1tac.com Open in urlscan Pro
2606:4700:30::6812:2fdb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bahgae.dynv6.net/1337257TL1462716pA391260925Va12634yj2wHr23501QQ
Effective URL:
https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642...
Submission: On October 03 via api (October 3rd 2019, 3:44:58 am UTC) from BE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 17 HTTP transactions. The main IP is 2606:4700:30::6812:2fdb, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is 1tac.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 4th 2019. Valid for: a year.

This is the only time 1tac.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.44.25.60 64.44.25.60	20278 (NEXEON) (NEXEON - Nexeon Technologies)
2	23.95.199.197 23.95.199.197	36352 (AS-COLOCR...) (AS-COLOCROSSING - ColoCrossing)
1 1	54.72.199.154 54.72.199.154	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	2606:4700:30:... 2606:4700:30::6812:2fdb	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2600:9000:200... 2600:9000:200d:8000:4:84b7:1800:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700:30:... 2606:4700:30::681b:ae07	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
17	5

1 64.44.25.60 (Chicago, United States) 1 redirects

ASN20278 (NEXEON - Nexeon Technologies, Inc., US)
PTR: incloud209.dxotouch.com

www.bahgae.dynv6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.95.199.197 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING - ColoCrossing, US)
PTR: 23-95-199-197-host.colocrossing.com

motionhaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.199.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com

brandedoffersaff.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:30::6812:2fdb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

1tac.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200d:8000:4:84b7:1800:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d24lq2wxhj5k68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:ae07 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

leadforge.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	1tac.com 1tac.com	260 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	812 B
2	leadforge.app leadforge.app	174 KB
2	cloudfront.net d24lq2wxhj5k68.cloudfront.net	382 KB
2	motionhaven.com motionhaven.com	5 KB
1	go2cloud.org 1 redirects brandedoffersaff.go2cloud.org	2 KB
1	dynv6.net 1 redirects www.bahgae.dynv6.net	286 B
17	7

	Domain	Requested by
10	1tac.com	motionhaven.com 1tac.com
2	cdn.mouseflow.com	1 redirects 1tac.com
2	leadforge.app	1tac.com
2	d24lq2wxhj5k68.cloudfront.net	1tac.com
2	motionhaven.com	motionhaven.com
1	brandedoffersaff.go2cloud.org	1 redirects
1	www.bahgae.dynv6.net	1 redirects
17	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-04` - `2020-09-03`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.mouseflow.com COMODO RSA Domain Validation Secure Server CA	`2017-04-25` - `2020-05-09`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
Frame ID: 4726CC67A0DA58124195802442CD3EB6
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.bahgae.dynv6.net/1337257TL1462716pA391260925Va12634yj2wHr23501QQ HTTP 302
http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634... Page URL
https://brandedoffersaff.go2cloud.org/aff_c?offer_id=799&aff_id=370&aff_sub=107196&aff_sub2=2b3aa4a2d8b8bd71517e2f... HTTP 302
https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.mouseflow\.com/i

Page Statistics

17
Requests

88 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

822 kB
Transfer

1046 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bahgae.dynv6.net/1337257TL1462716pA391260925Va12634yj2wHr23501QQ HTTP 302
http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4= Page URL
https://brandedoffersaff.go2cloud.org/aff_c?offer_id=799&aff_id=370&aff_sub=107196&aff_sub2=2b3aa4a2d8b8bd71517e2f353a72f642&aff_sub3=1337257 HTTP 302
https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.bahgae.dynv6.net/1337257TL1462716pA391260925Va12634yj2wHr23501QQ HTTP 302
http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=

Request Chain 15

https://cdn.mouseflow.com/projects/960e73c2-ca5b-4cc3-96fa-ff30e204abc9.js HTTP 301
https://cdn.mouseflow.com/projects/960e73c2-ca5b-4cc3-96fa-ff30e204abc9_eu.js

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

clicks Show response
motionhaven.com/
Redirect Chain

http://www.bahgae.dynv6.net/1337257TL1462716pA391260925Va12634yj2wHr23501QQ
http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=

4 KB
5 KB

240ms
200ms

Document
text/html

23.95.199.197
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-197-host.colocrossing.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash: b0b1dd48b9cc4516eaaf1790f03460e48bac944b9d6c3dbe12cf4ffbba4491c0

Request headers

Host: motionhaven.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.12.2
Date: Thu, 03 Oct 2019 03:44:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16

Redirect headers

Date: Thu, 03 Oct 2019 03:44:42 GMT
Server: Apache
location: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK index.php
motionhaven.com/ 217 B
409 B 367ms
367ms XHR
text/html 23.95.199.197
ColoCrossing

General

Check archive.org

Show headers Download Go to

Full URL: http://motionhaven.com/index.php
Requested by: Host: motionhaven.com
URL: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=
Protocol: HTTP/1.1
Server: 23.95.199.197 Buffalo, United States, ASN36352 (AS-COLOCROSSING - ColoCrossing, US),
Reverse DNS: 23-95-199-197-host.colocrossing.com
Software: nginx/1.12.2 / PHP/5.4.16
Resource Hash

Request headers

Referer: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 03 Oct 2019 03:44:43 GMT
Server: nginx/1.12.2
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

200

Primary Request ps Show response
1tac.com/
Redirect Chain

https://brandedoffersaff.go2cloud.org/aff_c?offer_id=799&aff_id=370&aff_sub=107196&aff_sub2=2b3aa4a2d8b8bd71517e2f353a72f642&aff_sub3=1337257
https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=

11 KB
4 KB

1657ms
1599ms

Document
text/html

2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=

Requested by

Host: motionhaven.com
URL: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3311f782df1111032bdc99aeb37ce15abb9eee456de7287e0ea06608e2aeed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: 1tac.com
:scheme: https
:path: /ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://motionhaven.com/clicks?cid=21784&pub=107196&sid1=1337257&sid2=3b-1337257-1462716-23501-12634-391260925&sid3=&sid4=

Response headers

status: 200
date: Thu, 03 Oct 2019 03:44:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2fb54e093f43d81f764217bf43293f131570074283; expires=Fri, 02-Oct-20 03:44:43 GMT; path=/; domain=.1tac.com; HttpOnly; Secure XSRF-TOKEN=eyJpdiI6IlZwcVZMd3VNUWhJMEZFUHViQ09Hc0E9PSIsInZhbHVlIjoiWWZ2SzVNbmNoS3NrOXhmejZ4Qml2bWpmeUJiemhZV0tRVWRvcGd0WXNWN1wvODhodHdXa1wvTDdDdjBjbHYzZGdlam1uRmtNXC82TGRvdDZtU3dVcGVWTFE9PSIsIm1hYyI6Ijg3ZDQ3MjQyNDU4YjM1MTgxN2I5ZGRkZTI4NTg2NmUxMDVkNzVjZWRiM2U1MmFjZDgyNTU4Y2FhYzQ5ZWM5ZTMifQ%3D%3D; expires=Sat, 05-Oct-2019 15:44:45 GMT; Max-Age=216000; path=/ laravel_session=eyJpdiI6ImtoQ0huR1hPUTJmcHd1QlRUVDgrbWc9PSIsInZhbHVlIjoiK0p2akdiNnBqUjJaXC9JOGlyUWQ3VzY5bUtaXC9HSUNIWkNIZkhGWlF6R29HaFlrMDJBYjZZREVhajQ0OXFyYTBhdWplRytzUVFNWnREXC9HaEwxUTh3Qnc9PSIsIm1hYyI6IjQyYjEzMTFhZWRkZTQwM2NlMzMyOGE4ZTY5Mzg4YzM4ZWFkZDcwOGUxMGQ0N2FiZTFhNmU4YWZiYzlmZWZmOWQifQ%3D%3D; expires=Sat, 05-Oct-2019 15:44:45 GMT; Max-Age=216000; path=/; HttpOnly AWSELB=07517B411884300CC7E718A3D818B411E0C3CC9AC818F23DCFDD5C018724482286BBCB61E8C8B362DEA469AE8E782CA585F7F198DF4005D7E4D5D9E2A7C3E02BE3ECBABD80;PATH=/;MAX-AGE=3600
cache-control: no-cache no-cache="set-cookie"
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 51fbeb529a4259ee-VIE
content-encoding: br

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 03 Oct 2019 03:44:43 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
P3P: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Server: nginx/1.13.12
Set-Cookie: enc_aff_session_799=ENC03f0d2564e0e622af0f22c8765b9938a39c08a602bfe1c29100ca6bf2ad63786cde4012bc9ca4e6f20fc9ff7d5d690c8265efef04fcc40e3bb8b87498f786df19d2e1b09fe2d2458d277678fe9c67cc0b612da804084a33e197e081a1eac6dd22ea495e7862def94209e0f5c0ad491758104abb969860b996b98c274c13df2f2fa812f7b4d4e9a470c30da15340882bb6c340e20d908177d2854fbd1642c35e3dae533d6cd417cb2b356fb3945323fe63e36edacc8d4d00632dcde95ed160bc603fd639818e8d9868262c1553eed31ca8da250dd488cb5f2525739dc10e414c286e42535529455d3e61b3a5c392168f93e1066cf670a1770c466f2bd1b6fb5daf31965ed6a; expires=Fri, 04 Oct 2019 03:44:43 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sat, 27 Aug 2022 14:24:43 GMT; path=/;
tracking_id: 102bdfffda3ceefc39fc95e8bc4e96
X-Robots-Tag: noindex, nofollow
Content-Length: 398
Connection: keep-alive

GET
H2 200 bootstrap.min.css
1tac.com/1tac/css/ 118 KB
18 KB 815ms
813ms Stylesheet
text/css 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/css/bootstrap.min.css

Requested by

Host: 1tac.com
URL: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

47642591e8c0d1ae4910dac1a020b4fbedcd61ab296082a26b7032e4f7b4edf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 28 May 2019 14:52:28 GMT
server: cloudflare
etag: W/"5ced4b2c-1d806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
cf-ray: 51fbeb5cbccf59ee-VIE
x-xss-protection: 1; mode=block
expires: Fri, 02 Oct 2020 03:44:46 GMT

GET
H2 200 bootstrap-theme.min.css
1tac.com/1tac/css/ 23 KB
2 KB 779ms
777ms Stylesheet
text/css 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/css/bootstrap-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb3e3d5ccd209a4f4e205cb7e7e1f09107d7a77ed5384644868282a30fb8b896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Sep 2018 20:27:51 GMT
server: cloudflare
etag: W/"5bae8ec7-5a95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
cf-ray: 51fbeb5cbcd059ee-VIE
x-xss-protection: 1; mode=block
expires: Fri, 02 Oct 2020 03:44:46 GMT

GET
H2 200 main.css
1tac.com/1tac/css/guide/ 2 KB
815 B 807ms
806ms Stylesheet
text/css 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/css/guide/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2372010e3339f190138543ec18cdb7417f4f8b6d82abf7e8b916e7c12e3972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=3008
status: 200
last-modified: Tue, 30 Oct 2018 14:44:39 GMT
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"5bd86e57-bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 51fbeb5cbcd159ee-VIE
expires: Fri, 02 Oct 2020 03:44:46 GMT

GET
H2 200 modernizr-2.8.3-respond-1.4.2.min.js Show response
1tac.com/1tac/js/ 20 KB
8 KB 791ms
790ms Script
application/javascript 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/js/modernizr-2.8.3-respond-1.4.2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Sep 2018 20:27:53 GMT
server: cloudflare
etag: W/"5bae8ec9-4e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cf-ray: 51fbeb5cbcd259ee-VIE
x-xss-protection: 1; mode=block
expires: Fri, 02 Oct 2020 03:44:46 GMT

GET
H2 200 flashlight.gif
1tac.com/img/survival-guide/ 31 KB
31 KB 776ms
775ms Image
image/gif 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1tac.com/img/survival-guide/flashlight.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

866e2c4e2e1448ba17c3e66a8fb0a243668048396af376bb3417a6c1601195de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 31592
x-xss-protection: 1; mode=block
last-modified: Thu, 22 Nov 2018 00:32:57 GMT
server: cloudflare
etag: "5bf5f939-7b68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51fbeb5cbcd359ee-VIE
expires: Fri, 02 Oct 2020 03:44:46 GMT

GET
H2 200 1tac_opencase.jpg
d24lq2wxhj5k68.cloudfront.net/img/survival-guide/16/ 152 KB
153 KB 33ms
10ms Image
image/jpeg 2600:9000:200d:8000:4:84b7:1800:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d24lq2wxhj5k68.cloudfront.net/img/survival-guide/16/1tac_opencase.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:200d:8000:4:84b7:1800:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

559dce6621ef8be53153b676bf0d2742b3109d9b06339a82e6564f5835d8ed78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 01:25:52 GMT
via: 1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
age: 6009
x-cache: Hit from cloudfront
status: 200
content-length: 156120
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Sep 2018 20:27:55 GMT
server: cloudflare
etag: "5bae8ecb-261d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache="set-cookie"
x-amz-cf-pop: FRA50
accept-ranges: bytes
cf-ray: 51eaa5257b4f64cd-FRA
x-amz-cf-id: 2MEfQkv2sh2UWHVgDX_48u2e9BZzCKrSrk7a97nNeYxz5NyCj_ld9g==

GET
H2 200 1tac_case.jpg
d24lq2wxhj5k68.cloudfront.net/img/survival-guide/16/ 228 KB
229 KB 11ms
9ms Image
image/jpeg 2600:9000:200d:8000:4:84b7:1800:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d24lq2wxhj5k68.cloudfront.net/img/survival-guide/16/1tac_case.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:200d:8000:4:84b7:1800:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7339bef2c72f8510c355205ac5d144167cd95b0e01689b1e54e1f4997ea59590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 01:25:52 GMT
via: 1.1 c76a5a41a8483a9e5dcccdfeb87a16ca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
age: 6010
x-cache: Hit from cloudfront
status: 200
content-length: 233926
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Sep 2018 20:27:55 GMT
server: cloudflare
etag: "5bae8ecb-391c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: no-cache="set-cookie"
x-amz-cf-pop: FRA50
accept-ranges: bytes
cf-ray: 51eaa5257f26e007-FRA
x-amz-cf-id: lwqiYpXyfN8-97WVI-pBQ2vm00wmuxv0T4DMIW4ZfxEEmt6xIh-Bmg==

GET
H2 200 fathers-day.jpg
1tac.com/img/survival-guide/16/ 156 KB
156 KB 796ms
795ms Image
image/jpeg 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1tac.com/img/survival-guide/16/fathers-day.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

310cefe329f1c1593242c3abf1ca44e802d84bb5afae8f8a30ac142b32db0cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 159292
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Sep 2018 20:27:55 GMT
server: cloudflare
etag: "5bae8ecb-26e3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51fbeb622e6e59ee-VIE
expires: Fri, 02 Oct 2020 03:44:47 GMT

GET
H2 200 1TAC_Banner2.jpg
leadforge.app/ps/presale/ 45 KB
45 KB 912ms
829ms Image
image/jpeg 2606:4700:30::681b:ae07
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadforge.app/ps/presale/1TAC_Banner2.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:ae07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e8d700ff3ee0949d475f0583f9cd6d3b7a95f8ce052edd7652a455780dadc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 46280
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Aug 2019 12:59:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d65292e-b4c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 51fbeb62af7ccbb4-VIE
expires: Thu, 03 Oct 2019 07:44:47 GMT

GET
H2 200 ORDERYOURS.png
leadforge.app/ps/presale/ 128 KB
128 KB 878ms
796ms Image
image/png 2606:4700:30::681b:ae07
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadforge.app/ps/presale/ORDERYOURS.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:ae07 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3184ec551850b0b35ed6c1bfc9379d0d8621c7b610f9d03d755358e53d2db804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:47 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 130871
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jul 2019 11:44:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5d35a19f-1ff37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 51fbeb62af7fcbb4-VIE
expires: Thu, 03 Oct 2019 07:44:47 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
1tac.com/1tac/js/ 91 KB
31 KB 772ms
771ms Script
application/javascript 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/js/jquery-1.10.2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 28 May 2019 14:52:28 GMT
server: cloudflare
etag: W/"5ced4b2c-16b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cf-ray: 51fbeb5cfced59ee-VIE
x-xss-protection: 1; mode=block
expires: Fri, 02 Oct 2020 03:44:46 GMT

GET
H2 200 bootstrap.min.js Show response
1tac.com/1tac/js/ 36 KB
9 KB 792ms
792ms Script
application/javascript 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 28 May 2019 14:52:28 GMT
server: cloudflare
etag: W/"5ced4b2c-9037"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
cf-ray: 51fbeb618e4159ee-VIE
x-xss-protection: 1; mode=block
expires: Fri, 02 Oct 2020 03:44:47 GMT

GET
H2 200 main.js Show response
1tac.com/1tac/js/ 0
61 B 768ms
767ms Script
application/javascript 2606:4700:30::6812:2fdb
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://1tac.com/1tac/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::6812:2fdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:47 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Fri, 28 Sep 2018 20:27:53 GMT
server: cloudflare
etag: "5bae8ec9-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 51fbeb622e6c59ee-VIE
expires: Fri, 02 Oct 2020 03:44:47 GMT

GET
H2

200

960e73c2-ca5b-4cc3-96fa-ff30e204abc9_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/960e73c2-ca5b-4cc3-96fa-ff30e204abc9.js
https://cdn.mouseflow.com/projects/960e73c2-ca5b-4cc3-96fa-ff30e204abc9_eu.js

764 B
660 B

7ms
6ms

Script
application/javascript

23.111.9.38
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/960e73c2-ca5b-4cc3-96fa-ff30e204abc9_eu.js
Requested by: Host: 1tac.com
URL: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer: https://1tac.com/ps?cid=q45uyk0g3b&offer_id=799&aff_id=370&sub_id=107196&sub_id2=2b3aa4a2d8b8bd71517e2f353a72f642&tid=102bdfffda3ceefc39fc95e8bc4e96&sub_id3=1337257&sub_id4=&sub_id5=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 03:44:46 GMT
content-encoding: gzip
last-modified: Wed, 02 Oct 2019 20:16:07 GMT
server: NetDNA-cache/2.2
etag: W/"34a1b3395e79d51:0"
status: 200
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

status: 301
date: Thu, 03 Oct 2019 03:44:46 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/960e73c2-ca5b-4cc3-96fa-ff30e204abc9_eu.js
content-type: text/html

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1tac.com/	1970-01-19 04:07:57	Name: AWSELB Value: 07517B411884300CC7E718A3D818B411E0C3CC9AC818F23DCFDD5C018724482286BBCB61E8C8B362DEA469AE8E782CA585F7F198DF4005D7E4D5D9E2A7C3E02BE3ECBABD80
1tac.com/	1970-01-19 04:11:30	Name: laravel_session Value: eyJpdiI6ImtoQ0huR1hPUTJmcHd1QlRUVDgrbWc9PSIsInZhbHVlIjoiK0p2akdiNnBqUjJaXC9JOGlyUWQ3VzY5bUtaXC9HSUNIWkNIZkhGWlF6R29HaFlrMDJBYjZZREVhajQ0OXFyYTBhdWplRytzUVFNWnREXC9HaEwxUTh3Qnc9PSIsIm1hYyI6IjQyYjEzMTFhZWRkZTQwM2NlMzMyOGE4ZTY5Mzg4YzM4ZWFkZDcwOGUxMGQ0N2FiZTFhNmU4YWZiYzlmZWZmOWQifQ%3D%3D
1tac.com/	1970-01-19 04:11:30	Name: XSRF-TOKEN Value: eyJpdiI6IlZwcVZMd3VNUWhJMEZFUHViQ09Hc0E9PSIsInZhbHVlIjoiWWZ2SzVNbmNoS3NrOXhmejZ4Qml2bWpmeUJiemhZV0tRVWRvcGd0WXNWN1wvODhodHdXa1wvTDdDdjBjbHYzZGdlam1uRmtNXC82TGRvdDZtU3dVcGVWTFE9PSIsIm1hYyI6Ijg3ZDQ3MjQyNDU4YjM1MTgxN2I5ZGRkZTI4NTg2NmUxMDVkNzVjZWRiM2U1MmFjZDgyNTU4Y2FhYzQ5ZWM5ZTMifQ%3D%3D
.1tac.com/	1970-01-19 12:53:30	Name: __cfduid Value: d2fb54e093f43d81f764217bf43293f131570074283

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1tac.com
brandedoffersaff.go2cloud.org
cdn.mouseflow.com
d24lq2wxhj5k68.cloudfront.net
leadforge.app
motionhaven.com
www.bahgae.dynv6.net
23.111.9.38
23.95.199.197
2600:9000:200d:8000:4:84b7:1800:21
2606:4700:30::6812:2fdb
2606:4700:30::681b:ae07
54.72.199.154
64.44.25.60
0d2372010e3339f190138543ec18cdb7417f4f8b6d82abf7e8b916e7c12e3972
310cefe329f1c1593242c3abf1ca44e802d84bb5afae8f8a30ac142b32db0cc2
3184ec551850b0b35ed6c1bfc9379d0d8621c7b610f9d03d755358e53d2db804
47642591e8c0d1ae4910dac1a020b4fbedcd61ab296082a26b7032e4f7b4edf9
52e8d700ff3ee0949d475f0583f9cd6d3b7a95f8ce052edd7652a455780dadc8
559dce6621ef8be53153b676bf0d2742b3109d9b06339a82e6564f5835d8ed78
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac
7339bef2c72f8510c355205ac5d144167cd95b0e01689b1e54e1f4997ea59590
866e2c4e2e1448ba17c3e66a8fb0a243668048396af376bb3417a6c1601195de
b0b1dd48b9cc4516eaaf1790f03460e48bac944b9d6c3dbe12cf4ffbba4491c0
bb3e3d5ccd209a4f4e205cb7e7e1f09107d7a77ed5384644868282a30fb8b896
c143492f31dfe14beb30c8ac069382d624b19a5ef4f2060bf91c28fc8f1f9c6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc
f3311f782df1111032bdc99aeb37ce15abb9eee456de7287e0ea06608e2aeed3
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

1tac.com Open in urlscan Pro 2606:4700:30::6812:2fdb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

5 IPs

2 Countries

822 kBTransfer

1046 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

4 Cookies

Indicators

1tac.com Open in urlscan Pro
2606:4700:30::6812:2fdb Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

822 kB
Transfer

1046 kB
Size

4
Cookies

17 HTTP transactions
0 data transactions