urlscan.io logo urlscan.io
SecurityTrails logo

moartraffic.engine.adglare.net Open in urlscan Pro
209.58.145.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://c48wctn.yy.cleansite.us/
Effective URL: https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=111958_4191&ag_cust...
Submission: On December 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 18 domains to perform 52 HTTP transactions. The main IP is 209.58.145.229, located in Dallas, United States and belongs to LEASEWEB-USA-DAL, US. The main domain is moartraffic.engine.adglare.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 8th 2024. Valid for: a year.
This is the only time moartraffic.engine.adglare.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 185.237.225.125 204957 (GREENFLOI...)
1 94.130.252.84 24940 (HETZNER-A...)
1 1 52.21.71.109 14618 (AMAZON-AES)
1 1 2600:1f18:66d... 14618 (AMAZON-AES)
2 2 52.86.83.175 14618 (AMAZON-AES)
16 3.162.125.117 16509 (AMAZON-02)
4 2600:1408:c40... 20940 (AKAMAI-AS...)
2 99.84.188.59 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 62.212.87.243 60781 (LEASEWEB-...)
7 34.233.65.32 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 20.10.16.51 8075 (MICROSOFT...)
1 209.58.145.229 394380 (LEASEWEB-...)
52 18
2    185.237.225.125 (Geneva, Switzerland)

ASN204957 (GREENFLOID-AS GREEN FLOID LLC, US)
PTR: vdsta77741.vds
c48wctn.yy.cleansite.us
1    94.130.252.84 (Bendorf, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.84.252.130.94.clients.your-server.de
wbdnhmo.com
1    52.21.71.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-71-109.compute-1.amazonaws.com
da.off3riz.com
1    2600:1f18:66d3:cb20:4cd9:5cb5:5648:9a15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
linksecure-dt.com
2    52.86.83.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-175.compute-1.amazonaws.com
go.moartraffic.com
16    3.162.125.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-117.iad61.r.cloudfront.net
tours.specia1.com
4    2600:1408:c400:29::17da:da44 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
use.typekit.net
p.typekit.net
2    99.84.188.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-188-59.iad89.r.cloudfront.net
utl-1.com
2    2606:4700::6810:8041 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
2    62.212.87.243 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)
PTR: opticksconversions.com
runsafeads.com
7    34.233.65.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-65-32.compute-1.amazonaws.com
secure.authbill.com
3    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4004:c19::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
2    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
z.clarity.ms
1    209.58.145.229 (Dallas, United States)

ASN394380 (LEASEWEB-USA-DAL, US)
moartraffic.engine.adglare.net
Apex Domain
Subdomains		 Transfer
16 specia1.com
tours.specia1.com
105 KB
7 authbill.com
secure.authbill.com
26 KB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
c.clarity.ms — Cisco Umbrella Rank: 1269
z.clarity.ms — Cisco Umbrella Rank: 8729
30 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 460
p.typekit.net — Cisco Umbrella Rank: 571
95 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
282 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 18409
93 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
555 B
2 runsafeads.com
runsafeads.com
31 KB
2 utl-1.com
utl-1.com
333 KB
2 moartraffic.com
go.moartraffic.com
2 KB
2 cleansite.us
c48wctn.yy.cleansite.us
457 B
1 adglare.net
moartraffic.engine.adglare.net
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
774 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 142
1 linksecure-dt.com
linksecure-dt.com
4 KB
1 off3riz.com
da.off3riz.com
2 KB
1 wbdnhmo.com
wbdnhmo.com
1 KB
52 18
Domain Requested by
16 tours.specia1.com wbdnhmo.com
tours.specia1.com
utl-1.com
7 secure.authbill.com utl-1.com
5 www.google-analytics.com wbdnhmo.com
www.google-analytics.com
tours.specia1.com
www.googletagmanager.com
3 www.googletagmanager.com wbdnhmo.com
www.googletagmanager.com
www.google-analytics.com
3 cdn.izooto.com tours.specia1.com
cdn.izooto.com
3 use.typekit.net tours.specia1.com
use.typekit.net
2 z.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 www.clarity.ms wbdnhmo.com
www.clarity.ms
2 runsafeads.com tours.specia1.com
runsafeads.com
2 utl-1.com tours.specia1.com
2 go.moartraffic.com 2 redirects
2 c48wctn.yy.cleansite.us 2 redirects
1 moartraffic.engine.adglare.net runsafeads.com
1 c.bing.com 1 redirects
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 p.typekit.net use.typekit.net
1 linksecure-dt.com 1 redirects
1 da.off3riz.com 1 redirects
1 wbdnhmo.com
52 22

This site contains no links.

Subject Issuer Validity Valid
wbdnhmo.com
R11		 2024-11-20 -
2025-02-18		 3 months crt.sh
specia1.com
Amazon RSA 2048 M03		 2024-10-19 -
2025-11-16		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-17 -
2025-11-17		 a year crt.sh
utl-1.com
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh
izooto.com
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
track.opticks.io
R10		 2024-12-02 -
2025-03-02		 3 months crt.sh
authbill.com
Amazon RSA 2048 M02		 2024-08-20 -
2025-09-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.engine.adglare.net
Sectigo RSA Domain Validation Secure Server CA		 2024-02-08 -
2025-02-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=111958_4191&ag_custom_moarclickid=&ag_custom_moarhtsid=0acdc66c-efef-4f9d-869f-d2d0b5a10624&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D111958_4191%26clickid%3D%26click_id%3Dtrack_20241203173128_09806f55_7087_4315_95ee_98028e53d550%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D0acdc66c-efef-4f9d-869f-d2d0b5a10624%26email%3D&click_id=track_20241203173128_09806f55_7087_4315_95ee_98028e53d550&hts_id=0acdc66c-efef-4f9d-869f-d2d0b5a10624&i18n_country=US
Frame ID: 824DF6AD60DE10E783E7F8B0E45B5955
Requests: 51 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: E9FE70FAB8DCA959BE24C55D82C45886
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-3VNV02QTN6&gacid=275868168.1733247088&gtm=45je4bk0v9125706636za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1640156219
Frame ID: 9DBF02C86D7EDD7BF05D7A9BCD92A5FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://c48wctn.yy.cleansite.us/ HTTP 307
    https://c48wctn.yy.cleansite.us/ HTTP 301
    http://c48wctn.yy.cleansite.us/ HTTP 307
    http://c48wctn.yy.cleansite.us/ HTTP 302
    https://wbdnhmo.com/50878?r=33507 Page URL
  2. https://da.off3riz.com/aff_c?aff_id=4191&aff_sub2=01938d93ab837cc0978ae44e1bd860&offer_id=1884&sour... HTTP 302
    https://linksecure-dt.com/?a=111958&c=344299&co=157002&mt=7&s1=4191&s2=102ecb9a0e8f7b377f64fa50ca78b8&... HTTP 302
    https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=2838a6734140429f83e69368511e962e212d9&sid... HTTP 302
    https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d011709... Page URL
  3. https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=111958_4191&clickid=&click_id=track_2024120317... HTTP 302
    https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+

Page Statistics

52
Requests

98 %
HTTPS

50 %
IPv6

18
Domains

22
Subdomains

18
IPs

4
Countries

1019 kB
Transfer

1982 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://c48wctn.yy.cleansite.us/ HTTP 307
    https://c48wctn.yy.cleansite.us/ HTTP 301
    http://c48wctn.yy.cleansite.us/ HTTP 307
    http://c48wctn.yy.cleansite.us/ HTTP 302
    https://wbdnhmo.com/50878?r=33507 Page URL
  2. https://da.off3riz.com/aff_c?aff_id=4191&aff_sub2=01938d93ab837cc0978ae44e1bd860&offer_id=1884&source=33507_ HTTP 302
    https://linksecure-dt.com/?a=111958&c=344299&co=157002&mt=7&s1=4191&s2=102ecb9a0e8f7b377f64fa50ca78b8&s3=33507_ HTTP 302
    https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=2838a6734140429f83e69368511e962e212d9&sid=111958_4191 HTTP 302
    https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37 Page URL
  3. https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=111958_4191&clickid=&click_id=track_20241203173128_09806f55_7087_4315_95ee_98028e53d550&user_id=&hx=&product_id=&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37&email= HTTP 302
    https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=111958_4191&ag_custom_moarclickid=&ag_custom_moarhtsid=0acdc66c-efef-4f9d-869f-d2d0b5a10624&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D111958_4191%26clickid%3D%26click_id%3Dtrack_20241203173128_09806f55_7087_4315_95ee_98028e53d550%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D0acdc66c-efef-4f9d-869f-d2d0b5a10624%26email%3D&click_id=track_20241203173128_09806f55_7087_4315_95ee_98028e53d550&hts_id=0acdc66c-efef-4f9d-869f-d2d0b5a10624&i18n_country=US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://c48wctn.yy.cleansite.us/ HTTP 307
  • https://c48wctn.yy.cleansite.us/ HTTP 301
  • http://c48wctn.yy.cleansite.us/ HTTP 307
  • http://c48wctn.yy.cleansite.us/ HTTP 302
  • https://wbdnhmo.com/50878?r=33507
Request Chain 1
  • https://da.off3riz.com/aff_c?aff_id=4191&aff_sub2=01938d93ab837cc0978ae44e1bd860&offer_id=1884&source=33507_ HTTP 302
  • https://linksecure-dt.com/?a=111958&c=344299&co=157002&mt=7&s1=4191&s2=102ecb9a0e8f7b377f64fa50ca78b8&s3=33507_ HTTP 302
  • https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=2838a6734140429f83e69368511e962e212d9&sid=111958_4191 HTTP 302
  • https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Request Chain 48
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7082DE0CD36B4174A46B96F70AE66E5B&RedC=c.clarity.ms&MXFR=22DAD40681296BCB1FB7C14C8529651A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7082DE0CD36B4174A46B96F70AE66E5B&MUID=300DD2B3ABF86D8D3FE2C7F9AA506CEB

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
50878
wbdnhmo.com/
Redirect Chain
  • http://c48wctn.yy.cleansite.us/
  • https://c48wctn.yy.cleansite.us/
  • http://c48wctn.yy.cleansite.us/
  • http://c48wctn.yy.cleansite.us/
  • https://wbdnhmo.com/50878?r=33507
734 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wbdnhmo.com/50878?r=33507
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
94.130.252.84 Bendorf, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.84.252.130.94.clients.your-server.de
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
734
Content-Type
text/html; charset=utf-8
Expires
0
Pragma
no-cache
Referrer-Policy
no-referrer

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Dec 2024 17:31:24 GMT
Location
https://wbdnhmo.com/50878?r=33507
Server
nginx
/
tours.specia1.com/t/2485/
Redirect Chain
  • https://da.off3riz.com/aff_c?aff_id=4191&aff_sub2=01938d93ab837cc0978ae44e1bd860&offer_id=1884&source=33507_
  • https://linksecure-dt.com/?a=111958&c=344299&co=157002&mt=7&s1=4191&s2=102ecb9a0e8f7b377f64fa50ca78b8&s3=33507_
  • https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=2838a6734140429f83e69368511e962e212d9&sid=111958_4191
  • https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%...
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Requested by
Host: wbdnhmo.com
URL: https://wbdnhmo.com/50878?r=33507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47cea28bfec5c538d54876cd35067beb37837e9a269964aca1ac6814feb8cb4a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
152
content-encoding
gzip
content-type
text/html
date
Tue, 03 Dec 2024 17:31:26 GMT
etag
W/"283127113322eedba37c0a19839fceaa"
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-amz-cf-id
_bJPlk4wkfQnIG9HBS3KoFb2z-iIQGW7G1wu0EJSNYy-R4-dOhzeaw==
x-amz-cf-pop
IAD61-P3
x-cache
Hit from cloudfront

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 17:31:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.19
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
mrt4etr.css
use.typekit.net/ 		3 KB
953 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/mrt4etr.css
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
2c4574545ebce0422224ae0bb19bc3d218a5c34b72dcb4b56c641b5ac21e2c1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
730
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
style.css
tours.specia1.com/t/2485/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/css/style.css
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbbbc23efb1174f835f76a06418ba2f3e169fbae763a377b150201e71aa00436

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

content-encoding
gzip
etag
W/"f5b8d4c78ff318ff5f7e4a002869440e"
age
152
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HPQVMB4wFmRwv28YXFuVwCqOTAjDa85aVIbJtw5eOk2ksKvvNVLZDg==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
text/css
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
repoUtilsV2.js
tours.specia1.com/t/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/repoUtilsV2.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27bfd892978a1454aeace298e543a317aefe9750e74faac177d85db1fe0968c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

content-encoding
gzip
etag
W/"463ab17c7b265e702f3c4390d78b31b3"
age
45
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
M2az0GSC5zBAuscV91igZWP8VNU7yqDFmg7_EpWctj3NseW5vhkdjw==
date
Tue, 03 Dec 2024 17:30:52 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:42:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
logo_white_2.png
tours.specia1.com/t/2485/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/logo_white_2.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"51a72799190ea5d7d429362387114a51"
age
152
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
7990
x-amz-cf-id
6WS4dQk7bTZdG9zQWT8Azv6378VkLbrcSzICEZp034PD4meYbb1MFw==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
image/png
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
address.png
tours.specia1.com/t/2485/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/address.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d56035b1871d7689d1a95dd4b9d38ab9ebf0bc2e0a0b59f474fe2f39816c690

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"bd9476d9f407e290f817f77a0bf37674"
age
152
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
1384
x-amz-cf-id
NymiysEF3nfCcGuDOYyQ_BNHGPaFL0KxJDD2R2dtaCiDAq5XXG417w==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
image/png
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
arrow.svg
tours.specia1.com/t/2485/images/ 		867 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/arrow.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6efee9ca3dd0b249814e53fab132821a3c1b5370fdb02c704947399485ec43b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"d1482bd31dde1707b316f22bbe818ff4"
age
152
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
867
x-amz-cf-id
VGBvcCKGVK8HVpzALgHEZja1To_xU93PEjSqTJ8fiu9c91xOfoJAiw==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
image/svg+xml
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
logo_black_2.png
tours.specia1.com/t/2485/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/logo_black_2.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c20ee2af56bb668a50fc7e07b7c4e1fffb7881e82c92be3772080710e0106d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"1be9d2b7c1e68ae4caedc7b5a0c05cd6"
age
149
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
8048
x-amz-cf-id
FVltWXCcf2p9qAbvb8IpY_0sFW2adFlJuJ1md0ZVZy7OCbAWxeI46Q==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
image/png
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
utl.min.js
utl-1.com/1.8.7/ 		315 KB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.7/utl.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.188.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-188-59.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
615aaa3eeaa71bf39430e0cc1feb7925e0e5f2991eb7565960b64fa7b8835cb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

etag
"31bfbaf3ea1307bb840ccd063bac1cf9"
age
4608572
via
1.1 32c5b7040885724e78019cc31f0ef3e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
322440
x-amz-cf-id
6YzLiKL9v4hLEzzCIvndPWPsUkRBXxlfhz1jXw33hxz31y34ZdwR2w==
date
Fri, 11 Oct 2024 09:21:55 GMT
content-type
application/javascript
last-modified
Fri, 16 Aug 2024 07:02:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
x-amz-server-side-encryption
AES256
mst2.min.js
utl-1.com/1.8.7/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.7/mst2.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.188.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-188-59.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

etag
"3a2e1fe5f9de68d28807b0b5675235f4"
age
4608545
via
1.1 32c5b7040885724e78019cc31f0ef3e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
17794
x-amz-cf-id
j5x_2TXkOD-CEQabsz8W6UBz3EXG4xRjcErzNhmWNJ2kT3G55iIBvg==
date
Fri, 11 Oct 2024 09:22:22 GMT
content-type
application/javascript
last-modified
Fri, 16 Aug 2024 07:02:05 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C2
x-amz-server-side-encryption
AES256
footer_override.min.js
tours.specia1.com/t/common/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/footer_override.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6551005fdc8e598fff91fa18958f266e3d315897abf6c8a4307368106daf2b18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

content-encoding
gzip
etag
W/"797a7f5b6f48775deda898dea5892d12"
age
242
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
y-jqQSSgUSPreTlPLa6xWKAlHGYNxPneCDlimpQk_AsY8OozzIAKcA==
date
Tue, 03 Dec 2024 17:30:53 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:42:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
custom.js
tours.specia1.com/t/2485/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/custom.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05e91960ef4e6ddd61670f1ba20a629f7e337451e26781592d16bf13aa62b344

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

content-encoding
gzip
etag
W/"4489a1bdb0b1104ffb4f23b78fbb8127"
age
150
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Jvk3utuaUQCbhr3GDX581ILEpAev3KBlGo8b7KOpRoX_tzlO_pqZ5w==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
backtoMA.js
tours.specia1.com/t/common/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/backtoMA.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

content-encoding
gzip
etag
W/"07e836e82e77e5a68bb45546e70cd524"
age
225
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
_sYzgTsDYwofwj4zmoxg_mvR7mTPTDfGwct9ntmkJlHI7nxJWpWGDQ==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:42:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
emailPassing.js
tours.specia1.com/t/common/js/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/emailPassing.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"f388e70b1a3dc48d7c22f6b014124468"
age
34
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
836
x-amz-cf-id
dyZ1SAvTr_BQtSMggN6eYZ1CLCGRVdQ-UkqfvIUrRhHrvYcvDMdFUQ==
date
Tue, 03 Dec 2024 17:30:54 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:42:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
opticks.js
tours.specia1.com/t/common/js/ 		879 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/opticks.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
720c65cbe1bdca394f267cf306f21558ff6b34d1b55a70c63b919ac8096219fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"ac06e12242ff3ce25969e983f7829d72"
age
225
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
879
x-amz-cf-id
W1n5EUBiMBnqsniBmof9UuXdoDA_4hvzWfBbvxJ95Xt_yQjMbxfk7g==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:42:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
gtm.js
tours.specia1.com/t/common/js/ 		1 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/gtm.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8543af8ad24e25b427f3e0196186b8945b51476253b21974cc41140b2b8d8c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

content-encoding
gzip
etag
W/"5d32a5b7710287d48f57c9e7e33b0507"
age
242
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
X44aQPKfdX2XD3d_HB80lkdaxx7wRU3FzOm7mqf1-XjKzCT3aXtJIQ==
date
Tue, 03 Dec 2024 17:30:53 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:42:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=mrt4etr&ht=tk&f=24539.24540.24547.24548&a=8479565&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mrt4etr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"665c70ef-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
text/css
last-modified
Sun, 02 Jun 2024 13:17:35 GMT
server
nginx
6d0d9819e611e28a165c1c894e7998790112eec4.js
cdn.izooto.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/6d0d9819e611e28a165c1c894e7998790112eec4.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/common/js/repoUtilsV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e04c70d163f32af8c2af939cd801e19fa03418a10d941bfb0634c61c63422b1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66436dd1-dec"
age
28601
cf-ray
8ec54a58a9c37295-EWR
expires
Wed, 04 Dec 2024 17:31:27 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:27 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Tue, 14 May 2024 13:57:37 GMT
vary
Accept-Encoding
server
cloudflare
10.jpg
tours.specia1.com/t/2485/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/10.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f124e8b364ec618c14366fc65c712a813d684d991e7ee16673f24b1d6d4aec45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/css/style.css

Response headers

etag
"8e02968577113c9756b35fe4b3a3f855"
age
124
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
63118
x-amz-cf-id
CkCwkvrprSuHdBS4x7HIPtInAvqrTPd9f7CTwSHdVg7lRl8orKNFPw==
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
l
use.typekit.net/af/4cc789/00000000000000003b9b46ed/27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4cc789/00000000000000003b9b46ed/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mrt4etr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
b3db5b321134954282781d3367d7914e8a8cf5285dc35427820ecd889df5ff5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tours.specia1.com
Referer
https://use.typekit.net/mrt4etr.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"f9c1c4c847938c564b6f041956a850b045edf78a"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
47364
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/02ad94/00000000000000003b9b46f3/27/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/02ad94/00000000000000003b9b46f3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mrt4etr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da44 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
547b25285152529ca4f1cf1866154c61f5d92fd3d090d7f976d741f6551e321a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tours.specia1.com
Referer
https://use.typekit.net/mrt4etr.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"4589238bed773a5851c5884d8dd0501591bd1cb5"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
48496
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
application/font-woff2
server
nginx
5365509f582c318506
runsafeads.com/j/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://runsafeads.com/j/5365509f582c318506
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/common/js/opticks.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash
934baf9804f70e255d58dfbfdeee67dc73dc4206861d690af70a627342bb6ee7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

expires
Tue, 3 Dec 2024 20:31:28 GMT
cache-control
max-age=10800
content-length
29363
content-encoding
gzip
accept-ch
Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Form-Factors
etag
7R_m4E157H8dlCc_V9wfd-EJeUQ
content-type
text/javascript;charset=utf-8
ga.js
tours.specia1.com/assets/specia1/ 		392 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/assets/specia1/ga.js?_=1733247087493
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6003f930e7a6ff14bd5520a7324f5a4ffcecbd182aaff2e8ace7ec65d885aa45

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

etag
"eac15786f9b8937b5689ddf3faf0351d"
age
149
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
392
x-amz-cf-id
jhuEe6wcHfihzJP2X-Bycnbl0t0Oty01tSETA1gtcZqu-nMmAvBpjQ==
date
Tue, 03 Dec 2024 17:30:54 GMT
content-type
text/javascript
last-modified
Mon, 25 Nov 2024 11:40:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
api.php
secure.authbill.com/tour/ 		36 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f461af1c7755b50f1ab49f855a27c866b36cf4ec5b951b6bf4ca66fd8b14fb26

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
api.php
secure.authbill.com/tour/ 		804 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a1e3faf2c39efe278d1fbf640b833680842d2d71f275cd5ddda345793badf629

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
api.php
secure.authbill.com/tour/ 		20 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
78f9153b97d7ffc7cb808144a600ace9cbe92a0208cbf348d55280c40db65d70

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
api.php
secure.authbill.com/tour/ 		1 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
api.php
secure.authbill.com/tour/ 		223 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
46103f91ff1262e3ff903d8b1ec5380b361872b9c1efdb6326978ab226e2cdb8

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
api.php
secure.authbill.com/tour/ 		223 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
46103f91ff1262e3ff903d8b1ec5380b361872b9c1efdb6326978ab226e2cdb8

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
api.php
secure.authbill.com/tour/ 		0
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.7/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.233.65.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-65-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
access-control-allow-methods
POST, GET, OPTIONS
expires
Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/html; charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, content-type
gtm.js
www.googletagmanager.com/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLGG283G
Requested by
Host: wbdnhmo.com
URL: https://wbdnhmo.com/50878?r=33507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
851f823bd6ae68da592df1cb9feb68934a6aad0c039b906778c82f5423670f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 03 Dec 2024 17:31:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 16:43:33 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77168
x-xss-protection
0
server
Google Tag Manager
izooto.js
cdn.izooto.com/scripts/sdk/ 		367 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/6d0d9819e611e28a165c1c894e7998790112eec4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e91c02479a35ee28d5664f8d3e848199d8641fd99d33115ea3c995b8c688b685
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
public, max-age=1382400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"674daca2-5bb50"
age
103333
cf-ray
8ec54a595a6a7295-EWR
expires
Thu, 19 Dec 2024 17:31:27 GMT
access-control-allow-origin
*
date
Tue, 03 Dec 2024 17:31:27 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Mon, 02 Dec 2024 12:48:34 GMT
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wbdnhmo.com
URL: https://wbdnhmo.com/50878?r=33507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

content-encoding
gzip
age
158
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 19:28:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:28:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame E9FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tours.specia1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
452614
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
8ec54a5c1f297291-EWR
content-encoding
br
content-type
text/html
date
Tue, 03 Dec 2024 17:31:28 GMT
expires
Fri, 03 Jan 2025 17:31:28 GMT
last-modified
Tue, 14 May 2024 14:09:56 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		15 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1784511894&t=event&_s=1&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D111958_4191%26opt%3D5365509f582c318506%26xk%3Dd01170905affe4825d12f929e66ef420%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D2838a6734140429f83e69368511e962e212d9%2526sid%253D111958_4191%2526hts_id%253D5fa10d8b-91d3-4d97-8713-55333e8c4a37%26click_id%3D2838a6734140429f83e69368511e962e212d9%26i18n_country%3DUS%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&ul=en-us&de=UTF-8&dt=ChickTok&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2053913&ec=Tour%3A%2053913&ea=Current%20step%3A%2001&el=Total%20steps%3A%203&_u=YEBAAEABAAAAACAAI~&jid=720205810&gjid=208149658&cid=275868168.1733247088&tid=UA-148167200-1&_gid=831385730.1733247088&_r=1&_slc=1&z=1138132810
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dfe01ce5e8fbbe3892695f13f8cabc554b0a95b0a58805d0865225387c8f5e56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://tours.specia1.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://tours.specia1.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1784511894&t=pageview&_s=2&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D111958_4191%26opt%3D5365509f582c318506%26xk%3Dd01170905affe4825d12f929e66ef420%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D2838a6734140429f83e69368511e962e212d9%2526sid%253D111958_4191%2526hts_id%253D5fa10d8b-91d3-4d97-8713-55333e8c4a37%26click_id%3D2838a6734140429f83e69368511e962e212d9%26i18n_country%3DUS%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&ul=en-us&de=UTF-8&dt=ChickTok&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2053913&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=275868168.1733247088&tid=UA-148167200-1&_gid=831385730.1733247088&z=43890762
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

age
13126
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 13:52:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
js
www.googletagmanager.com/gtag/ 		323 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZQ21VBJLYY&l=dataLayer&cx=c&gtm=45He4bk0v9187435573za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLGG283G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3e95f074e2f6794ec6f4a82ce9fd7807341e8718adad7d04867e178f7c210b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 17:31:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109788
x-xss-protection
0
server
Google Tag Manager
mqtxzoz82m
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mqtxzoz82m?ref=gtm2
Requested by
Host: wbdnhmo.com
URL: https://wbdnhmo.com/50878?r=33507
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7753470041e5a91f158f532ffa0989f42fadef014bb1a94977192f045fd040ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
application/x-javascript
x-azure-ref
20241203T173128Z-178cd9dd65ff4z59hC1MNZsgf40000000he000000001ey7h
js
www.googletagmanager.com/gtag/ 		281 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3VNV02QTN6&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f5f723ccd6db2a7cd5f5a3238a9d4dcd7be5e3a841eda97e970dd8229c67fd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 17:31:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100653
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		1 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://tours.specia1.com
Referer

Response headers

Content-Type
text/javascript
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZQ21VBJLYY&gtm=45je4bk0v9185840901z89187435573za200zb9187435573&_p=1733247087563&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=275868168.1733247088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733247088&sct=1&seg=0&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D111958_4191%26opt%3D5365509f582c318506%26xk%3Dd01170905affe4825d12f929e66ef420%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D2838a6734140429f83e69368511e962e212d9%2526sid%253D111958_4191%2526hts_id%253D5fa10d8b-91d3-4d97-8713-55333e8c4a37%26click_id%3D2838a6734140429f83e69368511e962e212d9%26i18n_country%3DUS%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&dt=ChickTok&en=page_view&_fv=1&_ss=1&tfd=2716
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQ21VBJLYY&l=dataLayer&cx=c&gtm=45He4bk0v9187435573za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://tours.specia1.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3VNV02QTN6&gtm=45je4bk0v9125706636za200&_p=1733247087563&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=en-us&sr=1600x1200&cid=275868168.1733247088&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D111958_4191%26opt%3D5365509f582c318506%26xk%3Dd01170905affe4825d12f929e66ef420%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D2838a6734140429f83e69368511e962e212d9%2526sid%253D111958_4191%2526hts_id%253D5fa10d8b-91d3-4d97-8713-55333e8c4a37%26click_id%3D2838a6734140429f83e69368511e962e212d9%26i18n_country%3DUS%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&dt=ChickTok&ci=Tour%3A%2053913&sid=1733247088&sct=1&seg=0&en=Current%20step%3A%2001&_fv=1&_ss=1&_ee=1&ep.event_category=Tour%3A%2053913&ep.event_label=Total%20steps%3A%203&tfd=2763
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VNV02QTN6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://tours.specia1.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3VNV02QTN6&cid=275868168.1733247088&gtm=45je4bk0v9125706636za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VNV02QTN6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://tours.specia1.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 9DBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-3VNV02QTN6&gacid=275868168.1733247088&gtm=45je4bk0v9125706636za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1640156219
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3VNV02QTN6&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tours.specia1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 17:31:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZQ21VBJLYY&gtm=45je4bk0v9185840901z89187435573za200zb9187435573&_p=1733247087563&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=275868168.1733247088&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1733247088&sct=1&seg=0&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D111958_4191%26opt%3D5365509f582c318506%26xk%3Dd01170905affe4825d12f929e66ef420%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D2838a6734140429f83e69368511e962e212d9%2526sid%253D111958_4191%2526hts_id%253D5fa10d8b-91d3-4d97-8713-55333e8c4a37%26click_id%3D2838a6734140429f83e69368511e962e212d9%26i18n_country%3DUS%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&dt=ChickTok&en=gtm.js&_et=4&tfd=2819
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZQ21VBJLYY&l=dataLayer&cx=c&gtm=45He4bk0v9187435573za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://tours.specia1.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
text/plain
server
Golfe2
5365509f582c318506
runsafeads.com/h/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://runsafeads.com/h/5365509f582c318506?opticks-url=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D111958_4191%26opt%3D5365509f582c318506%26xk%3Dd01170905affe4825d12f929e66ef420%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D2838a6734140429f83e69368511e962e212d9%2526sid%253D111958_4191%2526hts_id%253D5fa10d8b-91d3-4d97-8713-55333e8c4a37%26click_id%3D2838a6734140429f83e69368511e962e212d9%26i18n_country%3DUS%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&_t0=1733247088157&_t1=1733247088452&t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Requested by
Host: runsafeads.com
URL: https://runsafeads.com/j/5365509f582c318506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://tours.specia1.com/

Response headers

cache-control
private, max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://tours.specia1.com
content-length
1200
content-type
application/json
clarity.js
www.clarity.ms/s/0.7.56/ 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mqtxzoz82m?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

x-azure-ref
20241203T173128Z-178cd9dd65ff4z59hC1MNZsgf40000000he000000001ey8d
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
c1d59581-501e-0016-61c5-40d80c000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7082DE0CD36B4174A46B96F70AE66E5B&RedC=c.clarity.ms&MXFR=22DAD40681296BCB1FB7C14C8529651A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7082DE0CD36B4174A46B96F70AE66E5B&MUID=300DD2B3ABF86D8D3FE2C7F9AA506CEB
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7082DE0CD36B4174A46B96F70AE66E5B&MUID=300DD2B3ABF86D8D3FE2C7F9AA506CEB
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Tue, 03 Dec 2024 17:31:28 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7082DE0CD36B4174A46B96F70AE66E5B&MUID=300DD2B3ABF86D8D3FE2C7F9AA506CEB
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7144314C99834B088E9B41D18CA513A4 Ref B: EWR30EDGE1408 Ref C: 2024-12-03T17:31:28Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Tue, 03 Dec 2024 17:31:28 GMT
x-powered-by
ASP.NET
favicon.ico
tours.specia1.com/t/2485/images/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.125.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-117.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0e52a46bb28c882584126b718cbb256bddaca6978cb484a7370358356a57236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37

Response headers

etag
"690a3f68651bbce4a0f121309801495d"
via
1.1 216cc93d387142758c190b0491dc538c.cloudfront.net (CloudFront)
x-cache
RefreshHit from cloudfront
content-length
4286
x-amz-cf-id
zVTGmuw4CqJ2yAOqd2n64cbr39az7GJCMvWGSWcAnMCWSPn_3rdMWg==
date
Tue, 03 Dec 2024 17:31:29 GMT
content-type
image/vnd.microsoft.icon
last-modified
Mon, 25 Nov 2024 11:41:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3
vary
Accept-Encoding
collect
z.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://tours.specia1.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://tours.specia1.com
Date
Tue, 03 Dec 2024 17:31:28 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
Primary Request /
moartraffic.engine.adglare.net/
Redirect Chain
  • https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=111958_4191&clickid=&click_id=track_20241203173128_09806f55_7087_4315_95ee_98028e53d550&user_id=&hx=&product_id=&hts_id=5fa10d8b-91d3-4d97-8...
  • https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=111958_4191&ag_custom_moarclickid=&ag_custom_moarhtsid=0acdc66c-efef-4f9d-869f-d2...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=111958_4191&ag_custom_moarclickid=&ag_custom_moarhtsid=0acdc66c-efef-4f9d-869f-d2d0b5a10624&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D111958_4191%26clickid%3D%26click_id%3Dtrack_20241203173128_09806f55_7087_4315_95ee_98028e53d550%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D0acdc66c-efef-4f9d-869f-d2d0b5a10624%26email%3D&click_id=track_20241203173128_09806f55_7087_4315_95ee_98028e53d550&hts_id=0acdc66c-efef-4f9d-869f-d2d0b5a10624&i18n_country=US
Requested by
Host: runsafeads.com
URL: https://runsafeads.com/j/5365509f582c318506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.58.145.229 Dallas, United States, ASN394380 (LEASEWEB-USA-DAL, US),
Reverse DNS
Software
/
Resource Hash
770cc617d91127e8d12b8233fb92c911ff5394d751359e70e7f96b29c6395441

Request headers

Referer
https://tours.specia1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, CSRFToken, Authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Tue, 03 Dec 2024 17:31:29 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
link
<//moartraffic.cdn.adglare.net>; rel=dns-prefetch
pragma
no-store, no-cache

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 17:31:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=111958_4191&ag_custom_moarclickid=&ag_custom_moarhtsid=0acdc66c-efef-4f9d-869f-d2d0b5a10624&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D111958_4191%26clickid%3D%26click_id%3Dtrack_20241203173128_09806f55_7087_4315_95ee_98028e53d550%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D0acdc66c-efef-4f9d-869f-d2d0b5a10624%26email%3D&click_id=track_20241203173128_09806f55_7087_4315_95ee_98028e53d550&hts_id=0acdc66c-efef-4f9d-869f-d2d0b5a10624&i18n_country=US
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.19
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
collect
z.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://tours.specia1.com/

Response headers

Request-Context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
Access-Control-Allow-Origin
https://tours.specia1.com
Date
Tue, 03 Dec 2024 17:31:28 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Domain/Path Name / Value
wbdnhmo.com/ Name: 47597
Value: 01938d93-ab83-7cc0-978a-e44e1bd860ee
da.off3riz.com/ Name: enc_aff_session_1884
Value: ENC034b6035e0a30f0a1568c1a7b2b0ef37e9147863646e03584b2b597338b1f8fdc0bed7e9b7bc3931396b261791bcb4af79f896a3301efffcc040709e5be89c210a9ef0a2e1699700ad90f1f68e5843060670bd390f23b243b5d86ca664d01166084ba8aa7fe915463750f75e4cd9a964b11c9261049f0d42a4fd77149dbcadc6a3901ee7b0d33f2de766e3eeb7bdf0647648d6fcb23ce272ca3547cc06a8c82d180a9e34be
da.off3riz.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMzEiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTMxLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.linksecure-dt.com/ Name: gdm_uid_v1_1_001
Value: HvdoGPNyqpVCV+GztPIX0nHpT39yVrmNawmu3fF6Rj9spuRciIwzoWoT8Xk5OjZl
.linksecure-dt.com/ Name: gdm_click_freq_v2_1_001
Value: nmEra6RzIwWYv8Kvg6fQtGmZ1WQ987enXfZm8YenlhIvHKKFTqWsh+q2S6KsBNGy
.linksecure-dt.com/ Name: gdm_click_freq_v1_1_001
Value: nmEra6RzIwWYv8Kvg6fQtGmZ1WQ987enXfZm8YenlhIvHKKFTqWsh+q2S6KsBNGy
.linksecure-dt.com/ Name: gdm_sid_v1_3_001
Value: 782irndzfMLTDBfghFO90tROa/VEfpp4qhoCNTkXTS9QrudraWXGrSmxiKkof1crfwTX03Or37sTvCkkF4R3AoyHBOjKm7mjygVR0L5yyCOq5ElrfTG3TYRzlb5Mg+UQf2RJBKigN8W5Yrp6I/dXyK9v8PpIsj62Oq34dU/brtgDD8CChtQt6nnQjiCPtC9feDor0PrQFT3409BPD531GMH6eUwm/QEJzVGl+ReHMD2uQx+9Rlvf4ZOtCnHRGiOxTposllNnfJYnWN5/QeIvjBDtTnjsPZ9lsJ8FiJl3bW+4G3d0/iGggprswlxAKBvZhwCTKB0LZvNtT5bUCMFcxNrDV02tr0m/qdLDu0oBKA8zcLzbDQhqNEgDrFPPSQxc+JmehF6XXgBUHNKBRr6OarATQjNSiqtB/l6bfwadmXg52EtgFCFthfChFcy5LqxP3EVNmUVCirqJIFAHJw0HVaHMDJJddB+PYctxNRJjaiYL4tSin7xVF4Jk03gDX1QGiVJJg5glcz6+G3CQqkfX8SiLFV+yz02zAmAwqxnU9bzBw4tpgHCQK9O1SMSqnKRfpVHzwboQ+PalzDolHF9OqlzLCTBSllCzatHIajYkI0O6B4mtcmV0jclpit9eHUDKlpnye3tTn9wGA0rwMilBGa7/G3trixsF25CI4Gcyr3AbN4aIfEemgdU5ck8bDZpmNhiXUNTKfUwJaHD+rCYDrB+lq1P/iu/7nJIaGR4dqMcK1mnyvZzK5X0zHSq9YZjlUtLKPyx5PPyLzLPyzIfVrtUCGjQxghP2pIDNG+bVspQH+Id0k4QdrSqEwVzlOBq63qzLm/Zy0k7PajQlc9NCereFsFqseVRh0F4HHcsT4bi9JIy+zfvxw2txVpnX67hnPkMGk74mTBcHF+NcJnGEqpP07r+Jqpq4rfMycTHU93PvC/JSDYK92fRTwSE4M/VfbiSvLWdvt4dpoYWuwt3L6TiHABcwl5ZhiYiar8jPQ75kHEG0DgONlj42CTdOwuOJQFDvFTr8uF1BT45Sk6ETOWGU4sn467Q1F9HkWVtTZ7HpCvjkWIta+4ZXr3+pXqjXyfCPWqjRyuBxWhrHPM8bmKCgzcN678J3w+ZkLW/ArCU0DqdoVcWo45vG57V4l0HkD0kWfSGWAH9zBx4OcvbX7Q==
.linksecure-dt.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.linksecure-dt.com/ Name: gdm_click_adv_freq_v1_1_001
Value: KHjGBPPYt5X2vk0cnipoVkXFJw0TcV+Ac9H6onQzafdKacTi3yAytxyqw2CDePxt
.linksecure-dt.com/ Name: gdm_uid_v2_1_001
Value: HvdoGPNyqpVCV+GztPIX0nHpT39yVrmNawmu3fF6Rj9spuRciIwzoWoT8Xk5OjZl
.linksecure-dt.com/ Name: gdm_click_adv_freq_v2_1_001
Value: KHjGBPPYt5X2vk0cnipoVkXFJw0TcV+Ac9H6onQzafdKacTi3yAytxyqw2CDePxt
.linksecure-dt.com/ Name: gdm_sid_v2_3_001
Value: 782irndzfMLTDBfghFO90tROa/VEfpp4qhoCNTkXTS9QrudraWXGrSmxiKkof1crfwTX03Or37sTvCkkF4R3AoyHBOjKm7mjygVR0L5yyCOq5ElrfTG3TYRzlb5Mg+UQf2RJBKigN8W5Yrp6I/dXyK9v8PpIsj62Oq34dU/brtgDD8CChtQt6nnQjiCPtC9feDor0PrQFT3409BPD531GMH6eUwm/QEJzVGl+ReHMD2uQx+9Rlvf4ZOtCnHRGiOxTposllNnfJYnWN5/QeIvjBDtTnjsPZ9lsJ8FiJl3bW+4G3d0/iGggprswlxAKBvZhwCTKB0LZvNtT5bUCMFcxNrDV02tr0m/qdLDu0oBKA8zcLzbDQhqNEgDrFPPSQxc+JmehF6XXgBUHNKBRr6OarATQjNSiqtB/l6bfwadmXg52EtgFCFthfChFcy5LqxP3EVNmUVCirqJIFAHJw0HVaHMDJJddB+PYctxNRJjaiYL4tSin7xVF4Jk03gDX1QGiVJJg5glcz6+G3CQqkfX8SiLFV+yz02zAmAwqxnU9bzBw4tpgHCQK9O1SMSqnKRfpVHzwboQ+PalzDolHF9OqlzLCTBSllCzatHIajYkI0O6B4mtcmV0jclpit9eHUDKlpnye3tTn9wGA0rwMilBGa7/G3trixsF25CI4Gcyr3AbN4aIfEemgdU5ck8bDZpmNhiXUNTKfUwJaHD+rCYDrB+lq1P/iu/7nJIaGR4dqMcK1mnyvZzK5X0zHSq9YZjlUtLKPyx5PPyLzLPyzIfVrtUCGjQxghP2pIDNG+bVspQH+Id0k4QdrSqEwVzlOBq63qzLm/Zy0k7PajQlc9NCereFsFqseVRh0F4HHcsT4bi9JIy+zfvxw2txVpnX67hnPkMGk74mTBcHF+NcJnGEqpP07r+Jqpq4rfMycTHU93PvC/JSDYK92fRTwSE4M/VfbiSvLWdvt4dpoYWuwt3L6TiHABcwl5ZhiYiar8jPQ75kHEG0DgONlj42CTdOwuOJQFDvFTr8uF1BT45Sk6ETOWGU4sn467Q1F9HkWVtTZ7HpCvjkWIta+4ZXr3+pXqjXyfCPWqjRyuBxWhrHPM8bmKCgzcN678J3w+ZkLW/ArCU0DqdoVcWo45vG57V4l0HkD0kWfSGWAH9zBx4OcvbX7Q==
.linksecure-dt.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.moartraffic.com/ Name: bd_ovtu
Value: 1
.moartraffic.com/ Name: affsubid
Value: 144866-111958_4191
.moartraffic.com/ Name: bdvisit
Value: 144866
.moartraffic.com/ Name: xk
Value: d01170905affe4825d12f929e66ef420
.specia1.com/ Name: tour
Value: 53913
.specia1.com/ Name: affsubid
Value: 144866-111958_4191
.specia1.com/ Name: reff
Value:
.specia1.com/ Name: upgrade_tour
Value: 53913
.specia1.com/ Name: guid
Value: 39F23F00-95F0-429C-9A7F-33C05DC72E45
.specia1.com/ Name: custom_tracking
Value: %5B%22address%22%2C%22ad_type%22%2C%22app_id%22%2C%22app_name%22%2C%22auth_token%22%2C%22a_aid%22%2C%22a_bid%22%2C%22banner%22%2C%22banner_id%22%2C%22banner_size%22%2C%22bn%22%2C%22c%22%2C%22cid%22%2C%22city%22%2C%22clickid%22%2C%22click_id%22%2C%22click_url%22%2C%22cmp_bo%22%2C%22cmp_member_id%22%2C%22consent%22%2C%22dx%22%2C%22email%22%2C%22exotracker%22%2C%22f%22%2C%22fbclid%22%2C%22fbid%22%2C%22first_name%22%2C%22gclid%22%2C%22gdpr%22%2C%22h%22%2C%22hts_id%22%2C%22hx%22%2C%22keyword%22%2C%22landerid%22%2C%22lander_id%22%2C%22last_name%22%2C%22misc_tour_info%22%2C%22niche%22%2C%22np%22%2C%22offer%22%2C%22origin%22%2C%22phone_number%22%2C%22placement%22%2C%22product%22%2C%22product_id%22%2C%22profile_visited%22%2C%22publisher%22%2C%22rcid%22%2C%22referer%22%2C%22reqid%22%2C%22rgc%22%2C%22rgh%22%2C%22rgm%22%2C%22schedule%22%2C%22sdaf%22%2C%22sdfsadf%22%2C%22session_initiated_by%22%2C%22sl%22%2C%22smoochy_user_id%22%2C%22snapchat_username%22%2C%22source%22%2C%22state%22%2C%22street%22%2C%22sv_cheating_mon%22%2C%22template%22%2C%22thumb_id%22%2C%22tracker_id%22%2C%22upgrade_uuid%22%2C%22upg_reason%22%2C%22userage%22%2C%22useremail%22%2C%22userzip%22%2C%22user_id%22%2C%22wellhello_profile_id%22%2C%22wellhello_upgrade_tour%22%2C%22xk%22%2C%22zip%22%5D
.specia1.com/ Name: prop_bn
Value: 38
.specia1.com/ Name: prop_click_id
Value: 2838a6734140429f83e69368511e962e212d9
.specia1.com/ Name: prop_hts_id
Value: 5fa10d8b-91d3-4d97-8713-55333e8c4a37
.specia1.com/ Name: prop_xk
Value: d01170905affe4825d12f929e66ef420
.specia1.com/ Name: _gid
Value: GA1.2.831385730.1733247088
.specia1.com/ Name: _gat
Value: 1
.tours.specia1.com/ Name: geoip
Value: %7B%22country_code%22%3A%22US%22%2C%22country_name%22%3A%22United%20States%20of%20America%22%2C%22region%22%3A%22New%20York%22%2C%22city%22%3A%22New%20York%20City%22%2C%22latitude%22%3A40.7199363708%2C%22longitude%22%3A-74.0050125122%2C%22zipcode%22%3A%2210013%22%2C%22isp_name%22%3A%22M247%20Europe%20SRL%22%2C%22mobile_brand%22%3A%22%22%7D
.specia1.com/ Name: affiliate_144866_is_terminated
Value: 0
.izooto.com/ Name: IZCID
Value: 2844c101-8177-4958-bc38-f34e9f088e5e
.specia1.com/ Name: _ga
Value: GA1.1.275868168.1733247088
www.clarity.ms/ Name: CLID
Value: a3f0861dc2064ad5a7e33a562e461b2e.20241203.20251203
.specia1.com/ Name: _ga_3VNV02QTN6
Value: GS1.2.1733247088.1.1.1733247088.60.0.0
.specia1.com/ Name: _clck
Value: 1ntyfu0%7C2%7Cfre%7C0%7C1798
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.tours.specia1.com/ Name: opticksid
Value: 7087431595ee9802674f407009806f558e53d550
.specia1.com/ Name: _clsk
Value: 197otun%7C1733247088969%7C1%7C1%7Cz.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 300DD2B3ABF86D8D3FE2C7F9AA506CEB
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 300DD2B3ABF86D8D3FE2C7F9AA506CEB
.moartraffic.com/ Name: bdreff
Value: https%3A%2F%2Ftours.specia1.com%2F
.moartraffic.com/ Name: tour
Value: 53940
.moartraffic.com/ Name: bdcounter
Value: 2
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 300DD2B3ABF86D8D3FE2C7F9AA506CEB
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.specia1.com/ Name: _ga_ZQ21VBJLYY
Value: GS1.1.1733247088.1.0.1733247089.0.0.0

1 Console Messages

Source Level URL
Text
rendering warning URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=111958_4191&opt=5365509f582c318506&xk=d01170905affe4825d12f929e66ef420&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D2838a6734140429f83e69368511e962e212d9%26sid%3D111958_4191%26hts_id%3D5fa10d8b-91d3-4d97-8713-55333e8c4a37&click_id=2838a6734140429f83e69368511e962e212d9&i18n_country=US&hts_id=5fa10d8b-91d3-4d97-8713-55333e8c4a37
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0A03902F4150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
c48wctn.yy.cleansite.us
cdn.izooto.com
da.off3riz.com
go.moartraffic.com
linksecure-dt.com
moartraffic.engine.adglare.net
p.typekit.net
runsafeads.com
secure.authbill.com
stats.g.doubleclick.net
td.doubleclick.net
tours.specia1.com
use.typekit.net
utl-1.com
wbdnhmo.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
z.clarity.ms
185.237.225.125
20.10.16.51
20.110.205.119
2001:4860:4802:32::181
209.58.145.229
2600:1408:c400:29::17da:da44
2600:1f18:66d3:cb20:4cd9:5cb5:5648:9a15
2606:4700::6810:8041
2606:4700::6810:ff40
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c19::8b
2620:1ec:29:1::40
2620:1ec:c11::237
3.162.125.117
34.233.65.32
52.21.71.109
52.86.83.175
62.212.87.243
94.130.252.84
99.84.188.59
05e91960ef4e6ddd61670f1ba20a629f7e337451e26781592d16bf13aa62b344
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f5f723ccd6db2a7cd5f5a3238a9d4dcd7be5e3a841eda97e970dd8229c67fd4
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2
27bfd892978a1454aeace298e543a317aefe9750e74faac177d85db1fe0968c8
2c4574545ebce0422224ae0bb19bc3d218a5c34b72dcb4b56c641b5ac21e2c1f
2d56035b1871d7689d1a95dd4b9d38ab9ebf0bc2e0a0b59f474fe2f39816c690
3c20ee2af56bb668a50fc7e07b7c4e1fffb7881e82c92be3772080710e0106d8
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
46103f91ff1262e3ff903d8b1ec5380b361872b9c1efdb6326978ab226e2cdb8
47cea28bfec5c538d54876cd35067beb37837e9a269964aca1ac6814feb8cb4a
547b25285152529ca4f1cf1866154c61f5d92fd3d090d7f976d741f6551e321a
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6003f930e7a6ff14bd5520a7324f5a4ffcecbd182aaff2e8ace7ec65d885aa45
615aaa3eeaa71bf39430e0cc1feb7925e0e5f2991eb7565960b64fa7b8835cb3
6551005fdc8e598fff91fa18958f266e3d315897abf6c8a4307368106daf2b18
6efee9ca3dd0b249814e53fab132821a3c1b5370fdb02c704947399485ec43b9
720c65cbe1bdca394f267cf306f21558ff6b34d1b55a70c63b919ac8096219fa
770cc617d91127e8d12b8233fb92c911ff5394d751359e70e7f96b29c6395441
7753470041e5a91f158f532ffa0989f42fadef014bb1a94977192f045fd040ec
78f9153b97d7ffc7cb808144a600ace9cbe92a0208cbf348d55280c40db65d70
7e04c70d163f32af8c2af939cd801e19fa03418a10d941bfb0634c61c63422b1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851f823bd6ae68da592df1cb9feb68934a6aad0c039b906778c82f5423670f84
934baf9804f70e255d58dfbfdeee67dc73dc4206861d690af70a627342bb6ee7
a1e3faf2c39efe278d1fbf640b833680842d2d71f275cd5ddda345793badf629
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4
b3db5b321134954282781d3367d7914e8a8cf5285dc35427820ecd889df5ff5a
b8543af8ad24e25b427f3e0196186b8945b51476253b21974cc41140b2b8d8c1
bbbbc23efb1174f835f76a06418ba2f3e169fbae763a377b150201e71aa00436
c0e52a46bb28c882584126b718cbb256bddaca6978cb484a7370358356a57236
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe01ce5e8fbbe3892695f13f8cabc554b0a95b0a58805d0865225387c8f5e56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e95f074e2f6794ec6f4a82ce9fd7807341e8718adad7d04867e178f7c210b4
e91c02479a35ee28d5664f8d3e848199d8641fd99d33115ea3c995b8c688b685
f124e8b364ec618c14366fc65c712a813d684d991e7ee16673f24b1d6d4aec45
f461af1c7755b50f1ab49f855a27c866b36cf4ec5b951b6bf4ca66fd8b14fb26