urlscan.io logo urlscan.io
SecurityTrails logo

tours.spec1a1.com Open in urlscan Pro
3.160.150.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.time4date.net/c/1c7da227ef4ea60e?&click_id=zxouc663e56de000c13cd&s1=138579&s2=&s3=&s5=&lp=MJ&j1=&j2=&j3=&j4=&j5=
Effective URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2...
Submission: On June 26 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 3.160.150.4, located in United States and belongs to AMAZON-02, US. The main domain is tours.spec1a1.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 20th 2023. Valid for: a year.
This is the only time tours.spec1a1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.19.101.114 16509 (AMAZON-02)
1 1 3.89.175.212 14618 (AMAZON-AES)
12 3.160.150.4 16509 (AMAZON-02)
2 99.86.4.68 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 68.169.87.223 30602 (ISPRIME)
1 13.32.121.9 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
28 7
1    52.19.101.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-101-114.eu-west-1.compute.amazonaws.com
www.time4date.net
1    3.89.175.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-175-212.compute-1.amazonaws.com
go.allison-bangs.com
12    3.160.150.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-4.fra60.r.cloudfront.net
tours.spec1a1.com
2    99.86.4.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-68.fra6.r.cloudfront.net
utl-1.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    68.169.87.223 (United States)

ASN30602 (ISPRIME, US)
secure.authbill.com
1    13.32.121.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-9.fra60.r.cloudfront.net
tours.wellhello.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
12 tours.spec1a1.com tours.spec1a1.com
utl-1.com
7 secure.authbill.com utl-1.com
3 www.google-analytics.com tours.spec1a1.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 utl-1.com tours.spec1a1.com
1 tours.wellhello.com utl-1.com
1 fonts.googleapis.com tours.spec1a1.com
1 go.allison-bangs.com 1 redirects
1 www.time4date.net 1 redirects
28 9

This site contains links to these domains. Also see Links.

Domain
wellhello.com
Subject Issuer Validity Valid
spec1a1.com
Amazon RSA 2048 M02		 2023-11-20 -
2024-12-17		 a year crt.sh
utl-1.com
Amazon RSA 2048 M03		 2024-03-25 -
2025-04-22		 a year crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
secure.authbill.com
R3		 2024-05-08 -
2024-08-06		 3 months crt.sh
tours.wellhello.com
Amazon RSA 2048 M03		 2024-06-09 -
2025-07-08		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Frame ID: 88D5AC2F2DAB05EE5A9E39085E39D3E6
Requests: 27 HTTP requests in this frame

Frame: https://tours.wellhello.com/common/html/check_external_autologin.html?receiver=https%3A%2F%2Ftours.spec1a1.com
Frame ID: 1F5AADAB6DFA6BECB6BEB7BE13AF4CB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ChickTok

Page URL History Show full URLs

  1. https://www.time4date.net/c/1c7da227ef4ea60e?&click_id=zxouc663e56de000c13cd&s1=138579&s2=&s3=&s5=&lp=... HTTP 302
    https://go.allison-bangs.com/go.php?t=56730&aid=142802&sid=138579&clickid=tszyk667b6ee600001819 HTTP 302
    https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

28
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

9
Subdomains

7
IPs

3
Countries

2910 kB
Transfer

2967 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.time4date.net/c/1c7da227ef4ea60e?&click_id=zxouc663e56de000c13cd&s1=138579&s2=&s3=&s5=&lp=MJ&j1=&j2=&j3=&j4=&j5= HTTP 302
    https://go.allison-bangs.com/go.php?t=56730&aid=142802&sid=138579&clickid=tszyk667b6ee600001819 HTTP 302
    https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tours.spec1a1.com/t/2790/
Redirect Chain
  • https://www.time4date.net/c/1c7da227ef4ea60e?&click_id=zxouc663e56de000c13cd&s1=138579&s2=&s3=&s5=&lp=MJ&j1=&j2=&j3=&j4=&j5=
  • https://go.allison-bangs.com/go.php?t=56730&aid=142802&sid=138579&clickid=tszyk667b6ee600001819
  • https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26...
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f610315903533f57f9e8d75369ba7f1e25c27f0d16d7dcc09f0a69eac9725357

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
191
content-encoding
gzip
content-type
text/html
date
Wed, 26 Jun 2024 01:26:55 GMT
etag
W/"07ae4de1a623a9e1292edc33f2018c08"
last-modified
Fri, 21 Jun 2024 13:05:45 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
x-amz-cf-id
dgP9dJVe_lC-97jU8Q68r0Dlu3gv9U1o9sWvFiO3In8HvqmppZDuKg==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront

Redirect headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 01:29:11 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
p3p
CP="NOI ADM DEV COM NAV OUR STP"
server
nginx
x-powered-by
PHP/8.1.19
x-robots-tag
otherbot: noindex, nofollow googlebot: noindex, nofollow
style.min.css
tours.spec1a1.com/t/2790/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2790/css/style.min.css
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be970ef394b911f350d83800f6a22568fdde3b5116e2438fe46eb1eab9f74b44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
content-encoding
gzip
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
190
etag
W/"99a88265fd864d5c5c4524319a00b237"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
ctGlHCHqq8NPoahyn-eZhOxt0Jp2ksfj4PQartk-31z_DAzAEU-2kw==
logo_white_2.png
tours.spec1a1.com/t/2790/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2790/images/logo_white_2.png
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
190
etag
"51a72799190ea5d7d429362387114a51"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
7990
x-amz-cf-id
kOxAXb5dLI1BDTIVzFSVZaI2fuT1HvowzGYENajaCcnJ9AhiJyk5Eg==
logo_black_2.png
tours.spec1a1.com/t/2790/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tours.spec1a1.com/t/2790/images/logo_black_2.png
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c20ee2af56bb668a50fc7e07b7c4e1fffb7881e82c92be3772080710e0106d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
190
etag
"1be9d2b7c1e68ae4caedc7b5a0c05cd6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
8048
x-amz-cf-id
pEP9uEbIcWspY9quPziGbmMoFadEYQGgdV0ee-UBAZA3L-7SnSwsyA==
utl.min.js
utl-1.com/1.8.3/ 		306 KB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.3/utl.min.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-68.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
296bbfa1948456235ba177e6134d088582166ed1f2d4295482da3fceb9e5250e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 09:22:19 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 12:19:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
3600413
etag
"4bfdc0d9c9c9e17400ba70444b2cec36"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
313267
x-amz-cf-id
xr_wqR3dngwh5uiDjNlpcx8XOo74UzlPVspmySKaA61xbJbc26UGSg==
mst2.min.js
utl-1.com/1.8.3/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utl-1.com/1.8.3/mst2.min.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-68.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 23:15:05 GMT
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified
Thu, 02 May 2024 12:19:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
3118447
etag
"3a2e1fe5f9de68d28807b0b5675235f4"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17794
x-amz-cf-id
JhZMHAqSbWKTXX5o5-7LqoTWwC4ZX6yQsHDHip_-9oBPEfWwxSmcxg==
footer_override.min.js
tours.spec1a1.com/t/common/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/footer_override.min.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45ef13c44a036731f700e5d6351134334e3f436a4c9af3d577be419e51f412bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:06:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
W/"bce527ef9e6ea886fffc7cee9fc69826"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
x-amz-cf-id
hO4r-77vsDSuQXdhAXVEDY_KLLudPaxQ7w4Bx_PJj3eHF6BzMbPuPg==
custom.js
tours.spec1a1.com/t/2790/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2790/custom.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36a6ea6145b02904adc0d959016df7ba92a1ad47b92f290067f4a79926693199

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
content-encoding
gzip
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
189
etag
W/"3115d9df4c94728fe0e2cc0742f8f533"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
JUueqdUyXc-XrObgtcUOtGaP1cVR0778dMZhdcCt4o7WtB69w3zr-Q==
emailPassing.js
tours.spec1a1.com/t/common/js/ 		836 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/emailPassing.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:06:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
190
etag
"f388e70b1a3dc48d7c22f6b014124468"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
836
x-amz-cf-id
gjmm5JS5kiXoal_z4EolVNm7WUzXS9Lj_iWhglDHEV6QWrH3EBvIRg==
backtoMA.js
tours.spec1a1.com/t/common/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/backtoMA.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
content-encoding
gzip
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:06:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
189
etag
W/"07e836e82e77e5a68bb45546e70cd524"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
bQICFSR2WoCqAH7bUIHkP8-f-i_vRIS7e3Gu7GFIiTF72qMvoVzuuQ==
izootoPush.js
tours.spec1a1.com/t/common/js/ 		750 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/common/js/izootoPush.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc4edba0b1b896cbdf6fae00ad4cccdf332aa0745b3d93a800a8340f3153002b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:26:55 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:06:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
190
etag
"1d9f4677686cb0013331499173a82c5a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
750
x-amz-cf-id
lnYvCe_4ZxLN7mDe_QPMJ4kC95zbv-vsTbXPxe6jV_cjg-erGWoY-w==
11224382.mp4
tours.spec1a1.com/t/2790/images/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/t/2790/images/11224382.mp4
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed6dc83572c1786dcdf1e300136c73c477b0b07ee2446c0df8aff0e4ee2184ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:29:12 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:05:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"83e1044366feef0bc2e3b6133e00d66d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2565510/2565511
x-amz-cf-id
tIHj4HSGaISqaqKQTzw_WIn5JBRMw6GtrHFw1Po8XwXvNMmBKYSpmg==
Content-Length
2565511
css2
fonts.googleapis.com/ 		3 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/css/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Jun 2024 01:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 00:44:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jun 2024 01:29:11 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://tours.spec1a1.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:44:32 GMT
x-content-type-options
nosniff
age
9879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 22:44:32 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://tours.spec1a1.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 15:10:06 GMT
x-content-type-options
nosniff
age
37145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 15:10:06 GMT
ga.js
tours.spec1a1.com/assets/spec1a1/ 		394 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/assets/spec1a1/ga.js?_=1719365351955
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e1d3a7c6f025806bcccb38da2d8600cb1ac63fb0af16bf868ae7f8b07ab305f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:27:02 GMT
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:04:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
185
etag
"dc39a35a00ad72a34bb4f5e3e6d35b38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
content-length
394
x-amz-cf-id
Z25B_UZPjap31IFBCMUJcjQXoKnBRxqpR6Kcgq3c71uCg7x6_SyaQA==
api.php
secure.authbill.com/tour/ 		36 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
e2dc235e76c7f8fd1d413e0ddda8aa88bb75708729abfe966cb43af9ebfe22de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
56
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		804 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
a1e3faf2c39efe278d1fbf640b833680842d2d71f275cd5ddda345793badf629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
385
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
78f9153b97d7ffc7cb808144a600ace9cbe92a0208cbf348d55280c40db65d70
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
4820
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		1 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
21
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		266 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
bec67b67f469999d4f8a973879fb65135d2b003f60969982334ee5dd930b39ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
214
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		266 B
795 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
bec67b67f469999d4f8a973879fb65135d2b003f60969982334ee5dd930b39ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
214
expires
Thu, 19 Nov 1981 08:52:00 GMT
api.php
secure.authbill.com/tour/ 		0
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.authbill.com/tour/api.php
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.169.87.223 , United States, ASN30602 (ISPRIME, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json, text/plain, */*
Referer
https://tours.spec1a1.com/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-headers
X-Requested-With, content-type
content-length
20
expires
Thu, 19 Nov 1981 08:52:00 GMT
check_external_autologin.html
tours.wellhello.com/common/html/ Frame 1F5A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tours.wellhello.com/common/html/check_external_autologin.html?receiver=https%3A%2F%2Ftours.spec1a1.com
Requested by
Host: utl-1.com
URL: https://utl-1.com/1.8.3/utl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-9.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://tours.spec1a1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
17
content-length
756
content-type
text/html
date
Wed, 26 Jun 2024 01:28:56 GMT
etag
"dd50762f19926d6c4bbd2b10d5d78216"
last-modified
Fri, 19 Jan 2024 16:13:11 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-id
SH2uIWDhIznUy5Te7oQKK-pG1nbjSZlVw2rRMX6XOAiqEsLXx17_dw==
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Jun 2024 00:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3605
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 26 Jun 2024 02:29:07 GMT
collect
www.google-analytics.com/j/ 		3 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=538286523&t=event&_s=1&dl=https%3A%2F%2Ftours.spec1a1.com%2Ft%2F2790%2F%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26xk%3Df0d1e0a05a7793a2fd6df97a6e67d6ee%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.allison-bangs.com%252Fgo.php%253Ft%253D56730%2526aid%253D142802%2526sid%253D138579%2526clickid%253Dtszyk667b6ee600001819%2526hts_id%253Ddf485b9b-78df-4334-8a02-355da6d8ea95%26clickid%3Dtszyk667b6ee600001819%26i18n_country%3DGB%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&ul=en-gb&de=UTF-8&dt=ChickTok&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2056730&ec=Tour%3A%2056730&ea=Current%20step%3A%2001&el=Total%20steps%3A%204&_u=YEBAAEABAAAAACAAI~&jid=303616873&gjid=2113200287&cid=1976852086.1719365352&tid=UA-148167200-2%E2%80%99&_gid=141884956.1719365352&_r=1&_slc=1&z=1997848938
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tours.spec1a1.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 01:29:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tours.spec1a1.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=538286523&t=pageview&_s=2&dl=https%3A%2F%2Ftours.spec1a1.com%2Ft%2F2790%2F%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26xk%3Df0d1e0a05a7793a2fd6df97a6e67d6ee%26bn%3D38%26gu%3Dhttps%253A%252F%252Fgo.allison-bangs.com%252Fgo.php%253Ft%253D56730%2526aid%253D142802%2526sid%253D138579%2526clickid%253Dtszyk667b6ee600001819%2526hts_id%253Ddf485b9b-78df-4334-8a02-355da6d8ea95%26clickid%3Dtszyk667b6ee600001819%26i18n_country%3DGB%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&ul=en-gb&de=UTF-8&dt=ChickTok&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ci=Tour%3A%2056730&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=1976852086.1719365352&tid=UA-148167200-2%E2%80%99&_gid=141884956.1719365352&z=576173181
Requested by
Host: tours.spec1a1.com
URL: https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 15:15:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36827
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
tours.spec1a1.com/ 		135 B
528 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tours.spec1a1.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee7d7d2b00daf807d887344419f4d4c03bd65008dc92486385250dca3a3cd42e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tours.spec1a1.com/t/2790/?t=56730&aid=142802&sid=138579&xk=f0d1e0a05a7793a2fd6df97a6e67d6ee&bn=38&gu=https%3A%2F%2Fgo.allison-bangs.com%2Fgo.php%3Ft%3D56730%26aid%3D142802%26sid%3D138579%26clickid%3Dtszyk667b6ee600001819%26hts_id%3Ddf485b9b-78df-4334-8a02-355da6d8ea95&clickid=tszyk667b6ee600001819&i18n_country=GB&hts_id=df485b9b-78df-4334-8a02-355da6d8ea95
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 01:29:11 GMT
x-amz-error-code
NoSuchKey
via
1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jun 2024 13:04:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"099932ca2bd11bb7199b743d53f85aac"
x-amz-error-detail-key
favicon.ico
x-amz-error-message
The specified key does not exist.
content-type
text/html
x-cache
Error from cloudfront
content-length
135
x-amz-cf-id
2qaHgBxvxShr7BHje18rMrIphNNJ3KgzOLJgl_3j1xF1cXYtdQTKHw==

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| utl function| isTestUser object| QueryString function| $ function| jQuery object| angular object| timeouts boolean| did_show_results function| init function| animateStep function| showResults function| resetResults function| handleErrors function| handleSuccess function| animateUpgrade function| loaderResults function| hideKeyboard function| getProductFromUrlOrDefault function| handleBackToMA function| getCookie function| forwardToMemberArea function| ga object| _loq object| _izq string| GoogleAnalyticsObject object| google_tag_data object| gaplugins object| gaGlobal object| gaData

27 Cookies

Domain/Path Name / Value
www.time4date.net/ Name: unique_id
Value: 667b6ee6000d5b0a
www.time4date.net/ Name: unique_id2
Value: 667b6ee6000e6ac7
www.time4date.net/ Name: 667b6ee6000e6ac7_c
Value: 1
www.time4date.net/ Name: ref_token
Value: 138579
www.time4date.net/ Name: tid
Value: tszyk667b6ee600001819
.allison-bangs.com/ Name: bd_ovtu
Value: 1
.allison-bangs.com/ Name: bdreff
Value: NONE
.allison-bangs.com/ Name: tour
Value: 56730
.allison-bangs.com/ Name: affsubid
Value: 142802-138579
.allison-bangs.com/ Name: bdvisit
Value: 142802
.allison-bangs.com/ Name: bdcounter
Value: 1
.allison-bangs.com/ Name: xk
Value: f0d1e0a05a7793a2fd6df97a6e67d6ee
.spec1a1.com/ Name: tour
Value: 56730
.spec1a1.com/ Name: affsubid
Value: 142802-138579
.spec1a1.com/ Name: reff
Value:
.spec1a1.com/ Name: upgrade_tour
Value: 56730
.spec1a1.com/ Name: _ga
Value: GA1.2.1976852086.1719365352
.spec1a1.com/ Name: _gid
Value: GA1.2.141884956.1719365352
.spec1a1.com/ Name: _gat
Value: 1
.spec1a1.com/ Name: guid
Value: DC2FF9F2-D41D-469B-901C-2B40761A18F3
.spec1a1.com/ Name: affiliate_142802_is_terminated
Value: 0
.tours.spec1a1.com/ Name: geoip
Value: %7B%22country_code%22%3A%22GB%22%2C%22country_name%22%3A%22United%20Kingdom%20of%20Great%20Britain%20and%20Northern%20Ireland%22%2C%22region%22%3A%22England%22%2C%22city%22%3A%22Manchester%22%2C%22latitude%22%3A53.4809494019%2C%22longitude%22%3A-2.23743009567%2C%22zipcode%22%3A%22M1%22%2C%22isp_name%22%3A%22Venus%20Business%20Communications%20Limited%22%2C%22mobile_brand%22%3A%22%22%7D
.spec1a1.com/ Name: custom_tracking
Value: %5B%22address%22%2C%22ad_type%22%2C%22app_id%22%2C%22app_name%22%2C%22auth_token%22%2C%22a_aid%22%2C%22a_bid%22%2C%22banner%22%2C%22banner_id%22%2C%22banner_size%22%2C%22bn%22%2C%22c%22%2C%22cid%22%2C%22city%22%2C%22clickid%22%2C%22click_id%22%2C%22click_url%22%2C%22cmp_bo%22%2C%22cmp_member_id%22%2C%22consent%22%2C%22dx%22%2C%22email%22%2C%22exotracker%22%2C%22f%22%2C%22fbclid%22%2C%22fbid%22%2C%22first_name%22%2C%22gclid%22%2C%22gdpr%22%2C%22h%22%2C%22hts_id%22%2C%22hx%22%2C%22keyword%22%2C%22landerid%22%2C%22lander_id%22%2C%22last_name%22%2C%22misc_tour_info%22%2C%22niche%22%2C%22np%22%2C%22offer%22%2C%22origin%22%2C%22phone_number%22%2C%22placement%22%2C%22product%22%2C%22product_id%22%2C%22profile_visited%22%2C%22publisher%22%2C%22rcid%22%2C%22referer%22%2C%22reqid%22%2C%22rgc%22%2C%22rgh%22%2C%22rgm%22%2C%22schedule%22%2C%22sdaf%22%2C%22sdfsadf%22%2C%22session_initiated_by%22%2C%22sl%22%2C%22smoochy_user_id%22%2C%22snapchat_username%22%2C%22source%22%2C%22state%22%2C%22street%22%2C%22sv_cheating_mon%22%2C%22template%22%2C%22thumb_id%22%2C%22tracker_id%22%2C%22upgrade_uuid%22%2C%22upg_reason%22%2C%22userage%22%2C%22useremail%22%2C%22userzip%22%2C%22user_id%22%2C%22wellhello_profile_id%22%2C%22wellhello_upgrade_tour%22%2C%22xk%22%2C%22zip%22%5D
.spec1a1.com/ Name: prop_bn
Value: 38
.spec1a1.com/ Name: prop_clickid
Value: tszyk667b6ee600001819
.spec1a1.com/ Name: prop_hts_id
Value: df485b9b-78df-4334-8a02-355da6d8ea95
.spec1a1.com/ Name: prop_xk
Value: f0d1e0a05a7793a2fd6df97a6e67d6ee

1 Console Messages

Source Level URL
Text
network error URL: https://tours.spec1a1.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
go.allison-bangs.com
secure.authbill.com
tours.spec1a1.com
tours.wellhello.com
utl-1.com
www.google-analytics.com
www.time4date.net
13.32.121.9
2a00:1450:4001:803::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
3.160.150.4
3.89.175.212
52.19.101.114
68.169.87.223
99.86.4.68
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
252d3a0ef9c3754cdf38a02570d1a84fa4d94d53ac2eaeeada2e141f9c11a2e2
296bbfa1948456235ba177e6134d088582166ed1f2d4295482da3fceb9e5250e
2acd99e5f913a403cc1d99fedad728e0d4baac2ca60c6d0ebac87b51fffd3228
36a6ea6145b02904adc0d959016df7ba92a1ad47b92f290067f4a79926693199
3c20ee2af56bb668a50fc7e07b7c4e1fffb7881e82c92be3772080710e0106d8
45ef13c44a036731f700e5d6351134334e3f436a4c9af3d577be419e51f412bb
57fc4ca2e6dc7a8680bbe7f32f9073f2c65d4f211f98a8b4abb1f4ff79f924f9
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
78f9153b97d7ffc7cb808144a600ace9cbe92a0208cbf348d55280c40db65d70
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9e1d3a7c6f025806bcccb38da2d8600cb1ac63fb0af16bf868ae7f8b07ab305f
a1e3faf2c39efe278d1fbf640b833680842d2d71f275cd5ddda345793badf629
a5aa807c88ddd7ac3a7a9ff96682ec475c5e42027b02172ff68359e4bb0848a4
be970ef394b911f350d83800f6a22568fdde3b5116e2438fe46eb1eab9f74b44
bec67b67f469999d4f8a973879fb65135d2b003f60969982334ee5dd930b39ae
cac3f18fa9a3ea3ba85391260a6a9f131568cab447cec6dd7e7106e07e96861c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2dc235e76c7f8fd1d413e0ddda8aa88bb75708729abfe966cb43af9ebfe22de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6dc83572c1786dcdf1e300136c73c477b0b07ee2446c0df8aff0e4ee2184ff
ee7d7d2b00daf807d887344419f4d4c03bd65008dc92486385250dca3a3cd42e
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f610315903533f57f9e8d75369ba7f1e25c27f0d16d7dcc09f0a69eac9725357
fc4edba0b1b896cbdf6fae00ad4cccdf332aa0745b3d93a800a8340f3153002b