9JdXVZQU00bUpsQVhBbjNROTE3cnZNQytIYjlqSHI0NlFCR2xjYXcvcEoydk4xSnlnb2NwcDMrbG9wbTA1ZGJxb3ZDN1oxVG5tcHRKR2hQSGRlYnVua2hjQ2pGRnhwMlJqTjVCdUJRWCtKRFdBeUh6UTR3VC9nMm5qNllGY0xVTUVDSFNiYXNEMHlLcDB5MTQ2eTNPaXEzRkdzeElnblVBYnNicEhablBTYnk1WUR6UloxM0xkZFIreHEyWjJJK2kyR0sxSEdIUmM3QnBJZUY0NzNkS1Avd1AzV0FJMFJDVnFnckFsd1ZnSGRweHVhN29MaFdFNldsNlFUMDhkbjZnUHI2TzBxVjBHWTlRMk5RVThtQ3ZkSW02cnhwWDJjQT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c90d5b7fd81c973aea2eeaff550436f3536343bc1c4bfad0f2bb85fe4a6892d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1689280
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=-THoZnwwUnVnZEpqR3RsMm9JdXVZQU00bUpsQVhBbjNROTE3cnZNQytIYjlqSHI0NlFCR2xjYXcvcEoydk4xSnlnb2NwcDMrbG9wbTA1ZGJxb3ZDN1oxVG5tcHRKR2hQSGRlYnVua2hjQ2pGRnhwMlJqTjVCdUJRWCtKRFdBeUh6UTR3VC9nMm5qNllGY0xVTUVDSFNiYXNEMHlLcDB5MTQ2eTNPaXEzRkdzeElnblVBYnNicEhablBTYnk1WUR6UloxM0xkZFIreHEyWjJJK2kyR0sxSEdIUmM3QnBJZUY0NzNkS1Avd1AzV0FJMFJDVnFnckFsd1ZnSGRweHVhN29MaFdFNldsNlFUMDhkbjZnUHI2TzBxVjBHWTlRMk5RVThtQ3ZkSW02cnhwWDJjQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 248766
content-length: 0
expires: 0

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
298 B 437ms
205ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.raynatours.com
Date: Thu, 25 Jan 2024 09:34:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
5 KB 53ms
21ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=44968&v=5.20.0&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26site_type%3Dd%26z%3D%2523%2523Zip%2520Code%2523%2523&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=dRgeM196JTJGMmY1RDJyeGNhZnhpbFROcXU5OWdlVWZtaEl3bjFkYzdBRjdEVGN6a08lMkJzY2psRnQyb0ZTYldFb0RsWXpKWUIwS0tXdk5yaUwxYVU4ektCdExxdzE4SVh5RjdzeUx2TU9Na0FKTktYVWwlMkJEYWElMkJZVU1RWnJnZmF2ZnF6R3VSVWRjS3VDZUd5NSUyRlB3TXg0dlBmV0RRJTNEJTNE&tld=raynatours.com&dy=1&fu=https%253A%252F%252Fwww.raynatours.com%252F&ceid=347f3c38-4536-47b6-ac75-de025ba8f615&dtycbr=96762

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=44968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b20b0314d7470b198124860902c70a4215642ff2feacb8b4f452ff7a09976e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 8107115
timing-allow-origin: *
expires: 0

POST
H2 200 add Show response
sdk-02.moengage.com/v2/device/ 81 B
920 B 68ms
68ms XHR
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v2/device/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&is_incognito=false&app_id=IVGUX2VETR0TLXL59NYKWX6A&os_ver=Google%20Chrome&sdk_ver=2.20.0&model=Google%20Chrome&app_ver=1.0&device_ts=1706175275671&device_tz_offset=3600000&unique_id=8aa32ab3-771a-48a8-afa5-13e664d72f99&device_tz=-60&subscription_type=vapid&vapid_public=BFZihq9tQSmgheVS55ZD9BHoqMd9wY1ew8Tr_qPVJs9PeZjRGWg17QCIAu1d5Ilm9gPmFA0a721VRP6A5k4EXXI&environment=sdk-02.moengage.com&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bb8b86a15c64fd109e4ebecafb8fe461838d1f73f1cb84d87b84da4fee00aae3

Request headers

Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
moe-request-id: uYUtuAQa
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P6
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KISpLXjOROr8JKMMZWdCIsWA2tXbl3Vq9Iy6z7wwzR5hjZHZ9Z11Cw==
expires: Thu, 25 Jan 2024 09:34:34 GMT

POST
H2 200 add
sdk-02.moengage.com/v2/report/ 0
0 40ms
24ms Ping
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&is_incognito=false&app_id=IVGUX2VETR0TLXL59NYKWX6A&os_ver=Google%20Chrome&sdk_ver=2.20.0&model=Google%20Chrome&app_ver=1.0&device_ts=1706175275673&device_tz_offset=3600000&unique_id=8aa32ab3-771a-48a8-afa5-13e664d72f99&device_tz=-60&subscription_type=vapid&vapid_public=BFZihq9tQSmgheVS55ZD9BHoqMd9wY1ew8Tr_qPVJs9PeZjRGWg17QCIAu1d5Ilm9gPmFA0a721VRP6A5k4EXXI&environment=sdk-02.moengage.com&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

POST
H2 200 add
sdk-02.moengage.com/v2/report/ 0
0 37ms
21ms Ping
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&is_incognito=false&app_id=IVGUX2VETR0TLXL59NYKWX6A&os_ver=Google%20Chrome&sdk_ver=2.20.0&model=Google%20Chrome&app_ver=1.0&device_ts=1706175275673&device_tz_offset=3600000&unique_id=8aa32ab3-771a-48a8-afa5-13e664d72f99&device_tz=-60&subscription_type=vapid&vapid_public=BFZihq9tQSmgheVS55ZD9BHoqMd9wY1ew8Tr_qPVJs9PeZjRGWg17QCIAu1d5Ilm9gPmFA0a721VRP6A5k4EXXI&environment=sdk-02.moengage.com&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 11CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_cm&google_hm=ay1yR2JZY1A4NUk0SWl2SEZkTEM2bGQ5UVg0OVhVWHo1a...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_gid=CAESEDX9s575pmncEsU3HBlF_Rc&google_cver=1&google_ula=913071,0

43 B
369 B

14ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_gid=CAESEDX9s575pmncEsU3HBlF_Rc&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 730061
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-rGbYcP85I4IivHFdLC6ld9QX49XUXz5iEp5i5Q&google_gid=CAESEDX9s575pmncEsU3HBlF_Rc&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 11CA 43 B
235 B 54ms
18ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-1bbbi_85I4IivHFdLC6ld9QX49WpX0fcg7PfSQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 09:34:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 11CA
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5157515189207839146

43 B
370 B

14ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5157515189207839146

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1056805
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
an-x-request-uuid: 61f3fa28-7f17-4b61-97bb-26026efc8ad1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5157515189207839146
x-proxy-origin: 37.58.57.4; 37.58.57.4; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 11CA 57 B
816 B 89ms
50ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-quCX1f85I4IivHFdLC6ld9QX49V7qmjgbtk1PQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Jan 2024 09:34:35 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Thu, 25 Jan 2024 09:34:35 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 11CA 0
239 B 56ms
11ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-h9mxH_85I4IivHFdLC6ld9QX49U7r9Dt7cowsw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 11CA 43 B
163 B 82ms
31ms Image
image/gif 5.196.111.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-ZFIw4v85I4IivHFdLC6ld9QX49WNIpsH822tQA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.73 Lille, France, ASN16276 (OVH, FR),
Reverse DNS: ip73.ip-5-196-111.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 11CA 0
100 B 62ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-yyQCov85I4IivHFdLC6ld9QX49VN2UzeiZ8TkA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13701

GET
H2 200 um
criteo-sync.teads.tv/ Frame 11CA 23 B
165 B 87ms
44ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-7BCArP85I4IivHFdLC6ld9QX49XaYuXVZndb4g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 09:34:35 GMT
pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 11CA 37 B
141 B 31ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-R9bGvf85I4IivHFdLC6ld9QX49XCNDp6Ck-Xqw&dongle=013b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 11CA 0
126 B 48ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DRA95v85I4IivHFdLC6ld9QX49XWd9L0DDWGfw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 cksync.php
hb.yahoo.net/ Frame 11CA 56 B
321 B 81ms
38ms Image
image/gif 2.19.126.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-DRA95v85I4IivHFdLC6ld9QX49XWd9L0DDWGfw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.19.126.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-126-72.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Thu, 25 Jan 2024 09:34:35 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 56
x-mnet-hl2: E
expires: Thu, 25 Jan 2024 09:34:35 GMT

GET
H2 200 pixel
cm.adform.net/ Frame 11CA 43 B
164 B 82ms
24ms Image
image/gif 37.157.6.232
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-Bs75r_85I4IivHFdLC6ld9QX49XroWHDHL2mrQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.232 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
last-modified: Thu, 27 Jul 2023 11:18:06 GMT
server: nginx
accept-ranges: bytes
etag: "64c2526e-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 11CA 49 B
343 B 77ms
32ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-oO_IPP85I4IivHFdLC6ld9QX49Xi3D7ScNly4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 16
content-length: 49
expires: 0

GET
H2

200

rum
r.casalemedia.com/ Frame 11CA
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uok1av85I4IivHFdLC6ld9QX49UYlP4UvQvlrw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uok1av85I4IivHFdLC6ld9QX49UYlP4UvQvlrw&C=1

43 B
326 B

27ms
26ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-uok1av85I4IivHFdLC6ld9QX49UYlP4UvQvlrw&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICAj28WDm6t9p0kS2%2FPCThyaxlqrNEAU7EfNQNJpIplXg1CbuweAz5%2BIStOMyL%2Fdv7rpjCg1%2FbqtUYydzl9Z6WtCICsNrmZ09gc8mg7bh8kRVE4RSJfhkirL%2B6cl14nbkQo0"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84af85720b9e9ba4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbJQVhRTH%2FiAynNhDRAu8%2FuqDwFnF%2Feym7M2V884GcnswKfMB%2F2orm%2BzEefqiIy4pCb%2BCvOOVQqRXC5OASTVD2i9a%2BJ0J8qwm5PMqdbq5q1Di0bnJEK8j2K6O1ZfuLwFeH9D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=k-uok1av85I4IivHFdLC6ld9QX49UYlP4UvQvlrw&C=1
cache-control: no-cache
cf-ray: 84af8571eb789ba4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 11CA
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=i4_AyEJTP8ax8wjsueIlFK9a6N8hXNzQ
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=i4_AyEJTP8ax8wjsueIlFK9a6N8hXNzQ

42 B
718 B

34ms
34ms

Image
image/gif

63.33.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=i4_AyEJTP8ax8wjsueIlFK9a6N8hXNzQ

Protocol

Server

63.33.78.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-78-63.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0f7fdf65c.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 13lD1VqpQAo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0403cf5e4.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: tLKeehE4QAs=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=i4_AyEJTP8ax8wjsueIlFK9a6N8hXNzQ
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 9.gif
id5-sync.com/s/966/ Frame 11CA 43 B
1 KB 31ms
8ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-Ej5vU_85I4IivHFdLC6ld9QX49WTPcomMNQFIQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 match
ad.360yield.com/ Frame 11CA 43 B
200 B 125ms
28ms Image
image/gif 52.215.255.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-gmfkZf85I4IivHFdLC6ld9QX49WNwxvwttUJZw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.215.255.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-255-98.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Jan 2024 09:34:35 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 11CA 42 B
266 B 55ms
20ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-GhrQov85I4IivHFdLC6ld9QX49X2wIFN6Uawmw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 11CA 0
890 B 626ms
592ms Image
text/html 18.158.26.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-ncyucv85I4IivHFdLC6ld9QX49VPH-dVDu0SvA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.26.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-26-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:36 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 11CA 43 B
424 B 553ms
175ms Image
image/gif 52.89.135.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-W7hVIP85I4IivHFdLC6ld9QX49W7maYLI_b3jg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.135.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-135-99.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:36 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 11CA 0
145 B 369ms
86ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-XEwbIf85I4IivHFdLC6ld9QX49X42gZcZKionA&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 25 Jan 2024 09:34:36 GMT
Cache-Control: no-cache
X-TraceId: 5afcd72172de5819c48029b50261fd76
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 11CA 0
226 B 44ms
13ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-wWAYq_85I4IivHFdLC6ld9QX49V1sRPQQun0_w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 25 Jan 2024 09:34:35 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 11CA 0
36 B 77ms
10ms Image
text/plain 52.28.236.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-e7tzp_85I4IivHFdLC6ld9QX49VO5tyzJFXjlg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.236.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-236-76.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 11CA 43 B
399 B 319ms
104ms Image
image/gif 2600:1f18:612b:4200:a74b:1068:1430:1246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-7oYbI_85I4IivHFdLC6ld9QX49VWq28EqDUHeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:a74b:1068:1430:1246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 25 Jan 2024 09:34:36 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 11CA 0
235 B 163ms
135ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-j-p4SP85I4IivHFdLC6ld9QX49Vu2eysBqW1mg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Jan 2024 09:34:36 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Wed, 24 Jan 2024 09:34:35 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 11CA 0
39 B 107ms
31ms Image
text/plain 54.154.71.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-6w1Pt_85I4IivHFdLC6ld9QX49UqWLMdmmdBzQ&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 11CA 0
45 B 31ms
7ms Image
text/plain 35.156.125.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-xPAmfP85I4IivHFdLC6ld9QX49V6_S0EfHzayg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.125.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-125-55.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
server: awselb/2.0

POST
H2 200 add
sdk-02.moengage.com/v2/report/ 0
0 14ms
13ms Ping
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v2/report/add?os=web&os_platform=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&is_incognito=false&app_id=IVGUX2VETR0TLXL59NYKWX6A&os_ver=Google%20Chrome&sdk_ver=2.20.0&model=Google%20Chrome&app_ver=1.0&device_ts=1706175275743&device_tz_offset=3600000&unique_id=8aa32ab3-771a-48a8-afa5-13e664d72f99&device_tz=-60&subscription_type=vapid&vapid_public=BFZihq9tQSmgheVS55ZD9BHoqMd9wY1ew8Tr_qPVJs9PeZjRGWg17QCIAu1d5Ilm9gPmFA0a721VRP6A5k4EXXI&environment=sdk-02.moengage.com&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

POST
H2 200 live Show response
sdk-02.moengage.com/v3/campaigns/inapp/ 13 KB
2 KB 155ms
155ms XHR
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.20.0&os=web&unique_id=8aa32ab3-771a-48a8-afa5-13e664d72f99&
Requested by: Host: cdn.moengage.com
URL: https://cdn.moengage.com/webpush/moe_webSdk.min.latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ca1cd826362fc0cada9c2723cea69864bbea6c80465c59cb4fb6414c0b66df2

Request headers

Referer: https://www.raynatours.com/
MOE-APPKEY: IVGUX2VETR0TLXL59NYKWX6A
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
moe-request-id: kABefjqX
server: nginx
x-amz-cf-pop: FRA56-P6
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
content-length: 1524
x-amz-cf-id: NTjGILOv6hdgLGcri_-bKXsRr5e5F1EDAM5qVet4EtSZfKBs77XT6g==

OPTIONS
H2 200 live
sdk-02.moengage.com/v3/campaigns/inapp/ Frame 0
0 13ms
12ms Preflight
application/json 2600:9000:2490:9800:11:652e:c280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-02.moengage.com/v3/campaigns/inapp/live?sdk_ver=2.20.0&os=web&unique_id=8aa32ab3-771a-48a8-afa5-13e664d72f99&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9800:11:652e:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,moe-appkey
Access-Control-Request-Method: POST
Origin: https://www.raynatours.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since,Cache-Control, Content-Type, Range, MOE-DBNAME, MOE-APPKEY,MOE-REQUEST-ID, MOE-UNIQUE-ID, MOE-APPSECRET, MOE-INAPP-BATCH-ID, MOE-DASHBOARD-USER-ID
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 25 Jan 2024 09:34:35 GMT
moe-request-id: jvOqSJvp
server: nginx
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-amz-cf-id: bgqpQ9Rp-vq8ITzd0MJARZSkyNa4Emszog-OB7CTcVi02o2u9aQ-rw==
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 11CA 0
15 B 10ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-DRA95v85I4IivHFdLC6ld9QX49XWd9L0DDWGfw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 09:34:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 setuid
ib.adnxs.com/ Frame 11CA 43 B
1 KB 120ms
120ms Image
image/gif 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=52&code=k-czig1P85I4IivHFdLC6ld9QX49XDchmiGhlyLg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:35 GMT
an-x-request-uuid: 724ae98f-b51f-4f4b-a96f-59955a20034c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.57.4; 37.58.57.4; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 11CA
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uJL1kB9r0041cpQ3ajPTzxWYfgZlFlAt

0
339 B

119ms
41ms

Image
text/plain

108.129.8.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uJL1kB9r0041cpQ3ajPTzxWYfgZlFlAt
Protocol: H2
Server: 108.129.8.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-8-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Thu, 25 Jan 2024 09:34:35 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1706175275
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uJL1kB9r0041cpQ3ajPTzxWYfgZlFlAt
date: Thu, 25 Jan 2024 09:34:35 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 668769
content-length: 0

POST
H2 200 d9fc3f99b062da897195a51e80738d909f17ed161d6051f37b2af27b9cad35de Show response
ap.stape.info/events/ 0
745 B 372ms
335ms XHR
text/plain 2606:4700:3034::6815:58c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ap.stape.info/events/d9fc3f99b062da897195a51e80738d909f17ed161d6051f37b2af27b9cad35de

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1203279876357554?v=2.9.142&r=stable&domain=www.raynatours.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:58c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jan 2024 09:34:36 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvjJlocug7%2Fjqvr59Nxm7914GYkk%2BPExx7cQ4zufuP2fs342OJdNjNwZeZyQadqD%2BEqjMnB%2BP%2BkBPM2eqDV%2BhLATs03ekIqOdGsu32554U6DIJfXteVyMVIB7zswezAhPFpGKpBEjrN95H7x"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.raynatours.com
access-control-allow-credentials: true
cf-ray: 84af8573bcde6916-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 23ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1203279876357554&ev=PageView&dl=https%3A%2F%2Fwww.raynatours.com%2F&rl=&if=false&ts=1706175276070&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706175276066.836896986&eid=ob3_plugin-set_f15fb1c5cd68df9ea1798b3d40e9d3b52edefb923b0c72d89dba49d1f5f5d962&cs_est=true&ler=empty&it=1706175275469&coo=false&exp=d2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Jan 2024 09:34:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
298 B 96ms
96ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.raynatours.com
Date: Thu, 25 Jan 2024 09:34:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H/1.1 204
No Content collect Show response
e.clarity.ms/ 0
298 B 96ms
96ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.raynatours.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.raynatours.com
Date: Thu, 25 Jan 2024 09:34:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-R8Q1G2HVKK&gtm=45je41m0v875008837&_p=1706175275071&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1996234571.1706175275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&sid=1706175275&sct=1&seg=0&dl=https%3A%2F%2Fwww.raynatours.com%2F&dt=Leading%20Tour%20Operator%20and%20Destination%20Management%20Company%20Dubai%20-%20Rayna%20Tours&en=view_item&_et=2&tfd=8481
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8Q1G2HVKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raynatours.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jan 2024 09:34:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.raynatours.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ap.stape.info/events/d9fc3f99b062da897195a51e80738d909f17ed161d6051f37b2af27b9cad35de	1970-01-20 20:05:51	Name: cee Value: 3vhZZtAbcIzxpSkaqo4mR%2B0%2FRg9pWke9SVJw4Htc630%3D.%7B%22cee_id%22%3A%22cee.1706175276282.90402%22%7D
www.raynatours.com/	1969-12-31 23:59:59	Name: B2B Value: mxzkchcxdtojpgvshw2ernex
.raynatours.com/	1970-01-20 20:05:51	Name: _gcl_au Value: 1.1.187311308.1706175275
.raynatours.com/	1970-01-21 03:32:15	Name: _ga Value: GA1.1.1996234571.1706175275
.raynatours.com/	1970-01-21 03:32:15	Name: _ga_R8Q1G2HVKK Value: GS1.1.1706175275.1.0.1706175275.60.0.0
.raynatours.com/	1970-01-20 17:57:41	Name: _uetsid Value: f3b42c20bb6411ee8787411666ceeb66
.raynatours.com/	1970-01-21 03:17:51	Name: _uetvid Value: f3b43920bb6411ee8188a3e1a7f5096c
www.clarity.ms/	1970-01-21 02:41:51	Name: CLID Value: 6535138267c2416fafcbbae7d908a612.20240125.20250124
.bing.com/	1970-01-21 03:17:51	Name: MUID Value: 1BE58E9DA0B86CE538F09A8CA1D36D7B
.criteo.com/	1970-01-21 03:17:51	Name: uid Value: 3250d795-6607-4edb-807c-ea865fb16247
.criteo.com/	1970-01-21 03:17:51	Name: receive-cookie-deprecation Value: 1
.raynatours.com/	1970-01-21 02:41:51	Name: _clck Value: 1qxihhg%7C2%7Cfip%7C0%7C1485
.raynatours.com/	1970-01-21 03:25:39	Name: cto_bundle Value: dRgeM196JTJGMmY1RDJyeGNhZnhpbFROcXU5OWdlVWZtaEl3bjFkYzdBRjdEVGN6a08lMkJzY2psRnQyb0ZTYldFb0RsWXpKWUIwS0tXdk5yaUwxYVU4ektCdExxdzE4SVh5RjdzeUx2TU9Na0FKTktYVWwlMkJEYWElMkJZVU1RWnJnZmF2ZnF6R3VSVWRjS3VDZUd5NSUyRlB3TXg0dlBmV0RRJTNEJTNE
.raynatours.com/	1969-12-31 23:59:59	Name: moe_uuid Value: 8aa32ab3-771a-48a8-afa5-13e664d72f99
.c.bing.com/	1970-01-20 18:06:20	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:17:51	Name: SRM_B Value: 1BE58E9DA0B86CE538F09A8CA1D36D7B
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:17:51	Name: MUID Value: 1BE58E9DA0B86CE538F09A8CA1D36D7B
.c.clarity.ms/	1970-01-20 18:06:20	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 17:56:15	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-21 03:17:51	Name: IDE Value: AHWqTUnVhBX3s62RmRlI0hliSaga2z34gxgK8WanzGW4eyM66nUfHxxSOOtknMijlpM
.adnxs.com/	1970-01-20 20:05:51	Name: XANDR_PANID Value: f8n2dt-bPSCVEY5vAt8hIp4v4k8LBpl0C8Nm5G1xYtjMABYiOOf_A-Z2RQ6UVvZ-86njSlwMv6WIG_7Zfejn7JdALP1Gpb2toAZ3ugAldDs.
.adnxs.com/	1970-01-21 03:32:15	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:05:51	Name: uuid2 Value: 5157515189207839146
.media.net/	1970-01-21 02:41:51	Name: visitor-id Value: 3491768757267670000V10
.media.net/	1970-01-20 18:39:27	Name: data-c-ts Value: 1706175275
.media.net/	1970-01-20 18:39:27	Name: data-c Value: k-quCX1f85I4IivHFdLC6ld9QX49V7qmjgbtk1PQ~~3
.casalemedia.com/	1970-01-21 02:41:51	Name: CMID Value: ZbIrK3sxAs-UAYnrxOa2uwAA
.casalemedia.com/	1970-01-20 20:05:51	Name: CMPS Value: 5256
.casalemedia.com/	1970-01-20 20:05:51	Name: CMPRO Value: 5256
.demdex.net/	1970-01-20 22:15:27	Name: demdex Value: 62145464559327839362008928176179743286
.omnitagjs.com/	1970-01-20 18:39:27	Name: ayl_visitor Value: bf1c67e117e12019dfe1a14a86f4059d
.dpm.demdex.net/	1970-01-20 22:15:27	Name: dpm Value: 62145464559327839362008928176179743286
.adnxs.com/	1970-01-20 20:05:51	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E>>h/ED!!]tbPl@/D!9hy6]/Cr.?1Ttr:cw#YQe(#fHdd(oNkisQn4/0We4?^Ay/@.:/L(x?C#!C8)8U<LbpRzqF1`bac]+R]v!
.krxd.net/	1970-01-20 22:15:27	Name: _kuid_ Value: QDnspb1L
.raynatours.com/	1970-01-20 20:05:51	Name: _fbp Value: fb.1.1706175276066.836896986
.raynatours.com/	1970-01-20 17:57:41	Name: _clsk Value: ma749o%7C1706175276082%7C1%7C1%7Ce.clarity.ms%2Fcollect
.tremorhub.com/	1970-01-21 02:42:12	Name: tvid Value: aaaac6e2e21a465381f4e50294776952
.tremorhub.com/	1970-01-20 18:39:27	Name: tv_UICR Value: k-7oYbI_85I4IivHFdLC6ld9QX49VWq28EqDUHeg
.postrelease.com/	1970-01-21 02:41:51	Name: opt_out Value: 1
exchange.mediavine.com/	1970-01-20 18:16:24	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22f4149f60-bb64-11ee-b885-7b4d3163d6bf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:16:24	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22f4149f60-bb64-11ee-b885-7b4d3163d6bf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:16:24	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22f4149f60-bb64-11ee-b885-7b4d3163d6bf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:16:24	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22f4149f60-bb64-11ee-b885-7b4d3163d6bf%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:16:24	Name: criteo Value: %7B%22id%22%3A%22k-ncyucv85I4IivHFdLC6ld9QX49VPH-dVDu0SvA%22%2C%22version%22%3A%22criteo%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sdk-02.moengage.com/v1/experiences/web/live?app_id=IVGUX2VETR0TLXL59NYKWX6A&unique_id=b6910de9-a0d0-4e0f-9154-5d0b415f3ff9&sdk_ver=2.20.0&platform=web&USER_TYPE=New&DAY_OF_THE_WEEK=Thursday&TIME_OF_THE_DAY=10&current_url=https%3A%2F%2Fwww.raynatours.com%2F&all_exp=false& Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://connect.facebook.net/signals/config/1203279876357554?v=2.9.142&r=stable&domain=www.raynatours.com(Line 150) Message: Unrecognized feature: 'attribution-reporting'.
network	error	Message: The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
ap.stape.info
bat.bing.com
beacon.krxd.net
c.bing.com
c.clarity.ms
cdn-images-rayna.imgix.net
cdn.moengage.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1i3enf1i5tb1f.cloudfront.net
d1vqfl8cu8qgdj.cloudfront.net
d61181q6hf07.cloudfront.net
dis.criteo.com
djz6nvrucsv66.cloudfront.net
dpm.demdex.net
dynamic.criteo.com
e.clarity.ms
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
sdk-02.moengage.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
wa.connectingdesk.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.raynatours.com
x.bidswitch.net
108.129.8.189
13.248.245.213
141.226.228.48
142.250.185.194
162.19.138.83
172.64.151.101
178.250.1.9
18.158.26.107
185.255.84.153
185.89.211.84
198.47.127.205
2.16.97.41
2.19.126.72
20.62.48.180
2001:4860:4802:34::36
23.35.237.75
2600:1f18:612b:4200:a74b:1068:1430:1246
2600:9000:20a0:8c00:3:6e16:88c0:21
2600:9000:211e:8000:7:2db5:59c0:21
2600:9000:21f3:ee00:12:7439:dc0:21
2600:9000:2447:2e00:1c:c5b0:3380:21
2600:9000:2490:9800:11:652e:c280:93a1
2606:4700:20::681a:c1
2606:4700:3034::6815:58c1
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:400c:c00::9b
2a02:2638:3::c
2a02:2638:3::e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:8e::720
3.75.62.37
34.117.157.22
35.156.125.55
35.214.149.91
37.157.6.232
5.196.111.73
52.215.255.98
52.28.236.76
52.89.135.99
54.154.71.202
63.33.78.63
68.219.88.97
69.173.144.165
70.42.32.31
95.101.148.20
95.211.169.194
99.86.4.6
12eb68615bfb1176e591465c8d1ed2bb923426f73e05942bf1ccf214e2484078
151c5d53e0433a82cb7a3eaa0bfe494b037bda723a7f41afadd3c1af49789980
19185688f814e37a417b6c90fb014ba3b4d62993345bf8fd5be1644994706f0b
1a0189115b4986995edf4c18b9dd0f22b47e33ddb1ba9c8284daee6270f41b57
1adf48038b82fa23ca846cdfb67b7392026450f10d3b223508cd9ff4c5deae5e
1f2f303dd89048cd2679022f67c950bb7749f410c6f6fea65fe09c4c997f7c9a
1f89283138840c66dcfb344b1d2eb672a6663de262c8171dea21334099e2bfed
286a7cd56c2cca74d13db706c9e6fa08dad817b366ce8bd3c0850c6d5b8ef912
294fadbc701860b71071c8d1f2f5975d3328598214b74a6a28ea160cf873bfcf
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b24085e7e780d8bfb3f43ab95060100f9bff88f2757b01a81d229349ca096b2
2c3575e308a84034c3715d1f6e6e32e6728e5545e5573fb1cb7217b255687e07
31e5f4ae7952d557d0bad835637d6b21f8c168c08abff6547012e7c7cf2c6627
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32cf52f642774baac7e5184acb95671ca840128f13b7e7ec0b2be28048af8531
363ce3f765e4cfbda2df6dc17e8fdc917b490e30781550a10f38c54acc87216b
3665dce05162d2168e15c96d3f5045c8e423db26dea3e6a89867c07b9d55d92f
3e8d88504deb9821d36c48b627a8271e05b33f821534b18b49b065bf75099b82
43ae4110a18db39e72c1e2bd5520b456bdc588474ffaafe03436546d1ac198ce
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
510f1ae566debf894ff003f1cc69d10dd3aa1b5bf59bddf7c205e6c03928781e
5306ce00a65bd1e14a33ceda7c0a3eff07ea02a535a98cf8884add033c738c72
5437f6a644912b406011c9ba00eaf5d941e27d9c690f940f4e6f939ebcf58e53
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a022fd23388d416a0b20acd9f7d1b3a5d1e3583e08e71ebe1fb6d3ba3973330
5ca1cd826362fc0cada9c2723cea69864bbea6c80465c59cb4fb6414c0b66df2
5d2f7790db0a90cec0c075686e161802bd00b9f1d9b357fd89285220d8bda8a9
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e488080a22b02dddbaaaf79a640e4304ba8136c95bd1fadeeecaf85e4c27c9a
6d28c0739771dc7021d9280e25e4f9174d4f5ac327834b4e9e6cbf19ca38bd40
740632d495ba23f410ec4f74fdc8fd061d9b3b50398d3a50dd5d25f98b13ebb9
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
780e1b18e0904b2686e7e68ae54ea50056ef4e5667be2a918485704234516280
842eecfed91c885c848d53c2584aecaa0422aa972155e94696c1dc8d3450f13d
8685f06f71aad4b0352a9fe7a5da1cd5e7cb2c497bd40d8f7923278a8c297cfb
88be79c03612a94839ba7c6ed426610166a0ce6ca0ed74f71647b329a30d3b5c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a36f323d062270892e3717f581c9b428ad6d5290196bc5526a7b0f37b3d76de
8bb1c7276bbebe604607aea7b21e72eb0c95c21a2c32672e09e345f31a83e022
8d8734f9c1f4cf833d3293d4f3080eda3537700137510c76d6221c2498c02cc1
8e004c683d7089053da1d5e7aa52ab75f839c76dde80e34749c0cbce4efccc4e
907e6e47faea313368438dcb6a8b82b650f92a432e2edf9a10f5c0e815c08bf1
92588f541e75fd1b9c03a93d468fbfcda15f13fd1a36196825c62bb77cb61c11
933ce3066c5151608f345f9d7fecd2c625e058e40ade79200c7507c537f14340
9642e70b61b27e5fc4b378189ecd8414ec547a860e7d657ad160987aed827e97
97d1c605849716cb0fa8cecd76fea43be43f244eaaf73387adb40f66c77c87f0
97e1bde1eba14d9d248fa39d4783b04bf400f60da6f79459a79a884e13167a19
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9921518ddf28417cf9aaec2af0fdd17f420429deb9012764853cb116df8495
9b909e0b8cd56eeb21a7a555ee953265695163924dccbbfb5cda6109842d8c0b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cabe5dc11f7c2cd2fb2357503141a9b105b3b842487a25c8434286751fece4
a7b1d45fd09751931aec19002271f88dd12617d15de1671d37caa4eda8cb0e11
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
af27aeb4b665035e5ea061f430032c628a23060a10df7984dced62fd01069051
b085e182625629b2e6e3002ec5304dda05829055c8d5d2fcb10af0dcb32a623e
b0aeb682d202e5d4792ca5485b6aacd562b4190fb267997bc76391512af4f617
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b20b0314d7470b198124860902c70a4215642ff2feacb8b4f452ff7a09976e59
b40a7537943d81fddcc1c09bfac41afcffdc50cd31ac6be912478a5795db083c
ba9b302128dfe638be3600bc669f8d4b8b6454301245d668ca59af4e25d70591
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8b86a15c64fd109e4ebecafb8fe461838d1f73f1cb84d87b84da4fee00aae3
beec29e70aaaa8883238226ca1bc76989074241b26e397c01a75ccbf83469bb4
c23031217ee5894762f56a2401975e6735bec2e027a9dafddffb791a4b7822ce
c6537aaac9d9ae1340b09ba56b0e86636dfc283ef351d028e29edc81d75ea1d9
c90d5b7fd81c973aea2eeaff550436f3536343bc1c4bfad0f2bb85fe4a6892d0
cae76f34fc47c3aeeaafa1f89a01a74e4a9a2326e1364287487da28c4c890e63
cb5141afada03d4a510516b5eb9735a5c126a2603ab164b4b566a6be05fcbd49
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfeb0a942e0709473325c491c3164558cae14d5b3e47b994af900f8c6a44ab25
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2ac8261222267a0b27f4fb89457e5c95f1362ba862359a94e09d464d33552d6
df4aafd09fae97c2ceead4c81722b2b7a5c4a5723756fd674108b9695ecf7423
dff999398a69af88e508d311bc99de4ef8e23f9a5269f2894ab8099c87e796f5
e17416010c1d983aed0fc294b39008266256a957bf67eb61ea823ba668c9aef0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed432a6b17a82d0a9b39bd28b345a036022b8ed6f53750a70ce3662ce18fa00e
ee42287864a676e181f14f4a55355b95aa54909cc31e82eae2b152a81b182bb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d1c730bfb778bfbad222ec8c7516bc93b911b2a2577edc771134d6fbbf8137
f22a6945b082a629996cace5c936866d4ecd6b8c9f257c6430f301a46833fc77
f3de0b665b8ede91d1caeb3a383785cc65d73259ec85cd15e3b96ebcb7248d05
fb176315b8e8770088d09cdf1baa13a1f72fb5b51b2c4ade98b3553fc6a316a6
fbe474876c9b2933075089e54be3332bfc8c3579c420aa997c3c84c22665ea19
fd5abf73103374a840fe693e3f8fcd9fa61f1c017aa7a71a95f02a43d96de086
fda957a1b6ea88d6d95b2f95846b3c63555c08f598b9daa0d80596968148e986
ff0799f0d12107ad79007c850589962ffffa7a005ee4b3c92ce9203217a0db76
ff74fe47a4a6c781880006ea7de067289bfb8205bb380c727e42f551ccd8ff20
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.raynatours.com Open in urlscan Pro 2606:4700:20::681a:c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

95 %HTTPS

40 %IPv6

42 Domains

56 Subdomains

52 IPs

7 Countries

2989 kBTransfer

5145 kBSize

45 Cookies

8 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.raynatours.com Open in urlscan Pro
2606:4700:20::681a:c1 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

95 %
HTTPS

40 %
IPv6

42
Domains

56
Subdomains

52
IPs

7
Countries

2989 kB
Transfer

5145 kB
Size

45
Cookies

136 HTTP transactions
0 data transactions