urlscan.io logo urlscan.io
SecurityTrails logo

tours.specia1.com Open in urlscan Pro
65.8.228.123  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kufa.googleoffer.xyz/
Effective URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.m...
Submission: On June 04 via automatic, source rescanner — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 15 domains to perform 51 HTTP transactions. The main IP is 65.8.228.123, located in United States and belongs to AMAZON-02, US. The main domain is tours.specia1.com. The Cisco Umbrella rank of the primary domain is 431009.
TLS certificate: Issued by Amazon on January 19th 2022. Valid for: a year.
This is the only time tours.specia1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    192.99.35.126 (Canada)

ASN16276 (OVH, FR)
PTR: popus.webrserver.com
kufa.googleoffer.xyz
1    34.120.151.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.151.120.34.bc.googleusercontent.com
www.or23trk.com
1    64.188.52.46 (United States)

ASN30602 (ISPRIME, US)
go.moartraffic.com
28    65.8.228.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-228-123.dfw55.r.cloudfront.net
tours.specia1.com
1    2606:4700:3030::6815:5b2d (United States)

ASN13335 (CLOUDFLARENET, US)
cl0udh0st1ng.com
1    2607:f8b0:4006:81e::200a (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.226.204.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-204-109.dfw55.r.cloudfront.net
utl-1.com
3    2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
2    2607:f8b0:4006:80c::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    68.169.87.223 (United States)

ASN30602 (ISPRIME, US)
secure.authbill.com
1    13.226.204.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-204-47.dfw55.r.cloudfront.net
tours.comewithyou.com
3    2607:f8b0:4006:823::200e (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:807::2004 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:809::2003 (Mullica Hill, United States)

ASN15169 (GOOGLE, US)
www.google.ca
Apex Domain
Subdomains		 Transfer
28 specia1.com
tours.specia1.com — Cisco Umbrella Rank: 431009
622 KB
7 authbill.com
secure.authbill.com — Cisco Umbrella Rank: 132203
10 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 14022
54 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 utl-1.com
utl-1.com — Cisco Umbrella Rank: 187210
322 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9095
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
443 B
1 comewithyou.com
tours.comewithyou.com
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
1 cl0udh0st1ng.com
cl0udh0st1ng.com — Cisco Umbrella Rank: 270534
2 KB
1 moartraffic.com
go.moartraffic.com — Cisco Umbrella Rank: 217837
2 KB
1 or23trk.com
www.or23trk.com
443 B
1 googleoffer.xyz
kufa.googleoffer.xyz
289 B
51 15
Domain Requested by
28 tours.specia1.com tours.specia1.com
utl-1.com
7 secure.authbill.com utl-1.com
3 www.google-analytics.com tours.specia1.com
www.google-analytics.com
3 cdn.izooto.com tours.specia1.com
cdn.izooto.com
2 fonts.gstatic.com fonts.googleapis.com
2 utl-1.com tours.specia1.com
1 www.google.ca
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tours.comewithyou.com utl-1.com
1 fonts.googleapis.com tours.specia1.com
1 cl0udh0st1ng.com tours.specia1.com
1 go.moartraffic.com 1 redirects
1 www.or23trk.com 1 redirects
1 kufa.googleoffer.xyz 1 redirects
51 15

This site contains links to these domains. Also see Links.

Domain
harlotthespy.awesome-apps.io
comewithyou.com
Subject Issuer Validity Valid
specia1.com
Amazon		 2022-01-19 -
2023-02-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
utl-1.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
secure.authbill.com
R3		 2022-04-24 -
2022-07-23		 3 months crt.sh
tours.comewithyou.com
Amazon		 2021-09-08 -
2022-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Frame ID: 47867E1123447A4894588008191E855B
Requests: 49 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 12A9163F6B3DB1F0AD41FB9F05FA3ABD
Requests: 1 HTTP requests in this frame

Frame: https://tours.comewithyou.com/common/html/check_external_autologin.html?receiver=https%3A%2F%2Ftours.specia1.com
Frame ID: 158992638192EE5994EDBE6ED7899EC5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Come With You

Page URL History Show full URLs

  1. https://kufa.googleoffer.xyz/ HTTP 301
    https://www.or23trk.com/M9947Z/25CRTKG/?sub1=T.S HTTP 302
    http://go.moartraffic.com/go.php?t=49740&aid=143752&sid=403&clickid=feb55b64b95a48238716048efcdf6bed HTTP 302
    https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+

Page Statistics

51
Requests

100 %
HTTPS

53 %
IPv6

15
Domains

15
Subdomains

12
IPs

2
Countries

1065 kB
Transfer

1320 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kufa.googleoffer.xyz/ HTTP 301
    https://www.or23trk.com/M9947Z/25CRTKG/?sub1=T.S HTTP 302
    http://go.moartraffic.com/go.php?t=49740&aid=143752&sid=403&clickid=feb55b64b95a48238716048efcdf6bed HTTP 302
    https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tours.specia1.com/t/878/
Redirect Chain
  • https://kufa.googleoffer.xyz/
  • https://www.or23trk.com/M9947Z/25CRTKG/?sub1=T.S
  • http://go.moartraffic.com/go.php?t=49740&aid=143752&sid=403&clickid=feb55b64b95a48238716048efcdf6bed
  • https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3D...
15 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
665ddbe45c8a5838c0ec4cb926f604a042391a366e51691e737b680ed404bb76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 04 Jun 2022 06:10:41 GMT
etag
W/"2fe31bb97a292e5ee706356f7974f895"
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
HBlPKrXlO0Kii_nqIgUDa9vPxyrgT1tNs3u6CbWbUrGKuWNzLVbXDA==
x-amz-cf-pop
DFW55-C3
x-cache
RefreshHit from cloudfront

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Sat, 04 Jun 2022 06:10:40 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
bo.js
cl0udh0st1ng.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl0udh0st1ng.com/bo.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852d19ed390414ca431837cc185a237cc5c5a393e193182efd17420a5bb4b651

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-fastly-request-id
8a3f8906323289292ab7806ae8c1aeac59017c87
date
Sat, 04 Jun 2022 06:10:41 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
229
x-cache
MISS
x-cache-hits
0
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-yul12829-YUL
last-modified
Tue, 04 Jun 2019 22:59:12 GMT
server
cloudflare
x-github-request-id
87C8:5D51:4C148F:95D964:61A2A02B
x-timer
S1638047788.788257,VS0,VE2742
etag
W/"5cf6f7c0-e8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V02JVn1fKbtS3E98%2FqoNfwVn09rJol%2FplgayhGEPGfIhbhH67wQO6zGRUuSgYQylfySW5YJL80bLfuWkjyxZg8iU6B2jbZeSrz1VO1kFLAuKhTCG8KdeKqblK2Mr%2BLbDhHZrtjB28f7DV%2BFl5R9j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
715e81beff764bb9-YUL
x-proxy-cache
HIT
expires
Sat, 04 Jun 2022 06:04:53 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6c289ce800ee228f9d2240e9925d8fdfa6ab1406c669fd2f61a9ce9cc5cdbed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Jun 2022 04:45:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Jun 2022 06:10:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Jun 2022 06:10:41 GMT
style.css
tours.specia1.com/t/878/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/878/css/style.css
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a94fe02eebeb47fccfdd374ceee1469ba82b57e89933fe02b24c9ec4f992afcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
W/"edd54e6b07555c0c38b74574b9091cf2"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
7dK7TemuBWqS8vYASqpnt6Z2sHmApy3EVof1q9_I09xM2iz_wxE0Dg==
repoUtilsV2.js
tours.specia1.com/t/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/repoUtilsV2.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27bfd892978a1454aeace298e543a317aefe9750e74faac177d85db1fe0968c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:07:36 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:59 GMT
server
AmazonS3
age
191
etag
W/"463ab17c7b265e702f3c4390d78b31b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-amz-cf-id
FEbe-ooRYQI8wB5LeInJnZHoMnC21-UObZ3d2Z5UOfu594Hs4c-OrA==
logo.svg
tours.specia1.com/t/878/img/svg/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/svg/logo.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b5326a109cb8d5df9dfb694b23b3ea3202cc9de5ee1fed82f5a13e6ad0e4ab4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
W/"e97e8f60b5d4167ce1b58b55c5199a6c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
x4noXQtNvFJVPE0u1GOYJLAy5TCcNPkJukDlO79rL7aCdIh_gNApLg==
logo-intro.svg
tours.specia1.com/t/878/img/svg/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/svg/logo-intro.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf149dc17b7f195c10278a0302a6483686f8a8925dfa91c2e44f38e7a02188e6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
W/"1553af9131d60bf11581a58c79dc3422"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
aD7o2zLMKQppgHvsyRHcypNQM63HcR77rzqlMSMSwWLxow2McmXcaw==
tick.svg
tours.specia1.com/t/878/img/svg/ 		814 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/svg/tick.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4141992d1a6154f72ff71c62a2feae93b39481bb1a915028bd05cf1c3d00bc4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"cd4abbc7503973315993237cac067cee"
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
content-length
814
x-amz-cf-id
df_wOeHQQSkeq2ENilyin8RUSpPR30PFBq9d5bjlYtJH0bcvAZvbWQ==
yes.svg
tours.specia1.com/t/878/img/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/svg/yes.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfb8b05d0444b2da883838fbd477577c922c39b721e8709c017a929e628a65ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
W/"b059dfb7d10a3f6a100803110617b2db"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
7M-0mEPem_OEfTxcjjFnKDbVvWiM2Kp8AxBizyRzFkP-L__OmOW88w==
no.svg
tours.specia1.com/t/878/img/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/svg/no.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb891b88f42e9c62e079ca6e948957227fad1ab78a45ef750f6e83196951cda2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
W/"830341de56af885fa669e1ff65630c45"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
2LuQqaxWfWwQxZp0nVfu4uwraiCAaRLaxVoobV9b0paIJkUGgsY_Ig==
cross.svg
tours.specia1.com/t/878/img/svg/ 		875 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/svg/cross.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9959ca0263a238d52b33ae8488b5dfdb7465fe80d2ee252992a544e1901550f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"7ac3ccbcb21a09f8616092db366f350d"
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
content-length
875
x-amz-cf-id
_2DrQKH7IaEqUuQhfABdYNyXS3-VB_aL1U-YGptQKyFzcr3Yo9MOww==
utl.min.js
utl-1.com/1.6.34/ 		304 KB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.6.34/utl.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.204.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-204-109.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05c1b4196dfb5374e1584b5d08093f9b9e307b4d3983968d2181460e0a5db26c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 28 Jul 2021 07:55:03 GMT
via
1.1 20a6b94d909c5fbd6d0657efecdf6fe2.cloudfront.net (CloudFront)
last-modified
Wed, 12 May 2021 14:02:14 GMT
server
AmazonS3
age
26864139
etag
"1f4616fd4e851a2ae2f388afcfa91ea7"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DFW55-C2
accept-ranges
bytes
content-length
310980
x-amz-cf-id
cBDQJmmdZtpnQI_npvPztZGBanVpsnfyY-soLWRypuh6xsrcdEJh2w==
mst2.min.js
utl-1.com/1.6.34/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.6.34/mst2.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.204.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-204-109.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d09fdacc2355a8504948c8bcdb6529e90bd1850b331e504fca32a84a00d5bc78

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 23:30:44 GMT
via
1.1 20a6b94d909c5fbd6d0657efecdf6fe2.cloudfront.net (CloudFront)
last-modified
Wed, 12 May 2021 14:02:13 GMT
server
AmazonS3
age
26980798
etag
"e138625e5e126bf89e600a2b87c0bce9"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DFW55-C2
accept-ranges
bytes
content-length
17723
x-amz-cf-id
CYsvnLRkR8wdRga6EJBIXP-BDTd0b9CxzK_K6dVZaAt564V97pEB4A==
footer_override.min.js
tours.specia1.com/t/common/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/footer_override.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45ef13c44a036731f700e5d6351134334e3f436a4c9af3d577be419e51f412bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:09:57 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:59 GMT
server
AmazonS3
age
165
etag
W/"bce527ef9e6ea886fffc7cee9fc69826"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW55-C3
x-amz-cf-id
MalZgCa9nHAj6LhB5EwE_pHLtdhzxLXPHarfdhq8kA8cFZpFcMqgnA==
custom.js
tours.specia1.com/t/878/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/878/js/custom.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
424de45e470ad36dbd06c78927a7165179faba26ce7bea5c862382fae144ca06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
content-encoding
gzip
last-modified
Thu, 02 Jun 2022 08:58:45 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
W/"70ed8488f346782f8439cd2cc21643c8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
x-amz-cf-id
Kfs0JAEjC-S2NXS9nH4W9GlgIdqEN7OMcbRGLwkFD-OhfQac6jyuBw==
6d0d9819e611e28a165c1c894e7998790112eec4.js
cdn.izooto.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/6d0d9819e611e28a165c1c894e7998790112eec4.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/common/js/repoUtilsV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e8a955df8bd6092e9231983ddca6a47083621f2db3d125cb3e8d2d33c35b5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
415818
x-xss-protection
1; mode=block
last-modified
Mon, 30 May 2022 10:39:41 GMT
server
cloudflare
etag
W/"62949eed-9e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 05 Jul 2022 06:10:41 GMT
cache-control
public, max-age=2678400
cf-ray
715e81bfcb947157-YUL
cf-bgj
minify
bg.jpg
tours.specia1.com/t/878/img/1x/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/bg.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e93a99bb468ba6ac200d8688b167149bb44d8d1807226d1548358173ec9a6184

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"33d6b8eede4aac26ac2427302e1520f2"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
32261
x-amz-cf-id
icj5q3kPw2A23ZE5TZ-6Bo9rOmCmY2H2rvwXZVWfpwHmn6H37vg54g==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tours.specia1.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 19:35:49 GMT
x-content-type-options
nosniff
age
210892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 19:35:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tours.specia1.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 19:31:57 GMT
x-content-type-options
nosniff
age
211124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 19:31:57 GMT
1.jpg
tours.specia1.com/t/878/img/1x/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/1.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58287cbb2965cf9188b8b02dec8cb304cbe6bc8021c7bf32eaba003cb90390fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"67787585189395c675836337e3a00a88"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
55230
x-amz-cf-id
Z6pgfi0WKGLJwX7j-40QC1197GYZiGdPaqd1daDZARBj8r8IJ91nfA==
1a.jpg
tours.specia1.com/t/878/img/1x/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/1a.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54ff66024584823f17812e2f5b4e0862a98e649e3bdf43db498acd617b0fe92b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"014c83720eeb2bb16e5884fdfb4540a7"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
36517
x-amz-cf-id
RVelhDRlff3031_KIbdEM9LrVlqmz9GTqhqrEkDuJBVeWkSAxKoDig==
1b.jpg
tours.specia1.com/t/878/img/1x/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/1b.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68c0351f39773bd2105a5c796a746e4ad29e4bb8f19324678e74a4fd09c09997

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"910c76fd879f0ec98dd514d779bb735a"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
44515
x-amz-cf-id
yVkCEiQD1xvFk--c24ZVruWgxX1t64_RBETC6HaakIOS-LI6AT9EuQ==
2.jpg
tours.specia1.com/t/878/img/1x/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/2.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07ed9e4bad14c91869f4b6dc6aafd14cc70a140a0df69a9ef867e556553eca8e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"396a2b1d5bb0d0360c2b8e792c7799a9"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
38860
x-amz-cf-id
ntitRz2v7Au7AcDoX_enVhvk56ktNHzu7_dO3KhmT1KPfUBK61Fa0A==
2a.jpg
tours.specia1.com/t/878/img/1x/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/2a.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5ac5659cbf51217ca2ccf2a9c3cc238c309a529618d1c64ec85dfbd9cefc40b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"9140465adce4486dbd0b03c86cbbebe0"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
32183
x-amz-cf-id
qkImOL9plmM6NxE4fwJe3_ZFfSsJKe02nKMZ_ZjSAaXkkYx3HcfFsw==
2b.jpg
tours.specia1.com/t/878/img/1x/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/2b.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a51854199f28d58e0fe187be667cb541b46df0fea9666d616fbe8603c37c55a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"2c6b4f6eb91f80da1f7839b9d40d9960"
x-cache
Miss from cloudfront
content-type
image/jpeg
content-length
35001
x-amz-cf-id
lk0Fkt4MFZMwq0eUPQSE1qD1znLDAKwIkjZNSAFIwIFTlB2cbjBYrA==
3.jpg
tours.specia1.com/t/878/img/1x/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/3.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57d5fa896cae7991160d31f1b41ed96dd5ee97fa09adc00b0376dfb63359fb86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"5538e773af5c8b7df55d250c1980b38f"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
41708
x-amz-cf-id
cT4Iw35f_nfE_EVjpXcMISDBu6-LENXicA4oqBpctjJBLRRuZZuGfw==
3a.jpg
tours.specia1.com/t/878/img/1x/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/3a.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a20e4c930b2af06356846b52065eca514c30ff7500066b48d2b36b576bc13886

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"8fbbf9a8d2403001f9e2f2cb7af0e973"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
33747
x-amz-cf-id
3Z-4RdfNNfgTueVFx4jvUW1aOVkgsuWuiozmbPO1HNKrWKJ9Yx66zQ==
3b.jpg
tours.specia1.com/t/878/img/1x/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/3b.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c640381575733fa44632e56d532362addb53dc6ada7b3f859ac3a5b9cf576b15

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"ff766a1058a4b74860c9d45365f31301"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
36107
x-amz-cf-id
NGfyZaUxUC7Jj-CMAUv3UrfGGKPAbOSYoYgb0Pl_YTuvyvnetZjdlQ==
4.jpg
tours.specia1.com/t/878/img/1x/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/4.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a26292f1d646ede9dabb2de8a67d89b70003eedbd0f962ab817278829eaf19a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"b27137a4619979ec0214ce6224bf699d"
x-cache
Miss from cloudfront
content-type
image/jpeg
content-length
33491
x-amz-cf-id
EJEDb8hHRhTFq1O8l1izPvyYceQnYh2fnubpPEbLB_peVbNvpNiPIA==
4a.jpg
tours.specia1.com/t/878/img/1x/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/4a.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa504da9c70f1138137ae42d070e458b10b7ceb9841ce6f47e3c8bb7396dc8d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"44a4ee8357e3c9a1e8f0f34520a900c7"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
29806
x-amz-cf-id
VQNkr1Z0klmSQmfz0_plPLk9uG_vf6aw7FLxDwoucJcPiKRWE-DMWQ==
4b.jpg
tours.specia1.com/t/878/img/1x/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/4b.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7140bc7112a5413a9eb0936691575b6abd8774a3a746a1734af9ebcd031730aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"046ceabfd2ee2179c67107d018b2f904"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
38001
x-amz-cf-id
sVQ5b44yhQMf0Wmij9qLgz5FOauB2OjExqn4NU_e7aco_qdbQ3OThg==
5.jpg
tours.specia1.com/t/878/img/1x/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/5.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c96a438305f7df9aeabafc0db22db74174ec9123adc12e07d8ff1fdf358bf5b8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"3b88fb2bda6ca50caa3e239b80803519"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
39230
x-amz-cf-id
i_-Q4ocyeDpcyRlibhoLM9c0kvXxeZgUM__HA0TvOyCP2Oh9ycv8Cg==
5a.jpg
tours.specia1.com/t/878/img/1x/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/5a.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a30fbb2b45f14f77d0dfcc55251212c6d3b9be7f6ae36611036f746e23c214

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"956a36af75c470ed35550011e90d3fe4"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
39939
x-amz-cf-id
R59ZpUXokzcVJJAINPQ37RgTQCkbbn9G268s3D7v-oH4SmKo7trO3Q==
5b.jpg
tours.specia1.com/t/878/img/1x/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/878/img/1x/5b.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db58539c9503e2be5582d90ac89d13334af66b03d0f99248d2ced34024498955

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/t/878/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:42 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:58:44 GMT
server
AmazonS3
x-amz-cf-pop
DFW55-C3
etag
"4678866b47494680ea97469ce4416cb3"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
35911
x-amz-cf-id
IfcH4vlh-DYAD76RKXR0MsrP5toOMoR2-y9mU1gbhdn68DbAsAjSqA==
izooto.js
cdn.izooto.com/scripts/sdk/ 		209 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/6d0d9819e611e28a165c1c894e7998790112eec4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a71a855d0c3d606e5210a2a8a48bfcafda1e425b137329da7467d16acc73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
326751
x-xss-protection
1; mode=block
last-modified
Tue, 31 May 2022 11:23:48 GMT
server
cloudflare
etag
W/"6295fac4-342cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/javascript
access-control-allow-origin
*
expires
Tue, 05 Jul 2022 06:10:41 GMT
cache-control
public, max-age=2678400
cf-ray
715e81bfebb17157-YUL
cf-bgj
minify
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 12A9 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tours.specia1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
age
1885741
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
715e81c02be17157-YUL
content-encoding
br
content-type
text/html
date
Sat, 04 Jun 2022 06:10:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Tue, 05 Jul 2022 06:10:41 GMT
last-modified
Tue, 05 Apr 2022 12:00:20 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
ga.js
tours.specia1.com/assets/specia1/ 		392 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/assets/specia1/ga.js?_=1654323041500
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.228.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-228-123.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6003f930e7a6ff14bd5520a7324f5a4ffcecbd182aaff2e8ace7ec65d885aa45

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 04 Jun 2022 06:07:19 GMT
via
1.1 e89d8ce7f3f95990dceb161aeac4f898.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 08:57:28 GMT
server
AmazonS3
age
212
etag
"eac15786f9b8937b5689ddf3faf0351d"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
DFW55-C3
content-length
392
x-amz-cf-id
xRFbul7ZoXyvs40jMm_rkoGWH43-R2yLU2BgLTWrlss20CcmmL4yUA==
api.php
secure.authbill.com/tour/ 		36 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
d2bb342dd1b6dc94ffc92f9972952c0f2519058dc7e94436d44aa97539a93e32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
56
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		794 B
961 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
dfdf153bda0f3c13ee22afd4a3823b46f10334cb33fa982ca2e3b8a11a3d0146
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
380
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
78f9153b97d7ffc7cb808144a600ace9cbe92a0208cbf348d55280c40db65d70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
4820
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		1 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
21
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		201 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
8200dcc4219f23ea8ebf4ef77aa9f6f09eeb6f063c8923c42814850c002b1456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
171
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		201 B
752 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
8200dcc4219f23ea8ebf4ef77aa9f6f09eeb6f063c8923c42814850c002b1456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
171
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
20
expires
Thu, 19 Nov 1981 08:52:00 GMT
check_external_autologin.html
tours.comewithyou.com/common/html/ Frame 1589 		756 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.comewithyou.com/common/html/check_external_autologin.html?receiver=https%3A%2F%2Ftours.specia1.com
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.6.34/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.204.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-204-47.dfw55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60b8d95283abc2a33e22a3caf92b3a4e1722cf4ba8581f5fbb4ec303f08abd08

Request headers

Referer
https://tours.specia1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
103
content-length
756
content-type
text/html
date
Sat, 04 Jun 2022 06:10:41 GMT
etag
"dd50762f19926d6c4bbd2b10d5d78216"
last-modified
Fri, 18 Mar 2022 14:30:25 GMT
server
AmazonS3
via
1.1 c90de501a57b4f0090a033690602dc10.cloudfront.net (CloudFront)
x-amz-cf-id
RJgW1TljCVyS7vnnv5p_mY9nyw6kXCWwPy9oomc1w7otJxIdevAVdQ==
x-amz-cf-pop
DFW55-C2
x-cache
Hit from cloudfront
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/878/?t=49740&aid=143752&sid=403&xk=30b150651a7a6ee86c02441c46605f97&bn=38&gu=http%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D49740%26aid%3D143752%26sid%3D403%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&clickid=feb55b64b95a48238716048efcdf6bed&i18n_country=CA&hts_id=7286013c-53cd-4024-9d1a-96f9b3b0a3f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4861
date
Sat, 04 Jun 2022 04:49:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 04 Jun 2022 06:49:40 GMT
collect
www.google-analytics.com/j/ 		4 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1978524026&t=event&_s=1&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F878%2F%3Ft%3D49740%26aid%3D143752%26sid%3D403%26xk%3D30b150651a7a6ee86c02441c46605f97%26bn%3D38%26gu%3Dhttp%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D49740%2526aid%253D143752%2526sid%253D403%2526clickid%253Dfeb55b64b95a48238716048efcdf6bed%2526hts_id%253D7286013c-53cd-4024-9d1a-96f9b3b0a3f8%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26i18n_country%3DCA%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&ul=en-us&de=UTF-8&dt=Come%20With%20You&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2049740&ec=Tour%3A%2049740&ea=Current%20step%3A%2001&el=Total%20steps%3A%208&_u=YEBAAEABAAAAAC~&jid=2079446402&gjid=1841542599&cid=166754074.1654323042&tid=UA-148167200-1&_gid=1093025581.1654323042&_r=1&_slc=1&z=1242006211
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tours.specia1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1978524026&t=pageview&_s=2&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F878%2F%3Ft%3D49740%26aid%3D143752%26sid%3D403%26xk%3D30b150651a7a6ee86c02441c46605f97%26bn%3D38%26gu%3Dhttp%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D49740%2526aid%253D143752%2526sid%253D403%2526clickid%253Dfeb55b64b95a48238716048efcdf6bed%2526hts_id%253D7286013c-53cd-4024-9d1a-96f9b3b0a3f8%26clickid%3Dfeb55b64b95a48238716048efcdf6bed%26i18n_country%3DCA%26hts_id%3D7286013c-53cd-4024-9d1a-96f9b3b0a3f8&ul=en-us&de=UTF-8&dt=Come%20With%20You&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2049740&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=166754074.1654323042&tid=UA-148167200-1&_gid=1093025581.1654323042&z=484033816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 02:04:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
14794
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-148167200-1&cid=166754074.1654323042&jid=2079446402&gjid=1841542599&_gid=1093025581.1654323042&_u=YEBAAEAAAAAAAC~&z=1186668961
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tours.specia1.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 04 Jun 2022 06:10:41 GMT
content-type
text/plain
access-control-allow-origin
https://tours.specia1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-148167200-1&cid=166754074.1654323042&jid=2079446402&_u=YEBAAEAAAAAAAC~&z=1482447846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-148167200-1&cid=166754074.1654323042&jid=2079446402&_u=YEBAAEAAAAAAAC~&z=1482447846
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Mullica Hill, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 06:10:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| a function| b function| checkAltId object| _izq object| container undefined| _izAlt object| _iz object| izConfig function| _izooto object| utl function| isTestUser object| QueryString function| $ function| jQuery object| angular object| timeouts boolean| did_show_results object| defaultColors function| createElements function| randomPhysics function| updateFetti function| animate function| confetti function| init function| animateStep function| showResults function| resetResults function| handleErrors function| handleSuccess function| loaderResults function| hideKeyboard function| ga object| _loq string| GoogleAnalyticsObject object| google_tag_data object| gaplugins object| gaGlobal object| gaData

25 Cookies

Domain/Path Name / Value
www.or23trk.com/ Name: uniqueClick_25CRTKG
Value: fdbe1d26-d56d-4f24-9752-a783ea47a54e:1654323039
www.or23trk.com/ Name: transaction_id
Value: feb55b64b95a48238716048efcdf6bed
.moartraffic.com/ Name: bd_ovtu
Value: 1
.moartraffic.com/ Name: bdreff
Value: NONE
.moartraffic.com/ Name: tour
Value: 49740
.moartraffic.com/ Name: affsubid
Value: 143752-403
.moartraffic.com/ Name: bdvisit
Value: 143752
.moartraffic.com/ Name: bdcounter
Value: 1
.moartraffic.com/ Name: xk
Value: 30b150651a7a6ee86c02441c46605f97
.izooto.com/ Name: IZCID
Value: d3f6a21d-59da-4d2f-89af-04bdd17377ec
.specia1.com/ Name: tour
Value: 49740
.specia1.com/ Name: affsubid
Value: 143752-403
.specia1.com/ Name: reff
Value:
.specia1.com/ Name: upgrade_tour
Value: 0
.specia1.com/ Name: _ga
Value: GA1.2.166754074.1654323042
.specia1.com/ Name: _gid
Value: GA1.2.1093025581.1654323042
.specia1.com/ Name: _gat
Value: 1
.specia1.com/ Name: guid
Value: 69904779-2264-4DAE-99DC-E5FBEC253107
.specia1.com/ Name: custom_tracking
Value: %5B%22address%22%2C%22ad_type%22%2C%22app_id%22%2C%22app_name%22%2C%22auth_token%22%2C%22a_aid%22%2C%22a_bid%22%2C%22banner%22%2C%22banner_id%22%2C%22banner_size%22%2C%22bn%22%2C%22c%22%2C%22cid%22%2C%22city%22%2C%22clickid%22%2C%22click_id%22%2C%22click_url%22%2C%22cmp_bo%22%2C%22cmp_member_id%22%2C%22dx%22%2C%22email%22%2C%22exotracker%22%2C%22f%22%2C%22fbclid%22%2C%22fbid%22%2C%22first_name%22%2C%22gclid%22%2C%22gdpr%22%2C%22h%22%2C%22hts_id%22%2C%22hx%22%2C%22keyword%22%2C%22landerid%22%2C%22lander_id%22%2C%22last_name%22%2C%22misc_tour_info%22%2C%22niche%22%2C%22np%22%2C%22offer%22%2C%22origin%22%2C%22phone_number%22%2C%22placement%22%2C%22product%22%2C%22product_id%22%2C%22profile_visited%22%2C%22publisher%22%2C%22rcid%22%2C%22referer%22%2C%22reqid%22%2C%22rgc%22%2C%22rgh%22%2C%22rgm%22%2C%22schedule%22%2C%22sdaf%22%2C%22sdfsadf%22%2C%22session_initiated_by%22%2C%22sl%22%2C%22smoochy_user_id%22%2C%22snapchat_username%22%2C%22source%22%2C%22state%22%2C%22street%22%2C%22sv_cheating_mon%22%2C%22template%22%2C%22thumb_id%22%2C%22tracker_id%22%2C%22upgrade_uuid%22%2C%22upg_reason%22%2C%22userage%22%2C%22useremail%22%2C%22userzip%22%2C%22user_id%22%2C%22wellhello_profile_id%22%2C%22wellhello_upgrade_tour%22%2C%22xk%22%2C%22zip%22%5D
.specia1.com/ Name: prop_bn
Value: 38
.specia1.com/ Name: prop_clickid
Value: feb55b64b95a48238716048efcdf6bed
.specia1.com/ Name: prop_hts_id
Value: 7286013c-53cd-4024-9d1a-96f9b3b0a3f8
.specia1.com/ Name: prop_xk
Value: 30b150651a7a6ee86c02441c46605f97
.specia1.com/ Name: affiliate_143752_is_terminated
Value: 0
.tours.specia1.com/ Name: geoip
Value: %7B%22country_code%22%3A%22CA%22%2C%22country_name%22%3A%22Canada%22%2C%22region%22%3A%22Quebec%22%2C%22city%22%3A%22Montreal%22%2C%22latitude%22%3A45.5088386536%2C%22longitude%22%3A-73.5878067017%2C%22zipcode%22%3A%22H1A%200A1%22%2C%22isp_name%22%3A%22OVH%20Hosting%20Inc.%22%2C%22mobile_brand%22%3A%22%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.izooto.com
cl0udh0st1ng.com
fonts.googleapis.com
fonts.gstatic.com
go.moartraffic.com
kufa.googleoffer.xyz
secure.authbill.com
stats.g.doubleclick.net
tours.comewithyou.com
tours.specia1.com
utl-1.com
www.google-analytics.com
www.google.ca
www.google.com
www.or23trk.com
13.226.204.109
13.226.204.47
192.99.35.126
2606:4700:3030::6815:5b2d
2606:4700::6812:d941
2607:f8b0:4004:c06::9b
2607:f8b0:4006:807::2004
2607:f8b0:4006:809::2003
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:823::200e
34.120.151.224
64.188.52.46
65.8.228.123
68.169.87.223
05c1b4196dfb5374e1584b5d08093f9b9e307b4d3983968d2181460e0a5db26c
07ed9e4bad14c91869f4b6dc6aafd14cc70a140a0df69a9ef867e556553eca8e
27bfd892978a1454aeace298e543a317aefe9750e74faac177d85db1fe0968c8
2a26292f1d646ede9dabb2de8a67d89b70003eedbd0f962ab817278829eaf19a
424de45e470ad36dbd06c78927a7165179faba26ce7bea5c862382fae144ca06
45ef13c44a036731f700e5d6351134334e3f436a4c9af3d577be419e51f412bb
4b5326a109cb8d5df9dfb694b23b3ea3202cc9de5ee1fed82f5a13e6ad0e4ab4
54ff66024584823f17812e2f5b4e0862a98e649e3bdf43db498acd617b0fe92b
57d5fa896cae7991160d31f1b41ed96dd5ee97fa09adc00b0376dfb63359fb86
58287cbb2965cf9188b8b02dec8cb304cbe6bc8021c7bf32eaba003cb90390fc
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6003f930e7a6ff14bd5520a7324f5a4ffcecbd182aaff2e8ace7ec65d885aa45
60b8d95283abc2a33e22a3caf92b3a4e1722cf4ba8581f5fbb4ec303f08abd08
61e8a955df8bd6092e9231983ddca6a47083621f2db3d125cb3e8d2d33c35b5c
665ddbe45c8a5838c0ec4cb926f604a042391a366e51691e737b680ed404bb76
68c0351f39773bd2105a5c796a746e4ad29e4bb8f19324678e74a4fd09c09997
7140bc7112a5413a9eb0936691575b6abd8774a3a746a1734af9ebcd031730aa
78f9153b97d7ffc7cb808144a600ace9cbe92a0208cbf348d55280c40db65d70
8200dcc4219f23ea8ebf4ef77aa9f6f09eeb6f063c8923c42814850c002b1456
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852d19ed390414ca431837cc185a237cc5c5a393e193182efd17420a5bb4b651
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
9959ca0263a238d52b33ae8488b5dfdb7465fe80d2ee252992a544e1901550f1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20e4c930b2af06356846b52065eca514c30ff7500066b48d2b36b576bc13886
a51854199f28d58e0fe187be667cb541b46df0fea9666d616fbe8603c37c55a7
a94fe02eebeb47fccfdd374ceee1469ba82b57e89933fe02b24c9ec4f992afcc
aa504da9c70f1138137ae42d070e458b10b7ceb9841ce6f47e3c8bb7396dc8d7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bb891b88f42e9c62e079ca6e948957227fad1ab78a45ef750f6e83196951cda2
bf149dc17b7f195c10278a0302a6483686f8a8925dfa91c2e44f38e7a02188e6
bfb8b05d0444b2da883838fbd477577c922c39b721e8709c017a929e628a65ce
c5a30fbb2b45f14f77d0dfcc55251212c6d3b9be7f6ae36611036f746e23c214
c5ac5659cbf51217ca2ccf2a9c3cc238c309a529618d1c64ec85dfbd9cefc40b
c640381575733fa44632e56d532362addb53dc6ada7b3f859ac3a5b9cf576b15
c6c289ce800ee228f9d2240e9925d8fdfa6ab1406c669fd2f61a9ce9cc5cdbed
c96a438305f7df9aeabafc0db22db74174ec9123adc12e07d8ff1fdf358bf5b8
cebfa75512f12a4d2f05cacae40f83ddc3e1efaf90aba3d5c9eabe0625a94858
d09fdacc2355a8504948c8bcdb6529e90bd1850b331e504fca32a84a00d5bc78
d2bb342dd1b6dc94ffc92f9972952c0f2519058dc7e94436d44aa97539a93e32
d4141992d1a6154f72ff71c62a2feae93b39481bb1a915028bd05cf1c3d00bc4
db58539c9503e2be5582d90ac89d13334af66b03d0f99248d2ced34024498955
dfdf153bda0f3c13ee22afd4a3823b46f10334cb33fa982ca2e3b8a11a3d0146
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93a99bb468ba6ac200d8688b167149bb44d8d1807226d1548358173ec9a6184
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd0a71a855d0c3d606e5210a2a8a48bfcafda1e425b137329da7467d16acc73e