www.raymondduggantravel.com Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://billsmafia.raymondduggantravel.com/
Effective URL:
https://www.raymondduggantravel.com/
Submission: On January 03 via automatic, source certstream-suspicious (January 3rd 2024, 9:16:06 am UTC) — Scanned from DE

Summary HTTP 65 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 12 domains to perform 65 HTTP transactions. The main IP is 2a00:1450:4001:813::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.raymondduggantravel.com.
TLS certificate: Issued by GTS CA 1D4 on December 31st 2023. Valid for: 3 months.

This is the only time www.raymondduggantravel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
2	2a00:1450:400... 2a00:1450:4001:813::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
17	2600:9000:20a... 2600:9000:20a0:d000:d:c018:6f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	18.65.39.91 18.65.39.91	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:209... 2600:9000:2090:d200:9:bc76:c680:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	52.216.42.153 52.216.42.153	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2009	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
6	2600:9000:209... 2600:9000:2090:3a00:5:bf05:acc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
65	13

1 198.49.23.144 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

billsmafia.raymondduggantravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.raymondduggantravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:20a0:d000:d:c018:6f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2jkfj9lazd7el.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.39.91 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-91.ams1.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:d200:9:bc76:c680:93a1 (United States)

ASN16509 (AMAZON-02, US)

wasabi.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.42.153 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ivisa.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2090:3a00:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloudfront.net d2jkfj9lazd7el.cloudfront.net	341 KB
13	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10066 lh3.googleusercontent.com — Cisco Umbrella Rank: 129	341 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	224 KB
7	bstatic.com wasabi.bstatic.com — Cisco Umbrella Rank: 460028 cf.bstatic.com — Cisco Umbrella Rank: 16363	392 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	156 KB
3	booking.com 1 redirects www.booking.com — Cisco Umbrella Rank: 10769	11 KB
3	raymondduggantravel.com 1 redirects billsmafia.raymondduggantravel.com www.raymondduggantravel.com	30 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	5 KB
2	blogger.com www.blogger.com — Cisco Umbrella Rank: 10715	61 KB
2	amazonaws.com ivisa.s3.amazonaws.com — Cisco Umbrella Rank: 981946	32 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 21709	46 KB
65	12

	Domain	Requested by
17	d2jkfj9lazd7el.cloudfront.net	www.raymondduggantravel.com
12	lh3.googleusercontent.com	www.raymondduggantravel.com
6	cf.bstatic.com	www.booking.com
6	fonts.gstatic.com	www.raymondduggantravel.com
6	pagead2.googlesyndication.com	www.raymondduggantravel.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.booking.com	1 redirects www.booking.com cf.bstatic.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.blogger.com	www.raymondduggantravel.com
2	ivisa.s3.amazonaws.com	www.raymondduggantravel.com
2	www.raymondduggantravel.com	www.raymondduggantravel.com
1	www.google.com	tpc.googlesyndication.com
1	resources.blogblog.com	www.raymondduggantravel.com
1	blogger.googleusercontent.com	www.raymondduggantravel.com
1	wasabi.bstatic.com	www.raymondduggantravel.com
1	www.gstatic.com	www.raymondduggantravel.com
1	billsmafia.raymondduggantravel.com	1 redirects
65	17

This site contains links to these domains. Also see Links.

Domain
www.rocketlanguages.com
raymondduggantravel2024.blogspot.com
www.booking.com
www.ivisa.com
gofund.me
amzn.to
www.blogger.com

Subject Issuer	Validity	Valid
www.raymondduggantravel.com GTS CA 1D4	`2023-12-31` - `2024-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh
*.bstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-29` - `2024-11-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.raymondduggantravel.com/
Frame ID: 9F5E1FD42EF1C0689E4FE1831101F8F4
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: F7ED816220A58175438EC96F5415C537
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Frame ID: 2BB114F4C09F05ECD4EEFBD04C41B47D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5010405765979146&output=html&adk=1812271804&adf=3025194257&lmt=1704265533&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.raymondduggantravel.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273361719&bpp=2&bdt=172&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=770235381466&frm=20&pv=2&ga_vid=4136992.1704273362&ga_sid=1704273362&ga_hid=1025219188&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C95320884&oid=2&pvsid=1663370092741252&tmod=793422565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=258
Frame ID: D926737B1DD31B883C54F4FAD2E674EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 620E882F3EDDF77D621A8EA04E0B95E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0D97FA0C0A1DB0F3DEB4677A7C747A2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Raymond Duggan Travel

Page URL History Show full URLs

https://billsmafia.raymondduggantravel.com/ HTTP 302
https://www.raymondduggantravel.com/ Page URL

Detected technologies

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

65
Requests

98 %
HTTPS

79 %
IPv6

12
Domains

17
Subdomains

13
IPs

2
Countries

1639 kB
Transfer

3547 kB
Size

3
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rocketlanguages.com/arabic/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: http://raymondduggantravel2024.blogspot.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.booking.com/flights/index.html?aid=7938040
Title: Flights

Search URL Search Domain Scan URL

URL: https://www.booking.com/cars/index.html?aid=7938040
Title: Car Hire

Search URL Search Domain Scan URL

URL: https://www.booking.com/taxi/index.html?aid=7938040
Title: Airport Transfers

Search URL Search Domain Scan URL

URL: https://www.booking.com/attractions/index.html?aid=7938040
Title: Attractions

Search URL Search Domain Scan URL

URL: https://www.ivisa.com/?utm_source=raymonddugganvisa&utm_medium=affiliate
Title: Ivisa

Search URL Search Domain Scan URL

URL: https://gofund.me/ccacae27
Title: Go Fund Me

Search URL Search Domain Scan URL

URL: https://amzn.to/3tCddXA
Title: Amazon Store

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/sign-language/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/chinese/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/english/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/french/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/german/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/hindi/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/ingles/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/italian/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/japanese/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/korean/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/portuguese/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/russian/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.rocketlanguages.com/spanish/premium?type=freetrial&aff=raymogyuk

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Powered by Blogger

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://billsmafia.raymondduggantravel.com/ HTTP 302
https://www.raymondduggantravel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.booking.com/affiliate/prelanding_sdk HTTP 302
https://wasabi.bstatic.com/sdk/3.2.1/sdk.bundle.js

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.raymondduggantravel.com/
Redirect Chain

https://billsmafia.raymondduggantravel.com/
https://www.raymondduggantravel.com/

198 KB
27 KB

386ms
301ms

Document
text/html

2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

adfcccddad3b12c20f6be5ea386fccf05c4f411ead957696e68711d3aa9b1f66

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 26957
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 09:16:01 GMT
etag: W/"eb5b1b4f3d2e7425db2c415b08feeeee7532f0e8c2880b4d44eba588a3a3e340"
expires: Wed, 03 Jan 2024 09:16:01 GMT
last-modified: Wed, 03 Jan 2024 07:05:33 GMT
report-to: {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

age: 209
content-length: 0
date: Wed, 03 Jan 2024 09:12:30 GMT
location: https://www.raymondduggantravel.com
server: Squarespace
x-contextid: Z3lqxVLr/3jCW9zQY

GET
H2 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 82ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3475
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Jan 2024 09:16:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 97ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5010405765979146&host=ca-host-pub-1556223355139109

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70553351505cd871e979655e723a1d1d00b43665ab96674c33dfd7f1ab72defd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51297
x-xss-protection: 0
server: cafe
etag: 581634540168176143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:16:01 GMT

GET
H2 200 sprite_v1_6.css.svg
www.raymondduggantravel.com/responsive/ 7 KB
3 KB 22ms
22ms Other
image/svg+xml 2a00:1450:4001:813::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.raymondduggantravel.com/responsive/sprite_v1_6.css.svg

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Jan 2024 06:03:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/svg+xml
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2244
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 10 Jan 2024 09:16:01 GMT

GET
H2 200 728x90.gif
d2jkfj9lazd7el.cloudfront.net/images/affiliate/arabic/ 13 KB
13 KB 90ms
45ms Image
image/gif 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/arabic/728x90.gif
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fb3348c63269797e13a270147c91419d8741c0b531c6841a4cc9bb54281c575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: GfLt2XGG23Tu1OH2ogjQQLpUjYXlSP.u
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 02:56:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "27d2c6af86769486dcab4754095ba724"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 13194
x-amz-cf-id: sA-bthyP5P4-LxCUD6PrTKXsn7Yee7R_6AbN-WMwYtAPsBj5PpL4rQ==

GET
H2

200

sdk.bundle.js Show response
wasabi.bstatic.com/sdk/3.2.1/
Redirect Chain

https://www.booking.com/affiliate/prelanding_sdk
https://wasabi.bstatic.com/sdk/3.2.1/sdk.bundle.js

8 KB
3 KB

75ms
14ms

Script
application/javascript

2600:9000:2090:d200:9:bc76:c680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wasabi.bstatic.com/sdk/3.2.1/sdk.bundle.js
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Server: 2600:9000:2090:d200:9:bc76:c680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: affda6a87b81a6647060945c58159333820443e1c1faf5d092c479879b2daacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 06:21:17 GMT
content-encoding: gzip
via: 1.1 a4f5633e78f92f983940236e96220232.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 15:13:11 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 34519
x-amz-server-side-encryption: AES256
etag: W/"3e93100c3fc2e4f1c7ff4b97b5c5d4f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: he1dOBNaldEq_PipLeY4nTCczY3Nem8X41cPAjaGx_9CpxkxjFP3hg==

Redirect headers

date: Wed, 03 Jan 2024 09:16:01 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: AMS1-P1
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=c97341283af3040b&e=UmFuZG9tSVYkc2RlIyh9YVzgo423icpHTv6uKMejV7ptqzq550UBDWosSWj1p3A-IjRx78r_OLE
x-cache: Miss from cloudfront
location: https://wasabi.bstatic.com/sdk/3.2.1/sdk.bundle.js
x-amz-cf-id: uR1-iryPBew-TLbssqrU6iVWB-D2OiR5PkaE1lBuUXJaKr4j_ppF8g==
x-xss-protection: 1; mode=block

GET
H2 200 AVvXsEiu0zJePylUMeq6Iq9bk56t8kyU1Q9LVLGmt_teLR6gvhKItdX3S-bPb5cGuJ4nB-Be-jeqt980zR1oo6gBTb0eiUBMJP632rptfGKg7vQidrQeE-WAt9gpgyzJBjWRGVvVqPmF8SZnOfxMfKMo3pX4jt4hIBsQdctoIoH8SWEYvpovEDUomYY6po5OBnma=...
blogger.googleusercontent.com/img/a/ 48 KB
49 KB 899ms
843ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiu0zJePylUMeq6Iq9bk56t8kyU1Q9LVLGmt_teLR6gvhKItdX3S-bPb5cGuJ4nB-Be-jeqt980zR1oo6gBTb0eiUBMJP632rptfGKg7vQidrQeE-WAt9gpgyzJBjWRGVvVqPmF8SZnOfxMfKMo3pX4jt4hIBsQdctoIoH8SWEYvpovEDUomYY6po5OBnma=s1600

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d568e1ba89d08f393231ffc2614a2baeb0305806a4ea669d3cff9fe34e387dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v7820"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1656390947201.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49524
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:02 GMT

GET
H/1.1 200
OK generic-eng-728x90-02.jpg
ivisa.s3.amazonaws.com/affiliate/ 15 KB
16 KB 356ms
125ms Image
image/jpeg 52.216.42.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivisa.s3.amazonaws.com/affiliate/generic-eng-728x90-02.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.153 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ed39d41ea0cb2a039401de8a91032a2b50ef4b02db9fc43c79f152e3a2821614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:16:02 GMT
Last-Modified: Fri, 14 Apr 2023 15:17:48 GMT
Server: AmazonS3
x-amz-request-id: JK328JG1V9FBEWH8
ETag: "4e5a2245f0799163a5bb79c615370d2f"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 15623
x-amz-id-2: MqOCvOsRe3Syg21Sd1lccwf4Xt+q3m5I2wVqMubMLBkFO6Q/W1b0uDs9B+E6zM1IbO1wFp/BGg4=

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/sign-language/ 27 KB
28 KB 110ms
67ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/sign-language/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8713085d4c407bf9313eef42f27e6b0ae68b5c2893bd6933cd5e979a7d50aca1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fHnvvHPoHyiSCfRhcXlcV4fKd6zIYUJK
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:51:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "7d5b00f98fa07057edc4b23022cbba86"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 27946
x-amz-cf-id: A2qiOLMaqMQz1D8xAsox6UZM-PuzWema5lKEaoI973e3PAusx9dsHA==

GET
H2 200 mobile-banner-3.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/arabic/ 17 KB
18 KB 73ms
31ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/arabic/mobile-banner-3.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d290f59d6ae0228e92198fcbe9287796257432e1ea05908e93b54900203ef629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: frJElmWMOytK5dy6NpTm2bXZMb7XNxvE
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:47:51 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "118092b0234140df09d213cca6708993"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 17722
x-amz-cf-id: Z7OR6BHOvb-wKhr1zPc9ShlG1ASP7AT_EtqIDhVydQQ10B2YVWpPXQ==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/chinese/ 21 KB
22 KB 83ms
41ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/chinese/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a30f99e4a02809146d65612174a7ed63ba1f7973c1beaef3dc40cef88c98c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Gp0l_6.rJKpuwQpAmkGpXe9r0LhvcvGl
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:48:07 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "b45da3f0df3336cee1879d3884950aae"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 21950
x-amz-cf-id: FSXBsX6rdSW89Zi-J2MTeaCjuHj_wV3vjpId6ec67Rf9iJvD9OB2Rg==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/english/ 21 KB
21 KB 70ms
28ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/english/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdaeb685a722ceabcb71353ba1287076767da5fe5588d612e42a6686fee292b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: MXlvMgijJOXzsn_r_Mq9o9VoaLX4suFM
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:48:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "bdf54d5c4c96ecc8fe1821fae0816739"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 21586
x-amz-cf-id: EiG5udgEM-Jvu2mDjKLHTtolnDl1TlWCnZq8mEyeS5v1ygl2IEk3Ig==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/french/ 21 KB
21 KB 89ms
48ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/french/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7c1a8522d98ceb7d3bf6f7c05bf3bb245713296e423866693784431c9e97475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: UjiegdLscW.P_RK8K5oJWntsboMiyc3c
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:48:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "f66707473851ee019c608a18f01033c4"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 21088
x-amz-cf-id: iK_hhK76bz5TCRxnEXmU96XQE9JL13fvI2qFciyNfh-LGloI6_gAHg==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/german/ 21 KB
22 KB 49ms
48ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/german/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba03d61488c677a8847a08038c4ec2e9862f16aafde031b9f94dc8659067dd8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: gByS4OJjJy7YP1qFoFnL8c2XabqAJx4Q
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:48:58 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "460c715616b6eb51b89b7a216d3d7290"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 21978
x-amz-cf-id: SqP-AsAix3tyv-xgIz33RHPyE7vzYhRDynwbG-Rt0QPCB0Bqb6ES6g==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/hindi/ 19 KB
20 KB 25ms
24ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/hindi/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496549ea25d599af6feca9b790c70dfef58ec9e18e11579ceb1313c4903b4d0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: RFrSbG1EH7TvsvOMSqTsHXEqZsmDtHqT
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:49:11 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "93da4dfe1f605a6736aed150bf7f25c5"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 19919
x-amz-cf-id: eUX3BXE1x-RRuf59o3a11fs2y0ISzfnVdN2SIuZvBtrlji2G6rCpew==

GET
H2 200 mobile-banner-2.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/ingles/ 5 KB
5 KB 35ms
34ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/ingles/mobile-banner-2.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51e001bf00909e7bee2ed42a07e6d32f2a753a32d0ea80696f67d7ebcd7f1ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: imDbWnv_IYWf87Eo1arAQ6utH2FfCwnQ
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 01:49:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "6a0c554a15c58ac34d8eab6fb844fc23"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 5260
x-amz-cf-id: tNXT57betNL7Ze_YjdyX5ZgSuaCECxb5-v33MyT2tX39Eo6tWnv8wA==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/italian/ 20 KB
21 KB 38ms
38ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/italian/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eef736d2442db2819263912cf7dcc42050eb10ac9a20655c4139af2943ef0859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: JGd4I0EwPHcZfd_cp0vVE8TvVula.jHd
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:49:45 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "f68cdd9d69eee8d978673ad0abfc6488"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 20938
x-amz-cf-id: vryFfMdftbvGy397bM-sHIfS19xJfnqnE9xW5A5zXHCk2S5SvBbDpw==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/japanese/ 23 KB
23 KB 46ms
45ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/japanese/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 384c6d4d22f9499896d7f720403d616b16a376e4c2c1f32b7bd5421ac5d091bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Hy3MyXya_IHmrE_8C_2YPKCPEwVMMj1u
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:50:00 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "50477d93a69d083d0fc1a749da3cab8d"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 23173
x-amz-cf-id: KDdkFB27VZwgfmL_voNB9f3ItOuLHZNiAo0m1_XDDkuw5BRX20dqwQ==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/korean/ 21 KB
21 KB 47ms
46ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/korean/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45cef431af63552a332f47076036c8848762e353f85ae968298d085b0e6e33e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: RefDkpvPaJM1KX045rnvO.roT4S3Pvsm
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:50:15 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "2e0ce22a44c4344062c4b1d37294d44d"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 21492
x-amz-cf-id: 5acieqMQV8YMaTUZfU_tZ68wnJPzaq4Mgop6ltV7O689LHAhyZGUsg==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/portuguese/ 25 KB
25 KB 33ms
32ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/portuguese/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5833d25de0920f53080bd2cca3fffd52f8524d6ad84b068186c380aa2124afe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: hK7tuFlJVmWQQ.yIX._4Yszb3ppRFkUo
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:50:35 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "4ba6858dcf112ad68a26536f42e4ad1c"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 25282
x-amz-cf-id: ateVG2g4wGew3bnFNa_rlu0Xgv3ZsCi7CszVBFCgxUxUJQhmUmSMQQ==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/russian/ 22 KB
22 KB 31ms
31ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/russian/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84d9fce6d2b159619a476042416cd27a2c6885b28b58097c0fa41171b837decd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 41lS4XIDBugncCxfuj6OpAliiMAjCYV7
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:50:52 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "2a1a34ec8cfa8c4c7e268ae3efc2ff20"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 22214
x-amz-cf-id: wahUVCWe_4KY98As1LCYeVkuPtxQieK-Y8A7_7BL7rRlRGoH0j82Ow==

GET
H2 200 mobile-banner-1.jpg
d2jkfj9lazd7el.cloudfront.net/images/affiliate/spanish/ 22 KB
22 KB 36ms
35ms Image
image/jpeg 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/spanish/mobile-banner-1.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 400ad28f7a84517f2d4d23d8eaa4dfee1f51aa56b22624d3047d2efc4067de3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: OyeggRLrqziKoXj7vLtpHnOYnO6Lao4r
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:51:27 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "9a45d5e7ad7dda384d8f4b1189d9ed02"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 22199
x-amz-cf-id: G5E-n0O7M751nSwW0HkGtxquWoYtq1YGEzkOS9qT99xbgD7Sz0Rl6g==

GET
H/1.1 200
OK generic-eng-300x250-02.jpg
ivisa.s3.amazonaws.com/affiliate/ 16 KB
17 KB 401ms
188ms Image
image/jpeg 52.216.42.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivisa.s3.amazonaws.com/affiliate/generic-eng-300x250-02.jpg
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.153 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: eedcff0c322f6ba71ed33bbb40af49ccd13b98a574afc95e9f051486479997bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 09:16:02 GMT
Last-Modified: Fri, 14 Apr 2023 15:16:09 GMT
Server: AmazonS3
x-amz-request-id: JK35YH0NMW5SZES7
ETag: "a70dde6ba26151ee7cff36d1918cbe7c"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 16609
x-amz-id-2: UyPUhb9faK2sJAtB+L2rZdVNOjFii5JQzZawn9dJ81yPlqMcnZ5t3HAO8DWHzZzqMpe9oSK8GQM=

GET
H2 200 160x600.gif
d2jkfj9lazd7el.cloudfront.net/images/affiliate/russian/ 23 KB
24 KB 42ms
40ms Image
image/gif 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/russian/160x600.gif
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 975f927ad4211c70f186e5ecba5128a3fa49d1bddb9357b0f16f2dd28bd6cd01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: VPQrZh7tEFMmvp1jgEHyCW7.we3NVy5M
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 03:02:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "45adec9c70f0dcbe9e963f7f11d9f1eb"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 23697
x-amz-cf-id: jWMkQOXfLJKamEmuw20XAOoaWdokRTqWuXL6HtR2NBXmPybgZUNa5A==

GET
H2 200 728x90.gif
d2jkfj9lazd7el.cloudfront.net/images/affiliate/ingles/ 13 KB
13 KB 48ms
47ms Image
image/gif 2600:9000:20a0:d000:d:c018:6f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2jkfj9lazd7el.cloudfront.net/images/affiliate/ingles/728x90.gif
Requested by: Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:d000:d:c018:6f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a9655d8dc8c14d72258321cb8b45d31af43f5c7612e678b9ab5782472fc00b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: fbB7fI3gR3MPLJFU7VmZ_9.4z0q_A9Ys
date: Wed, 03 Jan 2024 09:16:01 GMT
via: 1.1 7c0d1e5d9f8346ae6627430911337f42.cloudfront.net (CloudFront)
last-modified: Tue, 25 May 2021 04:55:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 26965
etag: "3c91953f9fdac174eae7b7a1a79f5bdd"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 13369
x-amz-cf-id: i0uWPCoZ7Mia5PFlLlWK72QeEpmgnqYEU7O9UKvSDsYdg4EY9Dbhxg==

GET
H2 200 1841563160-vegeclub_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 134 KB
46 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/1841563160-vegeclub_compiled.js

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f01511332f4ac011294207a147d2f189b7e5a744d06040f9f4694fe0d3d10ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 03:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46933
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 16:00:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 08 Jan 2024 03:06:45 GMT

GET
H2 200 3069997043-widgets.js Show response
www.blogger.com/static/v1/widgets/ 161 KB
58 KB 85ms
24ms Script
text/javascript 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3069997043-widgets.js

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b657d3f6a414a1200d7aff3de61dff922d94193ee5c68decbba5a3f8d8b7b342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59312
x-xss-protection: 0
last-modified: Thu, 21 Dec 2023 22:38:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 02 Jan 2025 07:33:24 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 79ms
44ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:12:37 GMT
x-content-type-options: nosniff
age: 86604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:12:37 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 30 KB
30 KB 62ms
29ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:12:36 GMT
x-content-type-options: nosniff
age: 101005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30480
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 05:12:36 GMT

GET
H2 200 u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 82ms
48ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 15:55:37 GMT
x-content-type-options: nosniff
age: 148824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19720
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:47:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 15:55:37 GMT

GET
H2 200 u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 84ms
50ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:50:11 GMT
x-content-type-options: nosniff
age: 159950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19780
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 12:50:11 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 71ms
37ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:10:10 GMT
x-content-type-options: nosniff
age: 90351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:10:10 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
35 KB 47ms
14ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Origin: https://www.raymondduggantravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:33:17 GMT
x-content-type-options: nosniff
age: 128564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 21:33:17 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 141ms
112ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5010405765979146&host=ca-host-pub-1556223355139109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ccc2b7c37fce3c4d69c5584a633606971576cfd0d1ead5eff4b54368a708a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137928
x-xss-protection: 0
server: cafe
etag: 12172233748528436709
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 09:16:01 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame F7ED 9 KB
4 KB 50ms
13ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5010405765979146&host=ca-host-pub-1556223355139109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 13:49:38 GMT
etag: 5585625838579639069
expires: Tue, 16 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 prelanding_product.html Show response
www.booking.com/ Frame 2BB1 25 KB
9 KB 337ms
337ms Document
text/html 18.65.39.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164

Requested by

Host: www.booking.com
URL: https://www.booking.com/affiliate/prelanding_sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-91.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

f72f1654001de42a24c73dc3ebd6517de55de56bb008ad0d7783201c96027d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.raymondduggantravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 8062
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 09:16:02 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"max_age":604800,"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}]}
server: nginx
strict-transport-security: max-age=86400; includeSubDomains
vary: User-Agent, Accept-Encoding
via: 1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront)
x-amz-cf-id: cHLVoQvjlRGGJ7OvuoxFA-1Gjdk1BxbG2wLS7ULMSIYpu6qMhSnjOA==
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 AJ0KDdWxSc9Uqo0kiHxrT71VMH5mHFo8vyYcgEUttkx04OiJSZCTIHJBmUZsN-wd7y86CeOiAn_VeY5TAKY1qEcPcnIvWVTpgPESB391Pi-sXpOLUj4uuCZDAoh6-JYXMutw2M8TOrZxhWGLhHkoyy98vbLr0A=w1185-h272-p-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 43 KB
43 KB 123ms
121ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdWxSc9Uqo0kiHxrT71VMH5mHFo8vyYcgEUttkx04OiJSZCTIHJBmUZsN-wd7y86CeOiAn_VeY5TAKY1qEcPcnIvWVTpgPESB391Pi-sXpOLUj4uuCZDAoh6-JYXMutw2M8TOrZxhWGLhHkoyy98vbLr0A=w1185-h272-p-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c9d478ae937ac6e92d483d25503dd1690ac753a9bbd10a41a9eb87b9a14d8269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43639
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdU1wgng6yJCVbc8NkLEHNAXap7p-pivNx62rKWvNNIhc7tm96aveo8vXiMMq58_dApkWHHzAZ-T1xj7t4R76qde1h2XnXTWTrNr75uy8mRCCrXLpQ=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 28 KB
28 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdU1wgng6yJCVbc8NkLEHNAXap7p-pivNx62rKWvNNIhc7tm96aveo8vXiMMq58_dApkWHHzAZ-T1xj7t4R76qde1h2XnXTWTrNr75uy8mRCCrXLpQ=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

60a2e251d0bdae40ec8b89d7aa97f84d2a20071a4ff77926a3720ed208fd857b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28472
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdVPROZ4WKZCgynBM2hI7Q5tUWDHyZL5n4YRii6eP731-7KhWfIIrUaqjWaS1vrCWClm5za7hv00xRXZfNTJVwT7woFt7-KSDvMgGuuyOgdf6EM2MQ=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 27 KB
27 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdVPROZ4WKZCgynBM2hI7Q5tUWDHyZL5n4YRii6eP731-7KhWfIIrUaqjWaS1vrCWClm5za7hv00xRXZfNTJVwT7woFt7-KSDvMgGuuyOgdf6EM2MQ=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3b6994cb53081c8c43033180d9ae6d487927da9602302d1bb2684bede283432f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27870
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdWwGGZvYQAKhgnnkKUufsyUyHYpHpyZzdV2_aBX1d4BVYk_dQ4Hh065yHXLPyWISXXWohNMZ0nMGcqihfp8M4vay9IQmK8cjqC5SpTA9SVZC5gukg=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 14 KB
14 KB 31ms
31ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdWwGGZvYQAKhgnnkKUufsyUyHYpHpyZzdV2_aBX1d4BVYk_dQ4Hh065yHXLPyWISXXWohNMZ0nMGcqihfp8M4vay9IQmK8cjqC5SpTA9SVZC5gukg=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a74554d89292e4fb0adbc3e6e6b0acaca3af2252afe3f526f72d9de797cff2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdU5UALGPi6vVN_YfTkz9O24N26xMgd7BRa3PRRJB5HIyPfCmI7lsqPJLIzyEZ_sJNZfpOEQ67d3PlsDUW83r61uwsT0eYAfWl-IPkgLsCFz7a5r=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 21 KB
21 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdU5UALGPi6vVN_YfTkz9O24N26xMgd7BRa3PRRJB5HIyPfCmI7lsqPJLIzyEZ_sJNZfpOEQ67d3PlsDUW83r61uwsT0eYAfWl-IPkgLsCFz7a5r=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f1426a76ede7f37c7eb50a990c361b1c7834322f9853af75049aa9f11b63e51f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21085
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdUgp-KCpz0u-M2Dh8lAOcZMPDzKdUo1NmSTQ3Igvtb3jxYoHwndZTOEDt2yxSgQYDqWeoqshc264nG8OHI5DL36zm4ZeetqIB0928viluBF3_yUHA=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 16 KB
16 KB 38ms
38ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdUgp-KCpz0u-M2Dh8lAOcZMPDzKdUo1NmSTQ3Igvtb3jxYoHwndZTOEDt2yxSgQYDqWeoqshc264nG8OHI5DL36zm4ZeetqIB0928viluBF3_yUHA=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

610cbb62b2cf47e9c07c7bfa1d6e283b4023ab41c7c9be94a4a611e561a14f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16771
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdUlOt_AOKYLr7Aht1sBJRIgyksuMM5TGHdn8BF_mDLoUZnGlpNi81YWS32ASX0Qfol_XEcPQN3y7dNA9pcbi8KRKdQiRQLe4U76JMCrDqHiPKL-EA=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 22 KB
22 KB 61ms
61ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdUlOt_AOKYLr7Aht1sBJRIgyksuMM5TGHdn8BF_mDLoUZnGlpNi81YWS32ASX0Qfol_XEcPQN3y7dNA9pcbi8KRKdQiRQLe4U76JMCrDqHiPKL-EA=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

efbdc90964ad83b13a149ca339601b4e704a421b7239c2d3d56cde1f6e529054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22266
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdUGGJkVBUncF_mR7bgQ5ZlumD1RSnGXwjfUDCo9xPkJ3wxmZck-vRELLiE2PNUqwcAdzLPqjtqzG0ifBixqfwIyWds6iSukEm5FgDEhTI4zo20TqA=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 26 KB
26 KB 61ms
60ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdUGGJkVBUncF_mR7bgQ5ZlumD1RSnGXwjfUDCo9xPkJ3wxmZck-vRELLiE2PNUqwcAdzLPqjtqzG0ifBixqfwIyWds6iSukEm5FgDEhTI4zo20TqA=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9126b38ec7094ad8d28ffdea07cb884e583968b4a46301f61f2f4ee3e1f12ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26855
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdW7ImxTv1OM6uQMzUk2jOoJD8w2anLLxVLzDwxgdtJiKxxEIQatEsfrkdM2TQX7aGcmXbZwbdjraS2HNZPJ4NI6xOL7t9U9i3S5i0D3ZdfCQjfcdQ=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 20 KB
20 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdW7ImxTv1OM6uQMzUk2jOoJD8w2anLLxVLzDwxgdtJiKxxEIQatEsfrkdM2TQX7aGcmXbZwbdjraS2HNZPJ4NI6xOL7t9U9i3S5i0D3ZdfCQjfcdQ=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cf9aa348cda2b11476bf08bd56464dc2091f6315291fedd65de15efb327e8fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20051
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdV9zQ2LjsqamL6jeQHHdlU_2UeqUI0kK_2q-WN3u2U6Eb2YZv4SjTilLtDi3INbWBlqXcHOn-6quT6TDq9W5oPJpA5pMAHoqgoSApkfqThivxjM=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 31 KB
31 KB 47ms
47ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdV9zQ2LjsqamL6jeQHHdlU_2UeqUI0kK_2q-WN3u2U6Eb2YZv4SjTilLtDi3INbWBlqXcHOn-6quT6TDq9W5oPJpA5pMAHoqgoSApkfqThivxjM=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da91bf1e4218b6b6dde4894d9078489c3f98a89bbb167a200f231554c05c93a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31303
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdWMZR0zLFb5igI-LpKNHg6xuat2MjytLDu3zOuLk_sPZQ-9-15DYtjrMRaOaO4IKPbxc8PQKXUE5iz4k_NSJbebSHjwivwCV36k84LNJuLQtFamzA=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 23 KB
23 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdWMZR0zLFb5igI-LpKNHg6xuat2MjytLDu3zOuLk_sPZQ-9-15DYtjrMRaOaO4IKPbxc8PQKXUE5iz4k_NSJbebSHjwivwCV36k84LNJuLQtFamzA=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

387bdcf59625dd413882fa262884567d95083a596f82d5262c5eae17e0cbd0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23705
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 AJ0KDdV3s8cZ176iv89aFwSRfoU5ikmErO2LC7PXTk0SdCwspPea3v7DSV0UepWyTUhyG-elBnHnZa4pSIMGqmz9rTP6KomIc3S-iaKUUtj_lfJmKoIglQ=w385-h184-n-k-no-nu
lh3.googleusercontent.com/blogger_img_proxy/ 22 KB
22 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/blogger_img_proxy/AJ0KDdV3s8cZ176iv89aFwSRfoU5ikmErO2LC7PXTk0SdCwspPea3v7DSV0UepWyTUhyG-elBnHnZa4pSIMGqmz9rTP6KomIc3S-iaKUUtj_lfJmKoIglQ=w385-h184-n-k-no-nu

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9c6325c6de12a830df49e9d14abbf44111a40fdcc7caa42ceabdf83cecb94c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:01 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22069
x-xss-protection: 0
expires: Thu, 04 Jan 2024 09:16:01 GMT

GET
H2 200 blogger_logo_round_35.png
www.blogger.com/img/ 2 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:828::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/blogger_logo_round_35.png

Requested by

Host: www.raymondduggantravel.com
URL: https://www.raymondduggantravel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 15:29:10 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2024 11:50:32 GMT
server: sffe
age: 150411
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2531
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 08 Jan 2024 15:29:10 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D926 603 B
67 B 187ms
187ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5010405765979146&output=html&adk=1812271804&adf=3025194257&lmt=1704265533&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.raymondduggantravel.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273361719&bpp=2&bdt=172&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=770235381466&frm=20&pv=2&ga_vid=4136992.1704273362&ga_sid=1704273362&ga_hid=1025219188&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C95320884&oid=2&pvsid=1663370092741252&tmod=793422565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=258

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:16:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f56be168.9853793c.chunk.js Show response
cf.bstatic.com/psb/capla/static/js/ Frame 2BB1 388 B
872 B 129ms
83ms Script
application/javascript 2600:9000:2090:3a00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.bstatic.com/psb/capla/static/js/f56be168.9853793c.chunk.js
Requested by: Host: www.booking.com
URL: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec5ddd1993a9d8e53731b00ceb7bd63454a0124f1309ede64abd7bc246e95fe8

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: rV7MgnmMdx6fme8MwkQCrsx7UOCNi8PP
date: Wed, 03 Jan 2024 08:46:15 GMT
via: 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
age: 1788
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 388
last-modified: Wed, 18 Oct 2023 10:43:55 GMT
server: AmazonS3
etag: "13bdf974bfd06e2b9dbf85c07b691188"
vary: Accept-Encoding
x-amz-meta-x-deployment-hash: foo
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: SfF04TOPtwXF7OatS-f5QicDWilIbQg3h6Fof1zj4gj-3WOiNop3qQ==

GET
H2 200 client.e1df54a8.js Show response
cf.bstatic.com/psb/capla/static/js/ Frame 2BB1 1016 KB
283 KB 61ms
16ms Script
application/javascript 2600:9000:2090:3a00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.bstatic.com/psb/capla/static/js/client.e1df54a8.js
Requested by: Host: www.booking.com
URL: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3606f8161f09b6dc53d989cda9a61b0e303bc197f7c20ee02e577a43e596e3d2

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vEYGUW6IV1Agw.tfrr4gtgvRkqbKSyVl
content-encoding: gzip
via: 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 08:45:58 GMT
x-amz-cf-pop: AMS58-P1
age: 1805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 Nov 2023 10:41:51 GMT
server: AmazonS3
etag: W/"04ea3b67d5b55caee62ee56ffeed22d9"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: mVvkfqYzsx8ApygRKNxDQllLvEG1KMsKuhfmEjjeSDsQlJM5Pvr0nA==

GET
H2 200 b31d3b68.064834d2.chunk.js Show response
cf.bstatic.com/psb/capla/static/js/ Frame 2BB1 2 KB
1 KB 128ms
83ms Script
application/javascript 2600:9000:2090:3a00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.bstatic.com/psb/capla/static/js/b31d3b68.064834d2.chunk.js
Requested by: Host: www.booking.com
URL: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e22c7735032ac450299ca1cdddfeaa96de1a64333f9fc624e5e94f3abde8924e

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: mloOLSHBRFAWa.vf_Ztz9yGUcwb86TIZ
content-encoding: gzip
via: 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 08:45:58 GMT
x-amz-cf-pop: AMS58-P1
age: 1805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 18 Oct 2023 10:43:55 GMT
server: AmazonS3
etag: W/"29084757ac8a773f46176d56ceca859e"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: YuQRuqaN5WjnnPU3QIkk9kXHczFD2Bp7cWVOUjK4dnY_9ptmmoId3w==

GET
H2 200 client.d799b521.css
cf.bstatic.com/psb/capla/static/css/ Frame 2BB1 198 KB
28 KB 68ms
20ms Stylesheet
text/css 2600:9000:2090:3a00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.bstatic.com/psb/capla/static/css/client.d799b521.css
Requested by: Host: www.booking.com
URL: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef910a3ad25f8a3b48d17ceafc53892634ca7f793ecc79c82d45be79bddef70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 12:21:05 GMT
x-amz-version-id: zTX_h1CAVyxTsd4QHShYb28GVjlHAAtv
content-encoding: gzip
last-modified: Mon, 04 Dec 2023 02:42:14 GMT
server: AmazonS3
via: 1.1 9a04c6aa4d3f25ed242a525a7658d9ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
etag: W/"85b4c717e63ebae3a32be1bd76de133d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-meta-x-deployment-hash: foo
content-type: text/css
age: 75298
x-amz-cf-id: 1WoWC-B-E3-ijbz_7HW5ccASexhwEyCdwjwzrshD3JUrHM5wGb1vvg==

GET
H2 200 6fd80134.0b01a681.chunk.css
cf.bstatic.com/psb/capla/static/css/ Frame 2BB1 16 KB
4 KB 65ms
18ms Stylesheet
text/css 2600:9000:2090:3a00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.bstatic.com/psb/capla/static/css/6fd80134.0b01a681.chunk.css
Requested by: Host: www.booking.com
URL: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4248300e3d66ac9e9341a7b66caa08f082a5664cbe55638d9eaeb86896ba4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:02:04 GMT
x-amz-version-id: 147UQKzk59vKY9utrXCBTtYXKI1ffDpe
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 10:07:46 GMT
server: AmazonS3
via: 1.1 9a04c6aa4d3f25ed242a525a7658d9ac.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
etag: W/"a77b9d683b90d32d7a6f7c36e4b27c33"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
x-amz-meta-x-deployment-hash: foo
content-type: text/css
age: 69239
x-amz-cf-id: 3jPKGugE34DWX96mPAwcv8Ug0TvpoNTP3BtaTUoxCJoctxJZiWJZlg==

GET
H2 200 6fd80134.27346b28.chunk.js Show response
cf.bstatic.com/psb/capla/static/js/ Frame 2BB1 272 KB
71 KB 129ms
84ms Script
application/javascript 2600:9000:2090:3a00:5:bf05:acc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.bstatic.com/psb/capla/static/js/6fd80134.27346b28.chunk.js
Requested by: Host: www.booking.com
URL: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3a00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d67236dac555169344393c1d5f71241459ab08b597f52f07e4d026097c1c7e91

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: zNBDkW4gSqGQNWqMJuk2w2._26MzYdSy
content-encoding: gzip
via: 1.1 1bdf441282a54ae942606c92014c38d4.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 08:45:58 GMT
x-amz-cf-pop: AMS58-P1
age: 1805
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 22 Nov 2023 10:41:51 GMT
server: AmazonS3
etag: W/"5e941d087ce31a173d31a9dc5987c573"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-x-deployment-hash: foo
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: fTQt8SabAujn6H3dibRoizWpCAq4Cyz5xpOnd98oTayGxJkOcMVNDQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
63ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7835c303e8648f7afa479dbce38768ff669c58ce31e04c3d60ac2682baa2b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12285
x-xss-protection: 0

GET
H2 200 prelanding_view Show response
www.booking.com/affiliate/ Frame 2BB1 12 B
1 KB 184ms
183ms Fetch
application/json 18.65.39.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/affiliate/prelanding_view?widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=7938040&lang=de

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/psb/capla/static/js/6fd80134.27346b28.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-91.ams1.r.cloudfront.net

Software

nginx /

Resource Hash

587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/prelanding_product.html?responsive=true&widget_id=91177f2d-8a05-4807-857e-7f3d2c8d1994&aid=2265164
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:02 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 d0b402ca7e5fc6514bdd05f23e206b58.cloudfront.net (CloudFront)
x-content-options: nosniff
server: nginx
x-amz-cf-pop: AMS1-P1
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
x-amz-cf-id: S4f3XJf0GWEmZhe-0HhoP3oxBffhZokVuMDXg3AAP5E4x1gps3_JLg==
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 76ms
36ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 09:16:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 620E 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.raymondduggantravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:03:49 GMT
expires: Thu, 02 Jan 2025 09:03:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D0D9 829 B
1 KB 57ms
22ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

959a612e4c4ff81b14d3f1bb13e74d5ffbec74921a5d442f2ecb25a10d52b173

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XbGLaRcvkh86qkVyYYCc0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.raymondduggantravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XbGLaRcvkh86qkVyYYCc0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 09:16:02 GMT
expires: Wed, 03 Jan 2024 09:16:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 620E 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 15:49:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 15:49:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0D9 0
0 49ms
49ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1663370092741252&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 620E 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FgILKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:16:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1663370092741252&bg=!4-Cl4K_NAAY3kmNgF5I7ADQBe5WfOBoK-0-ky_acgw3RbSxkYY4l3X3aGNP397uli9mOrqBwNVqmpvmNKcMyhUNH64d4AgAAAEhSAAAAA2gBB5kDCY-ZAe68SmEIqZoQpRjsxIdIretNt08M28_o44IQPsp5rRr11aLj7E9ghox58PiyZJtw58Qb0MIOmpxO_bukn_ytmxlx0EEMjsWj-V2UBItg_Jdapisz9pfhqxVSncPrevwQ2-K_08Ai7EiUxdjjW_e9vyEQulObgL_uQ1MEYLm4wfA3zHeMjeIjHhR-wzK3se-16KD31UcDKQQAZjmzpJI69W2ispgeEQrO9edqjwQj9PHIrsV0v5ma7TZTXXkRfP1O_79FEeZrtFzo4YUbqrF3RDUGU4ypxJ-AUQIx_K2qzlLhSpmVZJXn00zHzHiTmpqGsmFZm-VYXo8QHJL3pHzsPzoj_85KR7js1likCL45wS2E0iQuDTYjrU-SuEIPFspVhntCoDUnYn6FW0_EVuh82dP1dhs-YjO9ozIeTZB1gIw1_qLyPs8fwFBS_Qm6_ejGX8KL1bVv3iXVOZ-I5c9OOhGApj_ldlYTMKzMUXxLzHguwWXZxE9SJklWPsbDtKMcC7ph176dLthY_tu62JqH1KzMRoe3hl0MIrpJVJEN_T5sCK517lkEzZ7XyXgYt8A4hFb7tUBw017SVTbxMfTHOenuD5SRHwgrorhGbzeEJMqx5t_5Y9Dhf2jtjGSP1mUSchH-V_bsUMG32Iw3QGam0eAFz6ick5H2zpkV0Ak9h2hV9lmq_JcPw56ZD3H3eIYY-0EEiOZsA-LFBGHt9WNqAtcxx-WsHvbvBbMgMLoCZSZk-HICl64XjDIn43sSFOZXIF2KeYSF4vQbS9GF88OJGZiTYnt6bnuc5FOG06gB33I9HHAYRosE4Rr2kIVqBuQQq0u7hCdJHnrBh14z-fUtxzg6Ol0FYtMHV53mPUH_tvJUA8QfUqYF_jGd-Bz6IQF2iHcaDvfoSawpvK7Kv1nIFt_vs4DC69beJEmI0QvZg8FBfDXzA_SuhrW82TH3s32JIV68Tmf6iB-OBNSN_LaV86kGJEMUGUU7iyTyzmXy9KPa5ag6sum6QKq2uI4fUQlH1f_wmd70cg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.raymondduggantravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billsmafia.raymondduggantravel.com/	1969-12-31 23:59:59	Name: crumb Value: BasBrRFjqX/gMjk1NzIyNDM3MGJjYjcxZWQ3MDQ5NzZjMDFiZWZh
.doubleclick.net/	1970-01-20 17:24:34	Name: test_cookie Value: CheckForPermission
.booking.com/	1970-01-21 03:00:33	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWznUFzZhHuRYYgUvLyPD92a0ZnyHmSK7eyahRGp4NbHRwPauFcCVfxCq9TnnOLcavuPrpf%2FkykOBKpNOqQ9awbJjY7JSM9qhg8OJKTAUThfE5mXmPRgcmPWYBxOu82lm7XiFKcpBOiuQdCLFu0n%2BtU19

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5010405765979146&output=html&adk=1812271804&adf=3025194257&lmt=1704265533&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.raymondduggantravel.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704273361719&bpp=2&bdt=172&idt=234&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=770235381466&frm=20&pv=2&ga_vid=4136992.1704273362&ga_sid=1704273362&ga_hid=1025219188&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079758%2C95320884&oid=2&pvsid=1663370092741252&tmod=793422565&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=258 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billsmafia.raymondduggantravel.com
blogger.googleusercontent.com
cf.bstatic.com
d2jkfj9lazd7el.cloudfront.net
fonts.gstatic.com
googleads.g.doubleclick.net
ivisa.s3.amazonaws.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
resources.blogblog.com
tpc.googlesyndication.com
wasabi.bstatic.com
www.blogger.com
www.booking.com
www.google.com
www.gstatic.com
www.raymondduggantravel.com
18.65.39.91
198.49.23.144
2600:9000:2090:3a00:5:bf05:acc0:93a1
2600:9000:2090:d200:9:bc76:c680:93a1
2600:9000:20a0:d000:d:c018:6f40:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2013
2a00:1450:4001:828::2009
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2003
52.216.42.153
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a30f99e4a02809146d65612174a7ed63ba1f7973c1beaef3dc40cef88c98c00
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1a74554d89292e4fb0adbc3e6e6b0acaca3af2252afe3f526f72d9de797cff2f
1a9655d8dc8c14d72258321cb8b45d31af43f5c7612e678b9ab5782472fc00b3
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
3606f8161f09b6dc53d989cda9a61b0e303bc197f7c20ee02e577a43e596e3d2
384c6d4d22f9499896d7f720403d616b16a376e4c2c1f32b7bd5421ac5d091bf
387bdcf59625dd413882fa262884567d95083a596f82d5262c5eae17e0cbd0bf
3b6994cb53081c8c43033180d9ae6d487927da9602302d1bb2684bede283432f
400ad28f7a84517f2d4d23d8eaa4dfee1f51aa56b22624d3047d2efc4067de3e
45cef431af63552a332f47076036c8848762e353f85ae968298d085b0e6e33e0
496549ea25d599af6feca9b790c70dfef58ec9e18e11579ceb1313c4903b4d0d
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4f01511332f4ac011294207a147d2f189b7e5a744d06040f9f4694fe0d3d10ac
51e001bf00909e7bee2ed42a07e6d32f2a753a32d0ea80696f67d7ebcd7f1ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5833d25de0920f53080bd2cca3fffd52f8524d6ad84b068186c380aa2124afe4
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
60a2e251d0bdae40ec8b89d7aa97f84d2a20071a4ff77926a3720ed208fd857b
610cbb62b2cf47e9c07c7bfa1d6e283b4023ab41c7c9be94a4a611e561a14f22
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
70553351505cd871e979655e723a1d1d00b43665ab96674c33dfd7f1ab72defd
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
84d9fce6d2b159619a476042416cd27a2c6885b28b58097c0fa41171b837decd
8713085d4c407bf9313eef42f27e6b0ae68b5c2893bd6933cd5e979a7d50aca1
9126b38ec7094ad8d28ffdea07cb884e583968b4a46301f61f2f4ee3e1f12ae8
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
959a612e4c4ff81b14d3f1bb13e74d5ffbec74921a5d442f2ecb25a10d52b173
975f927ad4211c70f186e5ecba5128a3fa49d1bddb9357b0f16f2dd28bd6cd01
9c6325c6de12a830df49e9d14abbf44111a40fdcc7caa42ceabdf83cecb94c32
9fb3348c63269797e13a270147c91419d8741c0b531c6841a4cc9bb54281c575
adfcccddad3b12c20f6be5ea386fccf05c4f411ead957696e68711d3aa9b1f66
affda6a87b81a6647060945c58159333820443e1c1faf5d092c479879b2daacd
b657d3f6a414a1200d7aff3de61dff922d94193ee5c68decbba5a3f8d8b7b342
ba03d61488c677a8847a08038c4ec2e9862f16aafde031b9f94dc8659067dd8e
c7835c303e8648f7afa479dbce38768ff669c58ce31e04c3d60ac2682baa2b49
c9d478ae937ac6e92d483d25503dd1690ac753a9bbd10a41a9eb87b9a14d8269
cef910a3ad25f8a3b48d17ceafc53892634ca7f793ecc79c82d45be79bddef70
cf9aa348cda2b11476bf08bd56464dc2091f6315291fedd65de15efb327e8fe4
d290f59d6ae0228e92198fcbe9287796257432e1ea05908e93b54900203ef629
d568e1ba89d08f393231ffc2614a2baeb0305806a4ea669d3cff9fe34e387dcf
d67236dac555169344393c1d5f71241459ab08b597f52f07e4d026097c1c7e91
da91bf1e4218b6b6dde4894d9078489c3f98a89bbb167a200f231554c05c93a3
e22c7735032ac450299ca1cdddfeaa96de1a64333f9fc624e5e94f3abde8924e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
ec5ddd1993a9d8e53731b00ceb7bd63454a0124f1309ede64abd7bc246e95fe8
ed39d41ea0cb2a039401de8a91032a2b50ef4b02db9fc43c79f152e3a2821614
eedcff0c322f6ba71ed33bbb40af49ccd13b98a574afc95e9f051486479997bc
eef736d2442db2819263912cf7dcc42050eb10ac9a20655c4139af2943ef0859
efbdc90964ad83b13a149ca339601b4e704a421b7239c2d3d56cde1f6e529054
f1426a76ede7f37c7eb50a990c361b1c7834322f9853af75049aa9f11b63e51f
f4248300e3d66ac9e9341a7b66caa08f082a5664cbe55638d9eaeb86896ba4b1
f72f1654001de42a24c73dc3ebd6517de55de56bb008ad0d7783201c96027d16
f7c1a8522d98ceb7d3bf6f7c05bf3bb245713296e423866693784431c9e97475
f8ccc2b7c37fce3c4d69c5584a633606971576cfd0d1ead5eff4b54368a708a6
fdaeb685a722ceabcb71353ba1287076767da5fe5588d612e42a6686fee292b8

www.raymondduggantravel.com Open in urlscan Pro 2a00:1450:4001:813::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

79 %IPv6

12 Domains

17 Subdomains

13 IPs

2 Countries

1639 kBTransfer

3547 kBSize

3 Cookies

23 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.raymondduggantravel.com Open in urlscan Pro
2a00:1450:4001:813::2013 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

79 %
IPv6

12
Domains

17
Subdomains

13
IPs

2
Countries

1639 kB
Transfer

3547 kB
Size

3
Cookies

65 HTTP transactions
0 data transactions