urlscan.io logo urlscan.io
SecurityTrails logo

mosaic2.jerkmate.com Open in urlscan Pro
3.161.119.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f
Effective URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&...
Submission: On August 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 25 domains to perform 73 HTTP transactions. The main IP is 3.161.119.92, located in United States and belongs to AMAZON-02, US. The main domain is mosaic2.jerkmate.com. The Cisco Umbrella rank of the primary domain is 901122.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 12th 2024. Valid for: a year.
This is the only time mosaic2.jerkmate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.89.245.10 31469 (XOSTING-AS)
3 3 52.86.83.175 14618 (AMAZON-AES)
16 18.65.64.31 16509 (AMAZON-02)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 18.239.36.80 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 62.212.87.243 60781 (LEASEWEB-...)
7 68.169.87.223 30602 (ISPRIME)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 95.211.140.208 60781 (LEASEWEB-...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.227.219.67 16509 (AMAZON-02)
1 1 13.227.219.128 16509 (AMAZON-02)
1 1 13.224.189.106 16509 (AMAZON-02)
5 3.161.119.92 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.35.198.118 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2620:116:800d... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 66.254.122.21 29789 (REFLECTED)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 66.254.114.154 29789 (REFLECTED)
1 63.34.78.54 16509 (AMAZON-02)
1 13.35.58.27 16509 (AMAZON-02)
1 18.66.122.57 16509 (AMAZON-02)
73 26
1    45.89.245.10 (Bulgaria)

ASN31469 (XOSTING-AS, UA)
PTR: no-rdns.blank.record
track.mltrck.com
3    52.86.83.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-83-175.compute-1.amazonaws.com
go.moartraffic.com
16    18.65.64.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-64-31.fco50.r.cloudfront.net
tours.specia1.com
3    2a02:26f0:3500:16::215:1490 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    18.239.36.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-80.ams58.r.cloudfront.net
utl-1.com
1    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2606:4700::6810:8041 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
2    62.212.87.243 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: opticksconversions.com
runsafeads.com
7    68.169.87.223 (United States)

ASN30602 (ISPRIME, US)
secure.authbill.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6810:ff40 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
2    95.211.140.208 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
moartraffic.engine.adglare.net
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.227.219.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-67.ams54.r.cloudfront.net
touchhh.com
1    13.227.219.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-128.ams54.r.cloudfront.net
t.ajump1.com
1    13.224.189.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-106.fra2.r.cloudfront.net
t.ajrkm3.com
5    3.161.119.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-92.vie50.r.cloudfront.net
mosaic2.jerkmate.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.35.198.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-198-118.fco50.r.cloudfront.net
gateway.jerkmate.com
1    2a02:26f0:480:b9e::14a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn-4.convertexperiments.com
2    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
6    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    66.254.122.21 (United States)

ASN29789 (REFLECTED, US)
static.trafficjunky.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:223c:9200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    66.254.114.154 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
ads.trafficjunky.net
1    63.34.78.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-78-54.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    13.35.58.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-27.fra60.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net
assets-tracking.crazyegg.com
Apex Domain
Subdomains		 Transfer
16 specia1.com
tours.specia1.com
100 KB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 4547
tracking.crazyegg.com — Cisco Umbrella Rank: 8138
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 9978
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 9638
86 KB
7 jerkmate.com
mosaic2.jerkmate.com — Cisco Umbrella Rank: 901122
gateway.jerkmate.com — Cisco Umbrella Rank: 229498
477 KB
7 authbill.com
secure.authbill.com — Cisco Umbrella Rank: 718691
25 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
95 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
301 KB
3 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 13270
86 KB
3 moartraffic.com
go.moartraffic.com — Cisco Umbrella Rank: 637713
3 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2337
pixel.quantserve.com — Cisco Umbrella Rank: 1616
10 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
2 adglare.net
moartraffic.engine.adglare.net — Cisco Umbrella Rank: 918013
1 KB
2 runsafeads.com
runsafeads.com — Cisco Umbrella Rank: 298498
29 KB
2 utl-1.com
utl-1.com — Cisco Umbrella Rank: 769967
324 KB
1 trafficjunky.net
ads.trafficjunky.net — Cisco Umbrella Rank: 36354
592 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 2075
1 KB
1 trafficjunky.com
static.trafficjunky.com — Cisco Umbrella Rank: 9308
4 KB
1 convertexperiments.com
cdn-4.convertexperiments.com — Cisco Umbrella Rank: 12596
58 KB
1 ajrkm3.com
t.ajrkm3.com — Cisco Umbrella Rank: 341849
2 KB
1 ajump1.com
t.ajump1.com
1 KB
1 touchhh.com
touchhh.com — Cisco Umbrella Rank: 817697
514 B
1 mltrck.com
track.mltrck.com
4 KB
0 google.de Failed
www.google.de Failed
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
0 google.com Failed
region1.analytics.google.com Failed
73 25
Domain Requested by
16 tours.specia1.com tours.specia1.com
utl-1.com
7 secure.authbill.com utl-1.com
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 mosaic2.jerkmate.com moartraffic.engine.adglare.net
mosaic2.jerkmate.com
3 www.googletagmanager.com www.google-analytics.com
mosaic2.jerkmate.com
www.googletagmanager.com
3 www.google-analytics.com tours.specia1.com
www.google-analytics.com
3 cdn.izooto.com tours.specia1.com
cdn.izooto.com
3 use.typekit.net tours.specia1.com
use.typekit.net
3 go.moartraffic.com 3 redirects
2 gateway.jerkmate.com mosaic2.jerkmate.com
gateway.jerkmate.com
2 fonts.googleapis.com mosaic2.jerkmate.com
2 moartraffic.engine.adglare.net runsafeads.com
2 runsafeads.com tours.specia1.com
runsafeads.com
2 utl-1.com tours.specia1.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tracking.crazyegg.com script.crazyegg.com
1 ads.trafficjunky.net
1 pixel.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.trafficjunky.com tours.specia1.com
1 secure.quantserve.com www.googletagmanager.com
1 cdn-4.convertexperiments.com www.googletagmanager.com
1 t.ajrkm3.com 1 redirects
1 t.ajump1.com 1 redirects
1 touchhh.com moartraffic.engine.adglare.net
1 p.typekit.net use.typekit.net
1 track.mltrck.com 1 redirects
0 www.google.de Failed
0 stats.g.doubleclick.net Failed www.googletagmanager.com
0 region1.analytics.google.com Failed www.googletagmanager.com
73 32

This site contains links to these domains. Also see Links.

Domain
google.com
www.crakrevenue.com
Subject Issuer Validity Valid
specia1.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
utl-1.com
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh
izooto.com
WE1		 2024-08-09 -
2024-11-07		 3 months crt.sh
track.opticks.io
R10		 2024-08-04 -
2024-11-02		 3 months crt.sh
secure.authbill.com
R10		 2024-07-07 -
2024-10-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.engine.adglare.net
Sectigo RSA Domain Validation Secure Server CA		 2024-02-08 -
2025-02-10		 a year crt.sh
touchhh.com
Amazon RSA 2048 M03		 2023-10-24 -
2024-11-20		 a year crt.sh
*.jerkmate.com
Sectigo RSA Organization Validation Secure Server CA		 2024-04-12 -
2025-05-13		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.convertexperiments.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-09 -
2024-11-09		 a year crt.sh
quantserve.com
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
script.crazyegg.com
Cloudflare Inc ECC CA-3		 2024-08-02 -
2024-12-31		 5 months crt.sh
*.trafficjunky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-11-02		 a year crt.sh
*.trafficjunky.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-11-14 -
2024-12-14		 a year crt.sh
crazyegg.com
Amazon RSA 2048 M03		 2024-05-24 -
2025-06-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Frame ID: 27B6CB4DBB3FD1EB760D3EB03CB1DC46
Requests: 73 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 6E5C593869A00EE27E49D5F4ADE6E74E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jerkmate | Never jerk off alone again

Page URL History Show full URLs

  1. http://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f HTTP 307
    https://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f HTTP 302
    https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&sid... HTTP 302
    https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a1... Page URL
  2. https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=202740_627_61_&clickid=&click_id=track_2024082... HTTP 302
    https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid... Page URL
  3. https://go.moartraffic.com/go.php?t=55036&aid=144866&sid=202740_627_61__BIDCreative%3A+240429687&hts_id... HTTP 302
    https://t.ajump1.com/2779/4551?aff_click_id=9965d3fe-1943-452a-a853-8fd8b2d9abe5&source=55036+&xk... HTTP 303
    https://t.ajrkm3.com/289177/6297?aff_sub=&aff_sub4=2779&aff_click_id=10266faa8469a8e2f49e670cac967b HTTP 303
    https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

73
Requests

93 %
HTTPS

41 %
IPv6

25
Domains

32
Subdomains

26
IPs

5
Countries

1621 kB
Transfer

3206 kB
Size

54
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f HTTP 307
    https://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f HTTP 302
    https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&sid=202740_627_61_ HTTP 302
    https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7 Page URL
  2. https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=202740_627_61_&clickid=&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&user_id=&hx=&product_id=&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7&email= HTTP 302
    https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE Page URL
  3. https://go.moartraffic.com/go.php?t=55036&aid=144866&sid=202740_627_61__BIDCreative%3A+240429687&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&product_id=&agcid=fTFwa1FXMDIhPS0pKiE-Iz0qMWdQXDEoKiU2ISggIDwlNiQ_JnpqWlYqLScrLCMmOy4zPiQmNTpne21lJyM6IDAlNX9PVyYjKyAmOC4wKi8lPit0aW9wb0ZsYDAyJjIrLCElOS41MT8mcGgxKColNC42IiM9OTc3JiooKyAwJDVmdm19ZntuZGRxdio6KTBMUlA7NDF2bGFsZXYmIzpjcSo7J3tqfGV6cnckKSZacGF9ZXIlKCokPDk5NSgjJjU6f3NmcHB4f3YwMzVhYzEoO3dgMDI1SXB2ZmorOydifGl4cX0wMjV2aX1we2gmK2V8aTs0MXNsY3xpfTEoK2J3anVhfHwxPip2YX93YX9oYyc8MSY1On9zZnNsd39MZ3t7JzwxYC4qKiQ_cjc7NDFne3tadHZifGp2YCotJ3FsZ2J6LVkpTyttd2Zgezl2aX1we2gmK2V8aTs0MXFsJicjOjE-K3RhNDE-Ozo_MGtzNjsiMTAlNWZiJyYjOjE-KnRhLDopMCtq_979af659 HTTP 302
    https://t.ajump1.com/2779/4551?aff_click_id=9965d3fe-1943-452a-a853-8fd8b2d9abe5&source=55036+&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D55036%26aid%3D144866%26sid%3D202740_627_61__BIDCreative%253A%2B240429687%26hts_id%3D9965d3fe-1943-452a-a853-8fd8b2d9abe5%26product_id%3D%26agcid%3DfTFwa1FXMDIhPS0pKiE-Iz0qMWdQXDEoKiU2ISggIDwlNiQ_JnpqWlYqLScrLCMmOy4zPiQmNTpne21lJyM6IDAlNX9PVyYjKyAmOC4wKi8lPit0aW9wb0ZsYDAyJjIrLCElOS41MT8mcGgxKColNC42IiM9OTc3JiooKyAwJDVmdm19ZntuZGRxdio6KTBMUlA7NDF2bGFsZXYmIzpjcSo7J3tqfGV6cnckKSZacGF9ZXIlKCokPDk5NSgjJjU6f3NmcHB4f3YwMzVhYzEoO3dgMDI1SXB2ZmorOydifGl4cX0wMjV2aX1we2gmK2V8aTs0MXNsY3xpfTEoK2J3anVhfHwxPip2YX93YX9oYyc8MSY1On9zZnNsd39MZ3t7JzwxYC4qKiQ_cjc7NDFne3tadHZifGp2YCotJ3FsZ2J6LVkpTyttd2Zgezl2aX1we2gmK2V8aTs0MXFsJicjOjE-K3RhNDE-Ozo_MGtzNjsiMTAlNWZiJyYjOjE-KnRhLDopMCtq_979af659&hts_id=9965d3fe-1943-452a-a853-8fd8b2d9abe5&i18n_country=DE HTTP 303
    https://t.ajrkm3.com/289177/6297?aff_sub=&aff_sub4=2779&aff_click_id=10266faa8469a8e2f49e670cac967b HTTP 303
    https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f HTTP 307
  • https://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f HTTP 302
  • https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&sid=202740_627_61_ HTTP 302
  • https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Request Chain 36
  • https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=202740_627_61_&clickid=&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&user_id=&hx=&product_id=&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7&email= HTTP 302
  • https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tours.specia1.com/t/2485/
Redirect Chain
  • http://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f
  • https://track.mltrck.com/?a=202740&c=313909&mt=3&s1=627_61_&s2=66c3a1d58fc2880001277c6f
  • https://go.moartraffic.com/go.php?t=53913&aid=144866&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&sid=202740_627_61_
  • https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26a...
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11be45fab1542b2bc5bdc4193d75c60ef28b2e79e102f67fea1722522868c33c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 21 Aug 2024 20:08:24 GMT
etag
W/"d2f28accc2e5b30b1e4aa0366a726a45"
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
x-amz-cf-id
TNm58oCDiL592QZoB7it_FooGIVIPGSGKlBWctGS6ctoRjHSnmT3xQ==
x-amz-cf-pop
FCO50-P1
x-cache
RefreshHit from cloudfront

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 20:08:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.19
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
mrt4etr.css
use.typekit.net/ 		3 KB
953 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/mrt4etr.css
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2c4574545ebce0422224ae0bb19bc3d218a5c34b72dcb4b56c641b5ac21e2c1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 21 Aug 2024 20:08:24 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
730
style.css
tours.specia1.com/t/2485/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/css/style.css
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbbbc23efb1174f835f76a06418ba2f3e169fbae763a377b150201e71aa00436

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
content-encoding
gzip
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
W/"f5b8d4c78ff318ff5f7e4a002869440e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
x-amz-cf-id
i-8DcpM6XbpdxCdkg8CzhYysr5b3y-_zh41aO1ZjSnLQi6PtAWQrwQ==
repoUtilsV2.js
tours.specia1.com/t/common/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/repoUtilsV2.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27bfd892978a1454aeace298e543a317aefe9750e74faac177d85db1fe0968c8

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:24 GMT
content-encoding
gzip
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:54:35 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
age
149
etag
W/"463ab17c7b265e702f3c4390d78b31b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
-uziW79Wa7E_Ma4lJ0Vpwp0CSs3tTgrmnqRX7NnaYagqmGAt6sJ0bA==
logo_white_2.png
tours.specia1.com/t/2485/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/logo_white_2.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"51a72799190ea5d7d429362387114a51"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
content-length
7990
x-amz-cf-id
ozx8CYPfYasFfg7f_D-WG1_lxY24lZn_0xjMn1is64I9wPTvlmfOlw==
address.png
tours.specia1.com/t/2485/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/address.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d56035b1871d7689d1a95dd4b9d38ab9ebf0bc2e0a0b59f474fe2f39816c690

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"bd9476d9f407e290f817f77a0bf37674"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
content-length
1384
x-amz-cf-id
xJKcdtWvvwyWBIF-DGop6dL_qZRpuELS3lyVccFNW_4Mkl5_Vl4S9g==
arrow.svg
tours.specia1.com/t/2485/images/ 		867 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/arrow.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6efee9ca3dd0b249814e53fab132821a3c1b5370fdb02c704947399485ec43b9

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"d1482bd31dde1707b316f22bbe818ff4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
content-length
867
x-amz-cf-id
55fe1JGuJCeL96ELYRd1JSJIMRKmdXZq9NsmtnMjh6E2GLVC4Yzkig==
logo_black_2.png
tours.specia1.com/t/2485/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/logo_black_2.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c20ee2af56bb668a50fc7e07b7c4e1fffb7881e82c92be3772080710e0106d8

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:26 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"1be9d2b7c1e68ae4caedc7b5a0c05cd6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
content-length
8048
x-amz-cf-id
fEMcvK5XAPAD9eUEPfDpcK4a2amdYABc7az8esn7NH2_QWljxRvtOw==
utl.min.js
utl-1.com/1.8.3/ 		306 KB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.3/utl.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-80.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
296bbfa1948456235ba177e6134d088582166ed1f2d4295482da3fceb9e5250e

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 07 May 2024 11:01:05 GMT
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 12:19:21 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
9191240
etag
"4bfdc0d9c9c9e17400ba70444b2cec36"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
313267
x-amz-cf-id
gUYcBzjCzjsMDsiQrEjZJXLf5RZaFfx4MtgnOBlmcLFiGfSMypAiiA==
mst2.min.js
utl-1.com/1.8.3/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.3/mst2.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-80.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 15 May 2024 09:22:19 GMT
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 12:19:21 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
8505966
etag
"3a2e1fe5f9de68d28807b0b5675235f4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17794
x-amz-cf-id
bFsnf8PMw7s9x1_p66kEQBfyf3_dkfeVuRNcheWMihdPkF-FhmLhsg==
footer_override.min.js
tours.specia1.com/t/common/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/footer_override.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45ef13c44a036731f700e5d6351134334e3f436a4c9af3d577be419e51f412bb

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:05:06 GMT
content-encoding
gzip
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:54:35 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
age
199
etag
W/"bce527ef9e6ea886fffc7cee9fc69826"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Ld6H3dwUPLhOfhURf5GieQd5ik5gAQfhr3UAZMVJ5TOmNhqg6EZOpg==
custom.js
tours.specia1.com/t/2485/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/2485/custom.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05e91960ef4e6ddd61670f1ba20a629f7e337451e26781592d16bf13aa62b344

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
content-encoding
gzip
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
W/"4489a1bdb0b1104ffb4f23b78fbb8127"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
x-amz-cf-id
xec27eIDRsvA0pnOCDLFD6gGPPanMW8ORARWAEbz08LVewH1JDKhUA==
backtoMA.js
tours.specia1.com/t/common/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/backtoMA.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:24 GMT
content-encoding
gzip
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:54:35 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
age
111
etag
W/"07e836e82e77e5a68bb45546e70cd524"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
qZrgh9Bp2zmWrB3_tMd1jZUGMp-_WDpT6SgnLolegkL0Oe6tuz6Nyw==
emailPassing.js
tours.specia1.com/t/common/js/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/emailPassing.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:03:27 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:54:35 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
age
298
etag
"f388e70b1a3dc48d7c22f6b014124468"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
836
x-amz-cf-id
BgkAmdRFY8aF-MBqZQNj7AgDBD9BVjm-pJggMzpx0ZjAl7IhEZbVLQ==
opticks.js
tours.specia1.com/t/common/js/ 		879 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/t/common/js/opticks.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
720c65cbe1bdca394f267cf306f21558ff6b34d1b55a70c63b919ac8096219fa

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:24 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:54:35 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
age
111
etag
"ac06e12242ff3ce25969e983f7829d72"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
879
x-amz-cf-id
JpErk-uYOuGYzkZd84wpEyky7gd3raWasM2aODH1A79K1folh-9XCg==
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=mrt4etr&ht=tk&f=24539.24540.24547.24548&a=8479565&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mrt4etr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:24 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
6d0d9819e611e28a165c1c894e7998790112eec4.js
cdn.izooto.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/6d0d9819e611e28a165c1c894e7998790112eec4.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/common/js/repoUtilsV2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e04c70d163f32af8c2af939cd801e19fa03418a10d941bfb0634c61c63422b1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 14 May 2024 13:57:37 GMT
server
cloudflare
age
612194
etag
W/"66436dd1-dec"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
8b6d41461de318d6-FRA
x-xss-protection
1; mode=block
expires
Thu, 22 Aug 2024 20:08:25 GMT
logo_white_2.png
tours.specia1.com/t/2485/images/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/logo_white_2.png
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"51a72799190ea5d7d429362387114a51"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/png
content-length
7990
x-amz-cf-id
ozx8CYPfYasFfg7f_D-WG1_lxY24lZn_0xjMn1is64I9wPTvlmfOlw==
arrow.svg
tours.specia1.com/t/2485/images/ 		867 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/arrow.svg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6efee9ca3dd0b249814e53fab132821a3c1b5370fdb02c704947399485ec43b9

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"d1482bd31dde1707b316f22bbe818ff4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
content-length
867
x-amz-cf-id
55fe1JGuJCeL96ELYRd1JSJIMRKmdXZq9NsmtnMjh6E2GLVC4Yzkig==
10.jpg
tours.specia1.com/t/2485/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.specia1.com/t/2485/images/10.jpg
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f124e8b364ec618c14366fc65c712a813d684d991e7ee16673f24b1d6d4aec45

Request headers

Referer
https://tours.specia1.com/t/2485/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:53:07 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
etag
"8e02968577113c9756b35fe4b3a3f855"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
content-length
63118
x-amz-cf-id
hOICI6zEP4W-_2i7KZiB4fxwGZFSTE6qZ9Mi5R7aEQjQJhM_0Hx1GA==
l
use.typekit.net/af/4cc789/00000000000000003b9b46ed/27/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4cc789/00000000000000003b9b46ed/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mrt4etr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b3db5b321134954282781d3367d7914e8a8cf5285dc35427820ecd889df5ff5a

Request headers

Referer
https://use.typekit.net/mrt4etr.css
Origin
https://tours.specia1.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
server
nginx
etag
"f9c1c4c847938c564b6f041956a850b045edf78a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47364
l
use.typekit.net/af/02ad94/00000000000000003b9b46f3/27/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/02ad94/00000000000000003b9b46f3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mrt4etr.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
547b25285152529ca4f1cf1866154c61f5d92fd3d090d7f976d741f6551e321a

Request headers

Referer
https://use.typekit.net/mrt4etr.css
Origin
https://tours.specia1.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
server
nginx
etag
"4589238bed773a5851c5884d8dd0501591bd1cb5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
48496
5365509f582c318506
runsafeads.com/j/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://runsafeads.com/j/5365509f582c318506
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/common/js/opticks.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash
ef6d883fdab0e39432f02cc1e84c5cd43565b8aa98e0daf751c1dc92d0949c14

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 21 Aug 2024 23:08:25 GMT
cache-control
max-age=10800
content-encoding
gzip
accept-ch
Width, Viewport-Width, Viewport-Height, Device-Memory, Content-DPR, DPR, Save-Data, Downlink, ECT, RTT, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Form-Factors
etag
KewLx7Vr1wLbmCMDNyKxQpYuK4A
content-length
28358
content-type
text/javascript;charset=utf-8
ga.js
tours.specia1.com/assets/specia1/ 		392 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tours.specia1.com/assets/specia1/ga.js?_=1724270905079
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.64.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-64-31.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6003f930e7a6ff14bd5520a7324f5a4ffcecbd182aaff2e8ace7ec65d885aa45

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
via
1.1 f046a411f8ece53aac34ad8ae0a729dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 13:52:03 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P1
age
108
etag
"eac15786f9b8937b5689ddf3faf0351d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
392
x-amz-cf-id
8AQlbCTg_i_EN9Bt0aUbg3StdfKcaNUcSwfggGCaOXzXCSK8qB6xOQ==
api.php
secure.authbill.com/tour/ 		36 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:04:23 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		804 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:27 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		20 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:26 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		1 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:04:23 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		193 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:27 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		193 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:26 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		0
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:04:24 GMT
x-content-type-options
nosniff
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
expires
Thu, 19 Nov 1981 08:52:00 GMT
izooto.js
cdn.izooto.com/scripts/sdk/ 		366 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/6d0d9819e611e28a165c1c894e7998790112eec4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8041 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:25 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 07 Aug 2024 10:20:28 GMT
server
cloudflare
age
35236
etag
W/"66b34a6c-5b6e9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
8b6d414838b418d6-FRA
x-xss-protection
1; mode=block
expires
Fri, 06 Sep 2024 20:08:25 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 21 Aug 2024 19:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3200
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 21 Aug 2024 21:15:05 GMT
truncated
/ 		1 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
Origin
https://tours.specia1.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
text/javascript
5365509f582c318506
runsafeads.com/h/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://runsafeads.com/h/5365509f582c318506?opticks-url=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D202740_627_61_%26opt%3D5365509f582c318506%26xk%3Da0a190903a3f04a2ade229d963666439%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D1dab3f8e513742f6ad8fd853136b47d6212d9%2526sid%253D202740_627_61_%2526hts_id%253D1deacf04-a5d2-4444-9a71-e11e7d170fd7%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26i18n_country%3DDE%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&_t0=1724270905636&_t1=1724270905830&t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Requested by
Host: runsafeads.com
URL: https://runsafeads.com/j/5365509f582c318506
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
62.212.87.243 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
opticksconversions.com
Software
/
Resource Hash

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
content-encoding
gzip
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://tours.specia1.com
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
976
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 6E5C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:ff40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tours.specia1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
534925
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
8b6d414d8c652c3d-FRA
content-encoding
br
content-type
text/html
date
Wed, 21 Aug 2024 20:08:26 GMT
expires
Sat, 21 Sep 2024 20:08:26 GMT
last-modified
Tue, 14 May 2024 14:09:56 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
moartraffic.engine.adglare.net/
Redirect Chain
  • https://go.moartraffic.com/go.php?t=53939&aid=144866&sid=202740_627_61_&clickid=&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&user_id=&hx=&product_id=&hts_id=1deacf04-a5d2-444...
  • https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE
Requested by
Host: runsafeads.com
URL: https://runsafeads.com/j/5365509f582c318506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.211.140.208 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, CSRFToken, Authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, no-transform, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 21 Aug 2024 20:08:27 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
link
<//moartraffic.cdn.adglare.net>; rel=dns-prefetch
pragma
no-store, no-cache

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 21 Aug 2024 20:08:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.19
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
collect
www.google-analytics.com/j/ 		15 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2000596656&t=event&_s=1&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D202740_627_61_%26opt%3D5365509f582c318506%26xk%3Da0a190903a3f04a2ade229d963666439%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D1dab3f8e513742f6ad8fd853136b47d6212d9%2526sid%253D202740_627_61_%2526hts_id%253D1deacf04-a5d2-4444-9a71-e11e7d170fd7%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26i18n_country%3DDE%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&ul=de-de&de=UTF-8&dt=ChickTok&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2053913&ec=Tour%3A%2053913&ea=Current%20step%3A%2001&el=Total%20steps%3A%203&_u=YEBAAEABAAAAACAAI~&jid=608484312&gjid=650327275&cid=280892851.1724270906&tid=UA-148167200-1&_gid=1069248892.1724270906&_r=1&_slc=1&z=1376089620
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tours.specia1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2000596656&t=pageview&_s=2&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D202740_627_61_%26opt%3D5365509f582c318506%26xk%3Da0a190903a3f04a2ade229d963666439%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D1dab3f8e513742f6ad8fd853136b47d6212d9%2526sid%253D202740_627_61_%2526hts_id%253D1deacf04-a5d2-4444-9a71-e11e7d170fd7%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26i18n_country%3DDE%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&ul=de-de&de=UTF-8&dt=ChickTok&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2053913&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=280892851.1724270906&tid=UA-148167200-1&_gid=1069248892.1724270906&z=2012843530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 09:03:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39891
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		265 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3VNV02QTN6&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tours.specia1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94956
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 21 Aug 2024 20:08:27 GMT
collect
region1.analytics.google.com/g/ 		0
0
collect
stats.g.doubleclick.net/g/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
touch
touchhh.com/ 		68 B
514 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://touchhh.com/touch?type=3&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&traffic_risk_score=-alpha&zone_id=334095376&campaign_id=238032523&creative_id=240429687&zone_name=Qkkie+Zone+Optiks&campaign_name=Zone+Optiks+Jerkmate+%28CrakRevenue%29+External+Performance+on+Qkkie&product_id=
Requested by
Host: moartraffic.engine.adglare.net
URL: https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-67.ams54.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://moartraffic.engine.adglare.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:28 GMT
via
1.1 26cdacf328fe4eb4e28173938ab3e92c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
x-amzn-requestid
45d2836c-49fc-42b8-bae1-b576277a2729
x-amzn-trace-id
Root=1-66c6493c-63ea16a41319194e08ab9dd1;Parent=3b6debb28701e6ef;Sampled=0;lineage=23f7427b:0
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
no-store, max-age=0
x-amz-apigw-id
c4BhgGmUIAMEvNQ=
content-length
68
x-amz-cf-id
vG-gUy_tfUeIn-rxE1ZSaiIXeZkyBLEMX6iFfP1Jmk5Ys4-l63_wCA==
Primary Request /
mosaic2.jerkmate.com/
Redirect Chain
  • https://go.moartraffic.com/go.php?t=55036&aid=144866&sid=202740_627_61__BIDCreative%3A+240429687&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&product_id=&agcid=fTFwa1FXMDIhPS0pKiE-Iz0qMWdQXDEoKiU2IS...
  • https://t.ajump1.com/2779/4551?aff_click_id=9965d3fe-1943-452a-a853-8fd8b2d9abe5&source=55036+&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D55036%26a...
  • https://t.ajrkm3.com/289177/6297?aff_sub=&aff_sub4=2779&aff_click_id=10266faa8469a8e2f49e670cac967b
  • https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
94 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Requested by
Host: moartraffic.engine.adglare.net
URL: https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-92.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4085560d671ee7d2553f5bc4b0343c23f49fd587b0591c000ecab3b399a6308d

Request headers

Referer
https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
69864
content-encoding
br
content-language
html
content-type
text/html
date
Wed, 21 Aug 2024 00:44:07 GMT
etag
W/"7f2947ca389c58be264a976f24b97121"
last-modified
Fri, 26 Apr 2024 19:49:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 e56e15c46c4ad370efdb5828e31ce690.cloudfront.net (CloudFront)
x-amz-cf-id
61C51IVO9ThWnOMf4HTwx1qjZi3Lf5z6mRWFU-63BixYXgO6kSorEg==
x-amz-cf-pop
VIE50-P2
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
362
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 20:08:29 GMT
location
https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
strict-transport-security
max-age=31536000; includeSubDomains
tracking_id
10225d13b0e3b881902f639a09a6a9
vary
Accept
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-id
sppn0Czets-gwJIar6HukbmJLloPYbGt3Bop9LKyEYncy18-Qyiqag==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
favicon.ico
moartraffic.engine.adglare.net/ 		0
48 B 		Other
General
Check archive.org
Download Go to
Full URL
https://moartraffic.engine.adglare.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.211.140.208 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://moartraffic.engine.adglare.net/?334095376=&ag_custom_moaraid=144866&ag_custom_moart=53940&ag_custom_moarsid=202740_627_61_&ag_custom_moarclickid=&ag_custom_moarhtsid=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&ag_custom_moarpid=&ag_custom_moaruserid=&ag_custom_moarhx=&ag_custom_moaremail=&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53939%26aid%3D144866%26sid%3D202740_627_61_%26clickid%3D%26click_id%3Dtrack_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a%26user_id%3D%26hx%3D%26product_id%3D%26hts_id%3D6e20fc32-04c8-4e12-afa8-d44464cb5f6b%26email%3D&click_id=track_20240821200825_d21b1dd3_4092_4fc8_990e_85a9725c314a&hts_id=6e20fc32-04c8-4e12-afa8-d44464cb5f6b&i18n_country=DE
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:28 GMT
content-length
0
content-type
image/x-icon
style.dotsass
mosaic2.jerkmate.com/templates/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosaic2.jerkmate.com/templates/css/style.dotsass?v=2
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-92.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c97bd2f243bb66d54288af597bc39a71e7d5fa3b359dd303fcba8dde80f7ccee

Request headers

Referer
https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 02:30:28 GMT
content-encoding
br
via
1.1 e56e15c46c4ad370efdb5828e31ce690.cloudfront.net (CloudFront)
last-modified
Fri, 26 Apr 2024 19:49:42 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
63482
etag
W/"f93941b68341a0096803bfc1dd4dcf07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
-QK3CoeBvF-f0PufEsREc5ksAhYDTpehJLz5I_nel7-2PTXOHou8LA==
css2
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 19:20:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Aug 2024 20:08:30 GMT
jerkmate_logo.jpg
mosaic2.jerkmate.com/asset/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosaic2.jerkmate.com/asset/img/jerkmate_logo.jpg
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-92.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc5e16fac006ede6734eeec64317886bef58e46cc7f4c7137e0bcc27164881dc

Request headers

Referer
https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 06:33:53 GMT
via
1.1 e56e15c46c4ad370efdb5828e31ce690.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 20:56:22 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
48878
etag
"f00248272efbe80d90832442ba8cdcb5"
x-cache
Hit from cloudfront
content-type
image/jpeg
content-length
12113
x-amz-cf-id
kpu66cB61scj-zxy14yQP4wBt3Nn8mhHHIqZImW0Xy_-iN6t4cKfnw==
ws-session-widget.min.js
gateway.jerkmate.com//wswidget/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.jerkmate.com//wswidget/ws-session-widget.min.js
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-118.fco50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d10e25c5f6830687363a5505c30166afd3f1f3ee1cf79f0a45070bc3fab5747

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:03:44 GMT
content-encoding
br
via
1.1 5b065982ad7c7fe48a6ccaab0b0a8756.cloudfront.net (CloudFront)
last-modified
Wed, 21 Aug 2024 12:54:34 GMT
server
AmazonS3
x-amz-cf-pop
FCO50-P6
age
285
x-amz-server-side-encryption
AES256
etag
W/"e8fa665904aab2c090380372b68b55e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
x-amz-cf-id
a2DuyPmv0WUo2uv5gPv3SXGrKMZaF92lWxA5EHRsnLlI_lVp4PKXLw==
apigw-requestid
c4A1Mir1IAMEZFA=
css2
fonts.googleapis.com/ 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400&display=swap
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 20:08:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Aug 2024 20:08:30 GMT
gtm.js
www.googletagmanager.com/ 		380 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4dfdda1e263677d3ec7ad95fdfbb4548231bf2d262b433cf14b581cb622b1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
115323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 21 Aug 2024 20:08:30 GMT
ws-session
gateway.jerkmate.com/session-api/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gateway.jerkmate.com/session-api/ws-session?referer=https%3A%2F%2Fmoartraffic.engine.adglare.net%2F
Requested by
Host: gateway.jerkmate.com
URL: https://gateway.jerkmate.com//wswidget/ws-session-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.198.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-198-118.fco50.r.cloudfront.net
Software
/
Resource Hash
5862d973c1a4f0ec8e0370eb4a03197ce71b513e72b5e9921f3c3d7dea2a68c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 20:08:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
via
1.1 881478a2588e31f9437b2265de7b95d8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FCO50-P6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
x-amz-cf-id
Wewj9LsEW-oCcfNiseGfrVse-deSaD8CRDtl-35JnanUvpS27s9Q_g==
apigw-requestid
c4Bh4jrpoAMEV1w=
x-xss-protection
1; mode=block
mosaic_jerkmate.jpg
mosaic2.jerkmate.com/asset/img/ 		426 KB
427 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosaic2.jerkmate.com/asset/img/mosaic_jerkmate.jpg
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-92.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42fdebedd65b242754eb1071edbd60075fa9478efa1729a4f146a2bb67c51d30

Request headers

Referer
https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 09:55:28 GMT
via
1.1 e56e15c46c4ad370efdb5828e31ce690.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 20:56:22 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
36783
etag
"e69bb790378d1ea1958afecb19bf52de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
content-length
436014
x-amz-cf-id
vy8FPFrp01OM4qfWBDP4SXiL9sJiYE3R_r_63_nnxIBRi2q_EuthSw==
js
www.googletagmanager.com/gtag/ 		291 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S6XTBZ5V47&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd45c527dafdb7842ea5039626e680bc37dcd4ee86e2aecb8421b9799589672b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96637
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 21 Aug 2024 20:08:30 GMT
10047751-10049032.js
cdn-4.convertexperiments.com/v1/js/ 		287 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-4.convertexperiments.com/v1/js/10047751-10049032.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:b9e::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
183f134be7e0b0a1e4a06b9caf0745c3f53d419e1f6962bf2dbdb15552d8166f

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=300
access-control-allow-headers
*
content-length
58942
expires
Wed, 21 Aug 2024 20:13:30 GMT
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 28 Aug 2024 20:08:30 GMT
2536.js
script.crazyegg.com/pages/scripts/0116/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0116/2536.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c07399c59df77dac20ea9f622cf185e42220d3f4aafe44ff579363c9359ab3

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7796
cf-polished
origSize=6998
ce-version
11.5.268
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 21 Aug 2024 17:58:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8b6d4168ae949b82-FRA
mp.min.js
static.trafficjunky.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trafficjunky.com/js/mp.min.js
Requested by
Host: tours.specia1.com
URL: https://tours.specia1.com/t/2485/?t=53913&aid=144866&sid=202740_627_61_&opt=5365509f582c318506&xk=a0a190903a3f04a2ade229d963666439&bn=38&gu=https%3A%2F%2Fgo.moartraffic.com%2Fgo.php%3Ft%3D53913%26aid%3D144866%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26sid%3D202740_627_61_%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&click_id=1dab3f8e513742f6ad8fd853136b47d6212d9&i18n_country=DE&hts_id=1deacf04-a5d2-4444-9a71-e11e7d170fd7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.254.122.21 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
c0b418148076b3e8cfdae771ed19d95a5c31b73654e0b3b47d36557e8a649d84

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:31 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 19:46:07 GMT
etag
W/"6f013ad69-29bb-600dc485b1dc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1710111531
x-cdn-diag
fra1-11028-3-997106-h-0-0---;11037-32-3777320----0-0-0
expires
Sun, 10 Mar 2024 22:58:51 GMT
favicon.ico
mosaic2.jerkmate.com/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mosaic2.jerkmate.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.119.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-119-92.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fc4edeb43a372f097f3b008a0f213e6dbda694c76f4b38007dc07a8cc40c131

Request headers

Referer
https://mosaic2.jerkmate.com/?transaction_id=10225d13b0e3b881902f639a09a6a9:8699&aff_id=2779&source=&xid=s8-home-8699-jmlcom&landing_id=31833
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 01:22:17 GMT
via
1.1 e56e15c46c4ad370efdb5828e31ce690.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 20:57:48 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P2
age
67574
etag
"89eaaa24093700f7d53aa4e4563c774f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
content-length
4286
x-amz-cf-id
b0RKiVnCe8sFGX7T5JtiYf_hbotHsZ209CTojBLEk_SQP1T_IBqeiw==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S6XTBZ5V47&gtm=45je48j0v880543691z8811010754za200zb811010754&_p=1724270910532&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=848801106.1724270911&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724270910&sct=1&seg=0&dl=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D10225d13b0e3b881902f639a09a6a9%3A8699%26aff_id%3D2779%26source%3D%26xid%3Ds8-home-8699-jmlcom%26landing_id%3D31833&dr=https%3A%2F%2Fmoartraffic.engine.adglare.net%2F&dt=Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again&en=page_view&_fv=1&_nsi=1&_ss=1&up.transaction_id=&up.aff_id=&up.aff_sub=&up.aff_sub2=&up.aff_sub3=&up.aff_sub4=&up.aff_sub5=&up.offer_id=&up.url_id=&up.param_source=&tfd=2689
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6XTBZ5V47&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosaic2.jerkmate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-jsYst-Cd4uWwY.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-jsYst-Cd4uWwY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1dc87506c37ec064801b8854f90c49c41ceb92393b0384e4ef6d80751ae10e23

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 19:53:11 GMT
content-encoding
gzip
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
921
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:29:49 GMT
server
AmazonS3
etag
W/"b72059cf34592ef9e449769014eb91e6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
01jNoqhzVIL1NoEDK_PwoLsFnOWPXjGbkPNw6W9QmbbUROfOiDPXkg==
mosaic2.jerkmate.com.json
script.crazyegg.com/pages/data-scripts/0116/2536/site/ 		49 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0116/2536/site/mosaic2.jerkmate.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35e4dc6b6876e28ad5d3e3b669770726d91ec79029bd0b3b848c1d248cc86356

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7796
ce-version
11.5.268
alt-svc
h3=":443"; ma=86400
content-length
7324
last-modified
Wed, 21 Aug 2024 17:58:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b6d416a1bfb18e4-FRA
pixel;r=527285742;labels=title.Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again;source=gtm;rf=0;a=p-jsYst-Cd4uWwY;url=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D10225d13b0e3b881902...
pixel.quantserve.com/ 		35 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=527285742;labels=title.Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again;source=gtm;rf=0;a=p-jsYst-Cd4uWwY;url=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D10225d13b0e3b881902f639a09a6a9%3A8699%26aff_id%3D2779%26source%3D%26xid%3Ds8-home-8699-jmlcom%26landing_id%3D31833;ref=https%3A%2F%2Fmoartraffic.engine.adglare.net%2F;uht=2;fpan=1;fpa=P0-451308133-1724270910973;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;d=jerkmate.com;dst=1;et=1724270911115;tzo=-120;ogl=site_name.jerkmate%252Ecom%2Ctitle.Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again%2Cdescription.Watch%20Live%20Sex%20Cams%20with%20Hot%20Cam%20Girls%20for%20FREE%252E%20Sex%20chat%20with%20horny%20girls%252C%20guys%2Curl.https%3A%2F%2Fmosaic2%252Ejerkmate%252Ecom%2F%2Ctype.website;ses=61026989-cbff-4cd1-a5ab-e144b9daf927;mdl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:31 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["JbUQpNgloN2xi9gRRBqaUw=="],"pcode":["p-jsYst-Cd4uWwY"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
96145c791046eb41431501e7beb39931.js
script.crazyegg.com/pages/versioned/common-scripts/ 		103 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/96145c791046eb41431501e7beb39931.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a67d7e2d8ff5ab0581883c728d4e727ba80c7781ec0684960a65d215bcc4fa12

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 18 Aug 2024 19:53:26 GMT
server
cloudflare
age
203922
cf-polished
origSize=105075
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8b6d416aa9d79b82-FRA
alt-svc
h3=":443"; ma=86400
rt
ads.trafficjunky.net/ 		43 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trafficjunky.net/rt?action=list&type=add&id=0&context=www.jerkmate.com&cookiename=Jerkmate-Slut2&maxcookiecount=525600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.154 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Aug 2024 20:08:31 GMT
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET,POST
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
expires
Sun, 22 Jan 1984 03:00:00 GMT
mosaic2.jerkmate.com.json
script.crazyegg.com/pages/data-scripts/0116/2536/sampling/ 		158 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0116/2536/sampling/mosaic2.jerkmate.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/96145c791046eb41431501e7beb39931.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee2e4b7dc4bce01303baeb66fe8fc401228473c27deb4185f3303fbb419f95f7

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
age
7796
ce-version
11.5.268
alt-svc
h3=":443"; ma=86400
content-length
148
last-modified
Wed, 21 Aug 2024 17:58:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b6d416b6de718e4-FRA
clock
tracking.crazyegg.com/ 		41 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1&tk=94b71200664d396eb90ae28f0530c015&u=1162536&s=415170&p=%2F&v=d91d41d74f548beb619338f106ee5b76ed68d65f&f=mosaic2.jerkmate.com&ul=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D10225d13b0e3b881902f639a09a6a9%3A8699%26aff_id%3D2779%26source%3D%26xid%3Ds8-home-8699-jmlcom%26landing_id%3D31833
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/96145c791046eb41431501e7beb39931.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.78.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-78-54.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
1b2ada2435a62565a4288f7a9f67c8b57805db3f8584ebf6389e50c93795e051

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 21 Aug 2024 20:08:31 GMT
cache-control
no-store
server
awselb/2.0
content-length
41
content-type
text/plain
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/96145c791046eb41431501e7beb39931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 01:43:28 GMT
via
1.1 343f10c14a24beceec4fd2e9df6f9a50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
29096704
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
zwi-E4B6at54_-ejn4SqzQmh0iLEV9z9cNejt6VvSUtONRopG33jMg==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/96145c791046eb41431501e7beb39931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-57.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 01:23:29 GMT
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
21235503
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
z-MTEkg0uuWopuX0j9SXl7wh9tq5p9EH748CWJIchwNIJ9ya-DZIUw==
5634d504-cc02-4c44-a4c1-0f653ce72f79
https://mosaic2.jerkmate.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mosaic2.jerkmate.com/5634d504-cc02-4c44-a4c1-0f653ce72f79
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
ca6be1649b2c6bd5aa79ebaa229fa676.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ca6be1649b2c6bd5aa79ebaa229fa676.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 19 Aug 2024 11:15:11 GMT
server
cloudflare
age
203982
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8b6d416d7e009b82-FRA
alt-svc
h3=":443"; ma=86400
182bea86-c771-479c-b17d-56f0669bd880
https://mosaic2.jerkmate.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mosaic2.jerkmate.com/182bea86-c771-479c-b17d-56f0669bd880
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
354cf7cfcc31ff6fc05cfcd1b3ccbcb9f7ef029796b8e56f77633e68b98a2b07

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
123a72ec37098891113503673272e40c.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/123a72ec37098891113503673272e40c.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb43fde05516bff1e19b67dfa0da1ce7faac7dd565ae1570c223537501e84ea4

Request headers

Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 20:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sun, 18 Aug 2024 19:53:32 GMT
server
cloudflare
age
203922
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
timing-allow-origin
*
cf-ray
8b6d416dbe5c9b82-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3VNV02QTN6&gtm=45je48j0v9125706636za200&_p=1724270906604&_gaz=1&gcd=13l3lPl2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=280892851.1724270906&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftours.specia1.com%2Ft%2F2485%2F%3Ft%3D53913%26aid%3D144866%26sid%3D202740_627_61_%26opt%3D5365509f582c318506%26xk%3Da0a190903a3f04a2ade229d963666439%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.moartraffic.com%252Fgo.php%253Ft%253D53913%2526aid%253D144866%2526click_id%253D1dab3f8e513742f6ad8fd853136b47d6212d9%2526sid%253D202740_627_61_%2526hts_id%253D1deacf04-a5d2-4444-9a71-e11e7d170fd7%26click_id%3D1dab3f8e513742f6ad8fd853136b47d6212d9%26i18n_country%3DDE%26hts_id%3D1deacf04-a5d2-4444-9a71-e11e7d170fd7&dt=ChickTok&ci=Tour%3A%2053913&sid=1724270907&sct=1&seg=0&en=Current%20step%3A%2001&_fv=1&_ss=1&_ee=1&ep.event_category=Tour%3A%2053913&ep.event_label=Total%20steps%3A%203&tfd=6546
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3VNV02QTN6&cid=280892851.1724270906&gtm=45je48j0v9125706636za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l2l1&npa=0&frm=0&tag_exp=0
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3VNV02QTN6&cid=280892851.1724270906&gtm=45je48j0v9125706636za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l2l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=907844637

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| submitForm function| submitEmail object| sessionWidget function| sessionWidgetLoadedCorrectly function| sessionWidgetNotLoadedCorrectly object| google_tag_manager object| google_tag_data string| _conv_customer_id string| _conv_custom_v1 string| _conv_custom_v2 object| _qevents object| _mpevt object| gaGlobal function| quantserve function| __qc object| ezt object| convert boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL function| mpAnalytics function| EtappTracker object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API

54 Cookies

Domain/Path Name / Value
.mltrck.com/ Name: gdm_uid_v2_1_001
Value: xxlzAPWGV556Vjxyv0URUOIpQAunXqQSpBMny+I3z5mqyiffHuF/gvByFpFZ9aM+
.mltrck.com/ Name: gdm_sid_v1_3_001
Value: 7QV1GZH+LphUBgl5CHbJIT6cq6/8I8A2F/HISHHgqZt3Z4wkDJbvb2ciSljzSDvG2GHeZn8h7FNtXO3PcjG2L6RTxyq84fAyjsuC9A+43UtEXB4xaOkqM+d7uf8xvIZALi58BbyWTdal0iPD+ua7JjTTuoJfaRg9OfqtleqsCZCYTlFy7oN8Wro0e0Y0arBqza8CB0PSeR+4pUURYCacQIrp1zxSXB+bRw0+UCI2L2axIXAghJ/bSAnIUOrJ5xNKcOByDauw9/Y/i9EHA1r78inSueeSNDv0qLSFa1zYkeBDtPSk9Mc5rhlpY7fdoDLv9lq+9Ib6D+qSix20MiuNtl+hIJmengju92lcwFkFDni0Pqu6p9ydTx6sR23TTPnlqW9NV5uo/T2oBgeGZxBdU80H2BKDX69+M5dkpPiBfjCVzWuMcZ1tlMlnTpCGGSuo3U+OcCtAaF0GswGK9P4bdX97VGWPNx/yQNDIixzxKJO5jq2EbMHU7Gu3NldvQoUmTQePfBzUAUyiwYTh8ZnqowMcVTVJyoqVFwO53/D79B2xbCjQB7SXOdSb5E7/aOxK6rj3UbdIJyc2zkJ0UKRFD2ol1KtKFNXYbmPEYVkAQpbOqM7RfyBjrHnKmO3uzUptXDiw39vqaTMfbcdT8dX3tEuCnyu83d3IhlwKYKkjzeXPj+ewgVQCpiOqQR8Qs7dgs0CV83gaQlLhKIEA7MsBTWTtWM7RqvSfrE8s3n3dMs3qETEU6KC+wj0FLRzF0Dax0XRUg2Q9hObFfptJw+IMgBVL+HO5JeOw3Oq55AK3CvezPeDcO8gWovDgmClMC66Ah4UKeNJUG+2x8PJ1z51mm8yFEPDoLq5Y+TU3ljHpDFGJH5aVx0yprR4kSGYa1GW0aycIvyuOKxiLYBbR3E2fbZE+aGdUOlAzvp8kzJjIaQJyF5YGvfsv8JA6YEsykyBXkY2cPqE7i1H2sTbYqu0oeP+NJlMVOWCDMUGxcfRsUG+aaCYvKlKIIgCDNU1a2jAS7oEQPDoOVk1yLC1LSevyKS0pWfv5kO70yLMF9ymu+ixVPsrt2tRW1V58WZhVXdWC1TyhK/194hKR8T+4SF1Sv/kPCnuyLQg32VYrIIo4Fpyr3zrkLJxd3LhEadTnLZ+w
.mltrck.com/ Name: sm_click_freq_v2_1_001
Value: Mmkf6eymaZbCR958vKUlkpw2dm/mpWWjVG5Rb5rNzb2EYlkThXbe1ov/vf6Z/7uI
.mltrck.com/ Name: c_rule_freq_v1_1_001
Value: jdREvuNkqNECoXs04dlW65ly7VWJfyvoYJgWa+UarTuQ3Cx9rYUVqu48fejlKfzQ
.mltrck.com/ Name: gdm_click_adv_freq_v1_1_001
Value: KHjGBPPYt5X2vk0cnipoVhOUj0kF8QMHiBL8UQBfy4G7hdWg56QgGgyHhwgGmwY9
.mltrck.com/ Name: c_rule_freq_v2_1_001
Value: jdREvuNkqNECoXs04dlW65ly7VWJfyvoYJgWa+UarTuQ3Cx9rYUVqu48fejlKfzQ
.mltrck.com/ Name: gdm_sid_v2_3_001
Value: 7QV1GZH+LphUBgl5CHbJIT6cq6/8I8A2F/HISHHgqZt3Z4wkDJbvb2ciSljzSDvG2GHeZn8h7FNtXO3PcjG2L6RTxyq84fAyjsuC9A+43UtEXB4xaOkqM+d7uf8xvIZALi58BbyWTdal0iPD+ua7JjTTuoJfaRg9OfqtleqsCZCYTlFy7oN8Wro0e0Y0arBqza8CB0PSeR+4pUURYCacQIrp1zxSXB+bRw0+UCI2L2axIXAghJ/bSAnIUOrJ5xNKcOByDauw9/Y/i9EHA1r78inSueeSNDv0qLSFa1zYkeBDtPSk9Mc5rhlpY7fdoDLv9lq+9Ib6D+qSix20MiuNtl+hIJmengju92lcwFkFDni0Pqu6p9ydTx6sR23TTPnlqW9NV5uo/T2oBgeGZxBdU80H2BKDX69+M5dkpPiBfjCVzWuMcZ1tlMlnTpCGGSuo3U+OcCtAaF0GswGK9P4bdX97VGWPNx/yQNDIixzxKJO5jq2EbMHU7Gu3NldvQoUmTQePfBzUAUyiwYTh8ZnqowMcVTVJyoqVFwO53/D79B2xbCjQB7SXOdSb5E7/aOxK6rj3UbdIJyc2zkJ0UKRFD2ol1KtKFNXYbmPEYVkAQpbOqM7RfyBjrHnKmO3uzUptXDiw39vqaTMfbcdT8dX3tEuCnyu83d3IhlwKYKkjzeXPj+ewgVQCpiOqQR8Qs7dgs0CV83gaQlLhKIEA7MsBTWTtWM7RqvSfrE8s3n3dMs3qETEU6KC+wj0FLRzF0Dax0XRUg2Q9hObFfptJw+IMgBVL+HO5JeOw3Oq55AK3CvezPeDcO8gWovDgmClMC66Ah4UKeNJUG+2x8PJ1z51mm8yFEPDoLq5Y+TU3ljHpDFGJH5aVx0yprR4kSGYa1GW0aycIvyuOKxiLYBbR3E2fbZE+aGdUOlAzvp8kzJjIaQJyF5YGvfsv8JA6YEsykyBXkY2cPqE7i1H2sTbYqu0oeP+NJlMVOWCDMUGxcfRsUG+aaCYvKlKIIgCDNU1a2jAS7oEQPDoOVk1yLC1LSevyKS0pWfv5kO70yLMF9ymu+ixVPsrt2tRW1V58WZhVXdWC1TyhK/194hKR8T+4SF1Sv/kPCnuyLQg32VYrIIo4Fpyr3zrkLJxd3LhEadTnLZ+w
.mltrck.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.mltrck.com/ Name: gdm_uid_v1_1_001
Value: xxlzAPWGV556Vjxyv0URUOIpQAunXqQSpBMny+I3z5mqyiffHuF/gvByFpFZ9aM+
.mltrck.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.mltrck.com/ Name: gdm_click_adv_freq_v2_1_001
Value: KHjGBPPYt5X2vk0cnipoVhOUj0kF8QMHiBL8UQBfy4G7hdWg56QgGgyHhwgGmwY9
.mltrck.com/ Name: sm_click_freq_v1_1_001
Value: Mmkf6eymaZbCR958vKUlkpw2dm/mpWWjVG5Rb5rNzb2EYlkThXbe1ov/vf6Z/7uI
.moartraffic.com/ Name: bd_ovtu
Value: 1
.moartraffic.com/ Name: bdvisit
Value: 144866
.moartraffic.com/ Name: xk
Value: a0a190903a3f04a2ade229d963666439
.specia1.com/ Name: tour
Value: 53913
.specia1.com/ Name: affsubid
Value: 144866-202740_627_61_
.specia1.com/ Name: reff
Value:
.specia1.com/ Name: upgrade_tour
Value: 53913
.tours.specia1.com/ Name: opticksid
Value: 40924fc8990e85a966c64939d21b1dd3725c314a
.specia1.com/ Name: _ga
Value: GA1.2.280892851.1724270906
.specia1.com/ Name: _gid
Value: GA1.2.1069248892.1724270906
.specia1.com/ Name: _gat
Value: 1
.izooto.com/ Name: IZCID
Value: 035572ab-3adc-4a9f-a47f-b278a30a85cb
.tours.specia1.com/ Name: geoip
Value: %7B%22country_code%22%3A%22DE%22%2C%22country_name%22%3A%22Germany%22%2C%22region%22%3A%22Thuringen%22%2C%22city%22%3A%22Erfurt%22%2C%22latitude%22%3A50.9789428711%2C%22longitude%22%3A11.0325613022%2C%22zipcode%22%3A%2299084%22%2C%22isp_name%22%3A%22Keyweb%20AG%22%2C%22mobile_brand%22%3A%22%22%7D
.specia1.com/ Name: guid
Value: 8B4C284B-6B7B-4D59-89E8-4B8EF8C78E76
.specia1.com/ Name: affiliate_144866_is_terminated
Value: 0
.specia1.com/ Name: custom_tracking
Value: %5B%22address%22%2C%22ad_type%22%2C%22app_id%22%2C%22app_name%22%2C%22auth_token%22%2C%22a_aid%22%2C%22a_bid%22%2C%22banner%22%2C%22banner_id%22%2C%22banner_size%22%2C%22bn%22%2C%22c%22%2C%22cid%22%2C%22city%22%2C%22clickid%22%2C%22click_id%22%2C%22click_url%22%2C%22cmp_bo%22%2C%22cmp_member_id%22%2C%22consent%22%2C%22dx%22%2C%22email%22%2C%22exotracker%22%2C%22f%22%2C%22fbclid%22%2C%22fbid%22%2C%22first_name%22%2C%22gclid%22%2C%22gdpr%22%2C%22h%22%2C%22hts_id%22%2C%22hx%22%2C%22keyword%22%2C%22landerid%22%2C%22lander_id%22%2C%22last_name%22%2C%22misc_tour_info%22%2C%22niche%22%2C%22np%22%2C%22offer%22%2C%22origin%22%2C%22phone_number%22%2C%22placement%22%2C%22product%22%2C%22product_id%22%2C%22profile_visited%22%2C%22publisher%22%2C%22rcid%22%2C%22referer%22%2C%22reqid%22%2C%22rgc%22%2C%22rgh%22%2C%22rgm%22%2C%22schedule%22%2C%22sdaf%22%2C%22sdfsadf%22%2C%22session_initiated_by%22%2C%22sl%22%2C%22smoochy_user_id%22%2C%22snapchat_username%22%2C%22source%22%2C%22state%22%2C%22street%22%2C%22sv_cheating_mon%22%2C%22template%22%2C%22thumb_id%22%2C%22tracker_id%22%2C%22upgrade_uuid%22%2C%22upg_reason%22%2C%22userage%22%2C%22useremail%22%2C%22userzip%22%2C%22user_id%22%2C%22wellhello_profile_id%22%2C%22wellhello_upgrade_tour%22%2C%22xk%22%2C%22zip%22%5D
.specia1.com/ Name: prop_bn
Value: 38
.specia1.com/ Name: prop_click_id
Value: 1dab3f8e513742f6ad8fd853136b47d6212d9
.specia1.com/ Name: prop_hts_id
Value: 1deacf04-a5d2-4444-9a71-e11e7d170fd7
.specia1.com/ Name: prop_xk
Value: a0a190903a3f04a2ade229d963666439
.specia1.com/ Name: _ga_3VNV02QTN6
Value: GS1.2.1724270907.1.1.1724270907.60.0.0
.moartraffic.com/ Name: bdreff
Value: https%3A%2F%2Fmoartraffic.engine.adglare.net%2F
.moartraffic.com/ Name: tour
Value: 55036
.moartraffic.com/ Name: affsubid
Value: 144866-202740_627_61__BIDCreative%253A%2B240429687
.moartraffic.com/ Name: bdcounter
Value: 3
t.ajump1.com/ Name: enc_aff_session_8865
Value: ENC038189eb08b0774d7acaa3647bba3815d7ca1db9a636352189d9c49c167dce3939ab79cb4cb4ad7ba77a3157f5150031436caf079f90abcb7f1c3b6680c60163e4c9bd97f0421c906ccaf264c6af6b6a1746773791c242f5d434c3f2f7d0ca53cc373bd29eec2059bd0af610f89e8edfb594a8ab859bf585534dffe993d67f2cb0f3464c05904919f8dca25b31b875b0420af7af038289da1ed84139b4e2666ce0f4a88872f1b6c0f3a9e0a203b4eb0d63e0eaa1d7b2cf2eee9c202e8b86111052001abd53
t.ajump1.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjciLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
t.ajrkm3.com/ Name: aff_ran_url_8699
Value: 31833
t.ajrkm3.com/ Name: enc_aff_session_8699
Value: ENC0379a1176e70aa2a601e4f23cadc45a9f20b844e31edc99de971394641e0381acd365c7f683993c502e10714b0df868b0f5b05c7be7de6e700325e27baebeb16118ff3115d8ec0b62e1c9441b7ef0fafc24473e1161084d20f0df6ead880ad2354ba0f49fca4cdf8b502abf9705ea7140ca1eb5a6be44d4e5966a1ddc9215efa0a5ef6fd238a5fd5440dfde812410f884c20f7953a25fa7466c19b4de0f4ec0da6ce70e491a0d56021f3a518dd275ddc6aba49f24f8e7b90b807573677fe1b73d603a9b4d0
t.ajrkm3.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjciLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0%3D
.jerkmate.com/ Name: _gcl_au
Value: 1.1.1222310865.1724270911
.jerkmate.com/ Name: _ga_S6XTBZ5V47
Value: GS1.1.1724270910.1.0.1724270910.0.0.0
.jerkmate.com/ Name: _ga
Value: GA1.1.848801106.1724270911
.quantserve.com/ Name: mc
Value: 66c6493f-1f68c-de279-61332
.jerkmate.com/ Name: __qca
Value: P0-451308133-1724270910973
.jerkmate.com/ Name: mp_u
Value: 1482384203.3277982926.1724270911.1724270911.1724270911.1724270911.1
.jerkmate.com/ Name: _ce.irv
Value: new
.jerkmate.com/ Name: cebs
Value: 1
.jerkmate.com/ Name: _ce.clock_event
Value: 1
.jerkmate.com/ Name: _ce.clock_data
Value: 47%2C217.114.215.133%2C1%2C3d96f8e03a42123e5523adf5c57607ad%2CChrome%2CDE
.jerkmate.com/ Name: cebsp_
Value: 1
.jerkmate.com/ Name: _ce.s
Value: v~d91d41d74f548beb619338f106ee5b76ed68d65f~lcw~1724270911591~lva~1724270911331~vpv~0~v11.cs~415170~v11.s~2352f770-5ff9-11ef-bf96-bbaf18d664a5~lcw~1724270911592

1 Console Messages

Source Level URL
Text
network error URL: https://moartraffic.engine.adglare.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.trafficjunky.net
assets-tracking.crazyegg.com
cdn-4.convertexperiments.com
cdn.izooto.com
fonts.googleapis.com
gateway.jerkmate.com
go.moartraffic.com
moartraffic.engine.adglare.net
mosaic2.jerkmate.com
p.typekit.net
pagestates-tracking.crazyegg.com
pixel.quantserve.com
region1.analytics.google.com
region1.google-analytics.com
rules.quantcount.com
runsafeads.com
script.crazyegg.com
secure.authbill.com
secure.quantserve.com
static.trafficjunky.com
stats.g.doubleclick.net
t.ajrkm3.com
t.ajump1.com
touchhh.com
tours.specia1.com
track.mltrck.com
tracking.crazyegg.com
use.typekit.net
utl-1.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
13.224.189.106
13.227.219.128
13.227.219.67
13.35.198.118
13.35.58.27
18.239.36.80
18.65.64.31
18.66.122.57
2001:4860:4802:34::36
2600:9000:223c:9200:6:44e3:f8c0:93a1
2606:4700::6810:8041
2606:4700::6810:ff40
2606:4700::6813:9308
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:810::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a02:26f0:3500:16::215:1490
2a02:26f0:3500:16::215:1495
2a02:26f0:480:b9e::14a9
3.161.119.92
45.89.245.10
52.86.83.175
62.212.87.243
63.34.78.54
66.254.114.154
66.254.122.21
68.169.87.223
95.211.140.208
05e91960ef4e6ddd61670f1ba20a629f7e337451e26781592d16bf13aa62b344
11be45fab1542b2bc5bdc4193d75c60ef28b2e79e102f67fea1722522868c33c
183f134be7e0b0a1e4a06b9caf0745c3f53d419e1f6962bf2dbdb15552d8166f
1b2ada2435a62565a4288f7a9f67c8b57805db3f8584ebf6389e50c93795e051
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1dc87506c37ec064801b8854f90c49c41ceb92393b0384e4ef6d80751ae10e23
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2
27bfd892978a1454aeace298e543a317aefe9750e74faac177d85db1fe0968c8
296bbfa1948456235ba177e6134d088582166ed1f2d4295482da3fceb9e5250e
2c4574545ebce0422224ae0bb19bc3d218a5c34b72dcb4b56c641b5ac21e2c1f
2d56035b1871d7689d1a95dd4b9d38ab9ebf0bc2e0a0b59f474fe2f39816c690
354cf7cfcc31ff6fc05cfcd1b3ccbcb9f7ef029796b8e56f77633e68b98a2b07
35e4dc6b6876e28ad5d3e3b669770726d91ec79029bd0b3b848c1d248cc86356
3c20ee2af56bb668a50fc7e07b7c4e1fffb7881e82c92be3772080710e0106d8
3d10e25c5f6830687363a5505c30166afd3f1f3ee1cf79f0a45070bc3fab5747
4085560d671ee7d2553f5bc4b0343c23f49fd587b0591c000ecab3b399a6308d
42fdebedd65b242754eb1071edbd60075fa9478efa1729a4f146a2bb67c51d30
45ef13c44a036731f700e5d6351134334e3f436a4c9af3d577be419e51f412bb
547b25285152529ca4f1cf1866154c61f5d92fd3d090d7f976d741f6551e321a
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9
5862d973c1a4f0ec8e0370eb4a03197ce71b513e72b5e9921f3c3d7dea2a68c4
6003f930e7a6ff14bd5520a7324f5a4ffcecbd182aaff2e8ace7ec65d885aa45
6efee9ca3dd0b249814e53fab132821a3c1b5370fdb02c704947399485ec43b9
720c65cbe1bdca394f267cf306f21558ff6b34d1b55a70c63b919ac8096219fa
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
7701282ea59743a1d336ee5ede4e6805ca9572c28ad013fa956fb39f18de0d69
7e04c70d163f32af8c2af939cd801e19fa03418a10d941bfb0634c61c63422b1
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8fc4edeb43a372f097f3b008a0f213e6dbda694c76f4b38007dc07a8cc40c131
9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4dfdda1e263677d3ec7ad95fdfbb4548231bf2d262b433cf14b581cb622b1df
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4
a67d7e2d8ff5ab0581883c728d4e727ba80c7781ec0684960a65d215bcc4fa12
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3db5b321134954282781d3367d7914e8a8cf5285dc35427820ecd889df5ff5a
b6c07399c59df77dac20ea9f622cf185e42220d3f4aafe44ff579363c9359ab3
bbbbc23efb1174f835f76a06418ba2f3e169fbae763a377b150201e71aa00436
bd45c527dafdb7842ea5039626e680bc37dcd4ee86e2aecb8421b9799589672b
c0b418148076b3e8cfdae771ed19d95a5c31b73654e0b3b47d36557e8a649d84
c97bd2f243bb66d54288af597bc39a71e7d5fa3b359dd303fcba8dde80f7ccee
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
eb43fde05516bff1e19b67dfa0da1ce7faac7dd565ae1570c223537501e84ea4
ee2e4b7dc4bce01303baeb66fe8fc401228473c27deb4185f3303fbb419f95f7
ef6d883fdab0e39432f02cc1e84c5cd43565b8aa98e0daf751c1dc92d0949c14
f124e8b364ec618c14366fc65c712a813d684d991e7ee16673f24b1d6d4aec45
fc5e16fac006ede6734eeec64317886bef58e46cc7f4c7137e0bcc27164881dc