urlscan.io logo urlscan.io
SecurityTrails logo

tours.spec1a1.com Open in urlscan Pro
108.138.106.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/s...
Effective URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fg...
Submission: On September 24 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 108.138.106.14, located in United States and belongs to AMAZON-02, US. The main domain is tours.spec1a1.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 20th 2023. Valid for: a year.
This is the only time tours.spec1a1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 174.136.231.12 23422 (ECL-1)
1 1 45.90.12.63 212477 (ROYALE-AS)
1 1 3.89.175.212 14618 (AMAZON-AES)
21 108.138.106.14 16509 (AMAZON-02)
1 104.21.91.45 13335 (CLOUDFLAR...)
1 142.251.32.106 15169 (GOOGLE)
2 99.84.191.75 16509 (AMAZON-02)
36 6
3    174.136.231.12 (Edison, United States)

ASN23422 (ECL-1, US)
sendywaves.neupaneshyam.com.np
1    45.90.12.63 (Netherlands)

ASN212477 (ROYALE-AS, NL)
PTR: hosted-by.royalehosting.net
www.allseasclear.com
1    3.89.175.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-175-212.compute-1.amazonaws.com
go.moartraffic.com
21    108.138.106.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-14.jfk50.r.cloudfront.net
tours.spec1a1.com
1    104.21.91.45 (None, )

ASN13335 (CLOUDFLARENET, US)
cl0udh0st1ng.com
1    142.251.32.106 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f10.1e100.net
fonts.googleapis.com
2    99.84.191.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-75.iad89.r.cloudfront.net
utl-1.com
Domain Requested by
21 tours.spec1a1.com sendywaves.neupaneshyam.com.np
tours.spec1a1.com
utl-1.com
3 sendywaves.neupaneshyam.com.np sendywaves.neupaneshyam.com.np
2 utl-1.com tours.spec1a1.com
1 fonts.googleapis.com tours.spec1a1.com
1 cl0udh0st1ng.com tours.spec1a1.com
1 go.moartraffic.com 1 redirects
1 www.allseasclear.com 1 redirects
0 tours.yoursecrethookup.com Failed utl-1.com
0 secure.authbill.com Failed utl-1.com
36 9

This site contains links to these domains. Also see Links.

Domain
yoursecrethookup.com
Subject Issuer Validity Valid
spec1a1.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
cl0udh0st1ng.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
utl-1.com
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh

This page contains 2 frames:

Primary Page: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Frame ID: 4CF4C998E35059C03B7D8029FA6EF181
Requests: 35 HTTP requests in this frame

Frame: https://tours.yoursecrethookup.com/common/html/check_external_autologin.html?receiver=https%3A%2F%2Ftours.spec1a1.com
Frame ID: 7CCE6BC0311B2C0C29351A8E0E3E25AA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Secret Hookup

Page URL History Show full URLs

  1. http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33... HTTP 307
    https://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33... HTTP 307
    http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33... Page URL
  2. http://sendywaves.neupaneshyam.com.np/t/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x... Page URL
  3. https://www.allseasclear.com/2RHSCSQ/24GZ4ZPS/?sub1=9&sub2=54-1711&sub3=163-245057-2271 HTTP 302
    https://go.moartraffic.com/go.php?t=44725&aid=147177&sid=1113&clickid=9e9dc0b83870471e89acd8367de65b42 HTTP 302
    https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=3... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

36
Requests

69 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

6
IPs

3
Countries

411 kB
Transfer

444 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw HTTP 307
    https://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw HTTP 307
    http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw Page URL
  2. http://sendywaves.neupaneshyam.com.np/t/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw Page URL
  3. https://www.allseasclear.com/2RHSCSQ/24GZ4ZPS/?sub1=9&sub2=54-1711&sub3=163-245057-2271 HTTP 302
    https://go.moartraffic.com/go.php?t=44725&aid=147177&sid=1113&clickid=9e9dc0b83870471e89acd8367de65b42 HTTP 302
    https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw HTTP 307
  • https://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw HTTP 307
  • http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/
Redirect Chain
  • http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/x...
  • https://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/...
  • http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/x...
458 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
Protocol
HTTP/1.1
Server
174.136.231.12 Edison, United States, ASN23422 (ECL-1, US),
Reverse DNS
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Sep 2024 14:06:18 GMT
X-Address
gin_throttle_mw_7200000000_149.88.16.228
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1727190378

Redirect headers

Location
http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
sendywaves.neupaneshyam.com.np/ 		0
259 B 		Other
General
Check archive.org
Download Go to
Full URL
http://sendywaves.neupaneshyam.com.np/favicon.ico
Protocol
HTTP/1.1
Server
174.136.231.12 Edison, United States, ASN23422 (ECL-1, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw

Response headers

X-Ratelimit-Remaining
498
X-Address
gin_throttle_mw_7200000000_149.88.16.228
Content-Length
0
Date
Tue, 24 Sep 2024 14:06:18 GMT
X-Ratelimit-Limit
500
Content-Type
text/plain; charset=utf-8
X-Ratelimit-Reset
1727190378
xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
sendywaves.neupaneshyam.com.np/t/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/ 		300 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sendywaves.neupaneshyam.com.np/t/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
Requested by
Host: sendywaves.neupaneshyam.com.np
URL: http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
Protocol
HTTP/1.1
Server
174.136.231.12 Edison, United States, ASN23422 (ECL-1, US),
Reverse DNS
Software
/
Resource Hash
cdbfb832762e38c1c305cd4006dc1d0ec18cc883e4eff84cc663b3ce946c728e

Request headers

Referer
http://sendywaves.neupaneshyam.com.np/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Length
300
Content-Type
text/html; charset=utf-8
Date
Tue, 24 Sep 2024 14:06:19 GMT
X-Address
gin_throttle_mw_7200000000_149.88.16.228
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
497
X-Ratelimit-Reset
1727190378
Primary Request /
tours.spec1a1.com/t/2775/
Redirect Chain
  • https://www.allseasclear.com/2RHSCSQ/24GZ4ZPS/?sub1=9&sub2=54-1711&sub3=163-245057-2271
  • https://go.moartraffic.com/go.php?t=44725&aid=147177&sid=1113&clickid=9e9dc0b83870471e89acd8367de65b42
  • https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clicki...
22 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Requested by
Host: sendywaves.neupaneshyam.com.np
URL: http://sendywaves.neupaneshyam.com.np/t/4uCVkd1711kNue54pdsufglccx163GEXERBLWJSDVJCD245057BCUT2271q9/aiw1jc1q4zu5x33rkptsvrokkuza9js6r/sjryxoxzutlwa/gmdwj71hd9ol0i7kf6dgg0m/186670585082911916188304/xroaymfcxuaatqhvtqyprdmazyaxxgeuibvilpicmpeisclscjwnw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25fa1e6f4e5744702502b91826fc5749ec7ed967382b7cffc4ea4b13155dc979

Request headers

Referer
http://sendywaves.neupaneshyam.com.np/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 24 Sep 2024 14:06:23 GMT
etag
W/"1ced6d1a54ac94f1bcb2da133a28ffc8"
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-cf-id
XNUx-ijKBMXyf6uAhM0gtMGEjyoao1aJGOwu4wIiSiO-SwVKtvt3Rg==
x-amz-cf-pop
JFK50-P3
x-cache
RefreshHit from cloudfront

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 24 Sep 2024 14:06:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.19
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
bo.js
cl0udh0st1ng.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl0udh0st1ng.com/bo.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.91.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bcac5b9e1ef8a0fafb69ddc3dd0744369b6374e2de6c9ff31d82daaecd99423

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66d6d866-101c"
age
648
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhE1ndqYcHnB1Fmjq6T8fczXkfqxCmfMAir76xAzBQdDQPN6%2BpUHrs5p2J0UeWXBCLt3KZ0Z4gls0CF%2BwqTsNbDZoDzHhUIHKAT6POH7SEij7TykvqKhqoYXwhqs4SJANSvA"}],"group":"cf-nel","max_age":604800}
cf-ray
8c8355ad9f64ab1e-YYZ
date
Tue, 24 Sep 2024 14:06:22 GMT
content-type
text/plain
last-modified
Tue, 03 Sep 2024 09:35:34 GMT
vary
Accept-Encoding
server
cloudflare
styles.css
tours.spec1a1.com/t/2775/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2775/css/styles.css
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ef4d3445d4b0930f199aa32351f78c2f58a58142fe3169259cff7b37886c1bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

content-encoding
gzip
etag
W/"1473b26762ea71feb4b6b6e40977d766"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
_eXXcE4B-nqGtt8z_5Zsov0-73XlCrDgVDPbfX8_chbhZwSA9VUQOw==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
text/css
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
css
fonts.googleapis.com/ 		396 B
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rochester
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.106 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f10.1e100.net
Software
ESF /
Resource Hash
141050ccd3698386d0cf16ee764d4208a88c29f35b3552ea86e72d82008f254d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 14:06:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 14:06:22 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 24 Sep 2024 14:06:22 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
logo.svg
tours.spec1a1.com/t/2775/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/logo.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e30a31d1f6a769ed55d732d4cac0f7d0210950a49057c5d3e9ff2f7d041116da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

content-encoding
gzip
etag
W/"ff58a6cc274987f9657ac5dd4cd95eff"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
5t2b6ghI5wqYr3uWNC8zis3eAbEaPJR3xbpiCpQ_wDt8hdyfxplC6A==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
intro.jpg
tours.spec1a1.com/t/2775/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/intro.jpg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52f9bd02fb60fdc760cde43610634316e644643dadb500a0d23de2077baa78d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"b585eac69fffa1fd7970b383e6bddcb2"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
16283
x-amz-cf-id
ggMHRJ-rAro6xw18QAn8_PU4Jj5d2jqvuDk6vH8j_ValHPSeD3DVJw==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/jpeg
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
arrow.svg
tours.spec1a1.com/t/2775/img/ 		228 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/arrow.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe8fc656bd4bd41a636c489d1978ee2394d49068675184eeb43f1e0b0b945674

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"b9fa204329eb7174e9f771e34c7f3c53"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
228
x-amz-cf-id
TCTIRsD2Y4PdpxHs0NSP4ZTz2wOxwYW4OlvhrbC5T_V4Ak-u_yBcrg==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
chat-off.svg
tours.spec1a1.com/t/2775/img/ 		536 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/chat-off.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8185b95fa9bc2710da54cb1605168e31ef15418be411a7ec7efc0a8be0e4ca9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"d46e39485f8996fdd4356d116a7699ac"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
536
x-amz-cf-id
VpRDbove1y5tluMFuc5JJ03IIQtkJeeOqwejwp0bSWAd2ditOh6sLw==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
map-pin-shadow.svg
tours.spec1a1.com/t/2775/img/ 		295 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/map-pin-shadow.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1406e8ad5a6f490d35e424539bb837841bf4dff4c885426b282ee750e0ccc45e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"39084aa4edef89de7e0620722650e213"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
295
x-amz-cf-id
NZ-BKSH14eaf5dB_1yA6J5TKDqVJoI_ftqVJzgKBCef7cDPz4vDEDQ==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
map-pin-empty.svg
tours.spec1a1.com/t/2775/img/ 		284 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/map-pin-empty.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a97a7839ad196fe801c3272feee6f647d5b3550ccf82b83fddb03fb80c394ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"146ba9df08da8a36102e4c43dcbb9a4c"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
284
x-amz-cf-id
Red8SOmZEk_EIiY6OLPH4bYY5d-CJiy2m41vivSt0tyt4KPLehGHWQ==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
no-off.svg
tours.spec1a1.com/t/2775/img/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/no-off.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67e2c07484faa95886d7248915a49922143844500bdf057030a58e0ad1f2f3c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"ccccaa4728c922689a97a82bdfcac234"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
715
x-amz-cf-id
kKkLHQARN0L2Mf9B8BxpFU616WDamrNJzBlPCcJUGwxwxxx269HoqA==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
yes-off.svg
tours.spec1a1.com/t/2775/img/ 		663 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/yes-off.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
497abaabf83c01441bba433503cfdf7103c982e6b970d241a7f35264b425a904

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"99b4be28346d44445d2a2c3a1c388e65"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
663
x-amz-cf-id
oGd1Sf_qW0K0ntAIMe0ZCnZhaDFcT5BKC7fnqDLQgZ-5sjqX_Iwzsw==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
no.svg
tours.spec1a1.com/t/2775/img/ 		862 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/no.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95b1c99567d61185d7884b4ea9b285f849bfb46318b285cd2b25826fad57b1af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"65eeb52762bc89d879f3d7180fc2d976"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
862
x-amz-cf-id
UZBCCO9xMbRhn5rs09gIZZvGb3GK4xG8HJwgQ78WWSfFUJ_l7ais1g==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
yes.svg
tours.spec1a1.com/t/2775/img/ 		893 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/yes.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dda8e5ceb3f5f0cc9b274f97eff322d63d9917a39ca42f3a24412e3518c5b2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"655cbe97d7ed34e8462504d7dae81b90"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
893
x-amz-cf-id
rNH7UIrSLj17_AAN2WH8UsBE1vjv0nfCg5CWixIL3t-35s5GYbWoFQ==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
chat.svg
tours.spec1a1.com/t/2775/img/ 		536 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/chat.svg
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9789f8f451dd6f23f38cbd01a6f257a49c00ec10a1117538ddde63f4d9a1d349

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"a2a5a74b603b80bf577de512e882d1a1"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
536
x-amz-cf-id
6NsfdI3uKjv0kaLda6j-kX5WNiN9fw_CMziC5Z4Af-CjMV-yd_S20g==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/svg+xml
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
girls.png
tours.spec1a1.com/t/2775/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2775/img/girls.png
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbf3ddcc142e33e097c583a0eb5933e3e8a9ac0fc5c56054cb64ddf11762d078

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"adeeb4e0a822bb522625c1953bab8490"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
14564
x-amz-cf-id
7N6ukt-mhwc_5V7ZN8xFveaW8MWA7GTFxxLZRIzg--IBNCRhUFoWaQ==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
utl.min.js
utl-1.com/1.8.7/ 		315 KB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.7/utl.min.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
615aaa3eeaa71bf39430e0cc1feb7925e0e5f2991eb7565960b64fa7b8835cb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/

Response headers

etag
"31bfbaf3ea1307bb840ccd063bac1cf9"
age
3393149
via
1.1 c8c9787916110356915bbdbddd0a32d6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
322440
x-amz-cf-id
NhSmF582l7aMXnGrHB5jCaSJ2vZzgTOl842m4HyDjxMDZZi2yqE6oA==
date
Fri, 16 Aug 2024 07:33:54 GMT
content-type
application/javascript
last-modified
Fri, 16 Aug 2024 07:02:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
x-amz-server-side-encryption
AES256
mst2.min.js
utl-1.com/1.8.7/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.7/mst2.min.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.191.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-191-75.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/

Response headers

etag
"3a2e1fe5f9de68d28807b0b5675235f4"
age
3393128
via
1.1 c8c9787916110356915bbdbddd0a32d6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
17794
x-amz-cf-id
YzSP06BuejkqtflJNRQtAbbbGeMrAmZ1q0aaaiyC3-b3JGmfGb_huw==
date
Fri, 16 Aug 2024 07:34:15 GMT
content-type
application/javascript
last-modified
Fri, 16 Aug 2024 07:02:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
x-amz-server-side-encryption
AES256
custom.js
tours.spec1a1.com/t/2775/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2775/js/custom.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0478b08246594f80637add9063f4783bfa4bc169af42170085482f984f5f12a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

content-encoding
gzip
etag
W/"bf3b56a366a55c564dc9cbe833993ca7"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
x-amz-cf-id
8bE49QOyYADnwkk39_W94b4wmEfAzh-kh4v_F9-mHMYv3QBHf2c8NQ==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
text/javascript
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
emailPassing.js
tours.spec1a1.com/t/common/js/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/emailPassing.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

etag
"f388e70b1a3dc48d7c22f6b014124468"
age
248
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
836
x-amz-cf-id
WDkrsLtVHKQvtHrcS4gyI77NFHKHS4eZdiAlDEf8xwSd21zUfVfKuw==
date
Tue, 24 Sep 2024 14:02:15 GMT
content-type
text/javascript
last-modified
Fri, 20 Sep 2024 18:42:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
backtoMA.js
tours.spec1a1.com/t/common/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/backtoMA.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

content-encoding
gzip
etag
W/"07e836e82e77e5a68bb45546e70cd524"
age
100
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
VNL6kYCNU2R-nFdH9gZ6NO8Xok7WB4sGrUG9ERZRmUuT5A9ExwJwdQ==
date
Tue, 24 Sep 2024 14:06:22 GMT
content-type
text/javascript
last-modified
Fri, 20 Sep 2024 18:42:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
gtm.js
tours.spec1a1.com/t/common/js/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/gtm.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e87b0e56911078739374dea24c26b31d721201247eb9c04df9c77e62d9e34f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

content-encoding
gzip
etag
W/"9037e44394619484f7796a1adbdb3d44"
age
100
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ARfJdYDyIfTHQzMDQE4xkq1diElJ3VtpY9HTmea57BlTd5Yy2rZB3g==
date
Tue, 24 Sep 2024 14:06:22 GMT
content-type
text/javascript
last-modified
Fri, 20 Sep 2024 18:42:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
HelveticaNeue.woff2
tours.spec1a1.com/t/2775/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2775/fonts/HelveticaNeue.woff2
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2775/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a68c40ef544617b04ccea582bc84f1f3436fdfdb2fbe497d74fa67581c53db8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://tours.spec1a1.com
Referer
https://tours.spec1a1.com/t/2775/css/styles.css

Response headers

etag
"fba219f7273b767803ac6f88358de71e"
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
18380
x-amz-cf-id
iPmDR2bXCiDiMZLmkcjV-zlkCQ8Vk3kqcZbFhtBTFSbqp36FwyLg5Q==
date
Tue, 24 Sep 2024 14:06:23 GMT
content-type
font/woff2
last-modified
Fri, 20 Sep 2024 18:42:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
ga.js
tours.spec1a1.com/assets/spec1a1/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/assets/spec1a1/ga.js?_=1727186782675
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

etag
"dc39a35a00ad72a34bb4f5e3e6d35b38"
age
12
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
394
x-amz-cf-id
Lp17833vmkmQB5H7I2bIY9iKYJAAL7YtJuqBwJ6eazUWYXqOeeFTvw==
date
Tue, 24 Sep 2024 14:06:22 GMT
content-type
text/javascript
last-modified
Fri, 20 Sep 2024 18:40:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
vary
Accept-Encoding
api.php
secure.authbill.com/tour/ 		0
0
api.php
secure.authbill.com/tour/ 		0
0
api.php
secure.authbill.com/tour/ 		0
0
api.php
secure.authbill.com/tour/ 		0
0
api.php
secure.authbill.com/tour/ 		0
0
api.php
secure.authbill.com/tour/ 		0
0
api.php
secure.authbill.com/tour/ 		0
0
check_external_autologin.html
tours.yoursecrethookup.com/common/html/ Frame 7CCE 		0
0
favicon.png
tours.spec1a1.com/t/2775/img/ 		135 B
536 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2775/img/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-14.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee7d7d2b00daf807d887344419f4d4c03bd65008dc92486385250dca3a3cd42e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59

Response headers

x-amz-cf-id
zInjZRvWuEp82vZdC7d8JeiNXxpZtWsCtLkt5lvy0LDKaGBokop5VQ==
etag
"099932ca2bd11bb7199b743d53f85aac"
x-amz-error-detail-key
t/2775/img/favicon.png
via
1.1 8c17de0f985b9ec9dbef8f79e2137106.cloudfront.net (CloudFront)
x-amz-error-message
The specified key does not exist.
x-cache
Error from cloudfront
content-length
135
x-amz-error-code
NoSuchKey
date
Tue, 24 Sep 2024 14:06:22 GMT
content-type
text/html
last-modified
Fri, 20 Sep 2024 18:40:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
secure.authbill.com
URL
https://secure.authbill.com/tour/api.php
Domain
tours.yoursecrethookup.com
URL
https://tours.yoursecrethookup.com/common/html/check_external_autologin.html?receiver=https%3A%2F%2Ftours.spec1a1.com

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| a function| b object| utl function| isTestUser object| QueryString function| $ function| jQuery object| angular object| timeouts number| num_steps function| init function| animateStep function| showResults function| resetResults function| handleErrors function| handleSuccess function| getProductFromUrlOrDefault function| handleBackToMA function| getCookie function| forwardToMemberArea function| ga object| _loq object| _izq

11 Cookies

Domain/Path Name / Value
.moartraffic.com/ Name: bd_ovtu
Value: 1
.moartraffic.com/ Name: bdreff
Value: http%3A%2F%2Fsendywaves.neupaneshyam.com.np%2F
.moartraffic.com/ Name: tour
Value: 44725
.moartraffic.com/ Name: affsubid
Value: 147177-1113
.moartraffic.com/ Name: bdvisit
Value: 147177
.moartraffic.com/ Name: bdcounter
Value: 1
.moartraffic.com/ Name: xk
Value: d05170c00b889459ea0e5bc5656d4cf7
.spec1a1.com/ Name: tour
Value: 44725
.spec1a1.com/ Name: affsubid
Value: 147177-1113
.spec1a1.com/ Name: reff
Value: http%3A%2F%2Fsendywaves.neupaneshyam.com.np%2F
.spec1a1.com/ Name: upgrade_tour
Value: 0

3 Console Messages

Source Level URL
Text
network error URL: http://sendywaves.neupaneshyam.com.np/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://tours.spec1a1.com/t/2775/?t=44725&aid=147177&sid=1113&xk=d05170c00b889459ea0e5bc5656d4cf7&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D44725%26aid%3D147177%26sid%3D1113%26clickid%3D9e9dc0b83870471e89acd8367de65b42%26hts_id%3Dd041ec87-0fd0-48e2-af35-ddce8a643b59&clickid=9e9dc0b83870471e89acd8367de65b42&i18n_country=CA&hts_id=d041ec87-0fd0-48e2-af35-ddce8a643b59
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://tours.spec1a1.com/t/2775/img/favicon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cl0udh0st1ng.com
fonts.googleapis.com
go.moartraffic.com
secure.authbill.com
sendywaves.neupaneshyam.com.np
tours.spec1a1.com
tours.yoursecrethookup.com
utl-1.com
www.allseasclear.com
secure.authbill.com
tours.yoursecrethookup.com
104.21.91.45
108.138.106.14
142.251.32.106
174.136.231.12
3.89.175.212
45.90.12.63
99.84.191.75
0a97a7839ad196fe801c3272feee6f647d5b3550ccf82b83fddb03fb80c394ad
0bcac5b9e1ef8a0fafb69ddc3dd0744369b6374e2de6c9ff31d82daaecd99423
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
1406e8ad5a6f490d35e424539bb837841bf4dff4c885426b282ee750e0ccc45e
141050ccd3698386d0cf16ee764d4208a88c29f35b3552ea86e72d82008f254d
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2
25fa1e6f4e5744702502b91826fc5749ec7ed967382b7cffc4ea4b13155dc979
497abaabf83c01441bba433503cfdf7103c982e6b970d241a7f35264b425a904
52f9bd02fb60fdc760cde43610634316e644643dadb500a0d23de2077baa78d9
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9
5dda8e5ceb3f5f0cc9b274f97eff322d63d9917a39ca42f3a24412e3518c5b2a
5ef4d3445d4b0930f199aa32351f78c2f58a58142fe3169259cff7b37886c1bb
615aaa3eeaa71bf39430e0cc1feb7925e0e5f2991eb7565960b64fa7b8835cb3
67e2c07484faa95886d7248915a49922143844500bdf057030a58e0ad1f2f3c6
6a68c40ef544617b04ccea582bc84f1f3436fdfdb2fbe497d74fa67581c53db8
6e87b0e56911078739374dea24c26b31d721201247eb9c04df9c77e62d9e34f7
95b1c99567d61185d7884b4ea9b285f849bfb46318b285cd2b25826fad57b1af
9789f8f451dd6f23f38cbd01a6f257a49c00ec10a1117538ddde63f4d9a1d349
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4
c0478b08246594f80637add9063f4783bfa4bc169af42170085482f984f5f12a
cdbfb832762e38c1c305cd4006dc1d0ec18cc883e4eff84cc663b3ce946c728e
e30a31d1f6a769ed55d732d4cac0f7d0210950a49057c5d3e9ff2f7d041116da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee7d7d2b00daf807d887344419f4d4c03bd65008dc92486385250dca3a3cd42e
f8185b95fa9bc2710da54cb1605168e31ef15418be411a7ec7efc0a8be0e4ca9
fbf3ddcc142e33e097c583a0eb5933e3e8a9ac0fc5c56054cb64ddf11762d078
fe8fc656bd4bd41a636c489d1978ee2394d49068675184eeb43f1e0b0b945674