www.101dian.com Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.101dian.com/
Effective URL:
https://www.101dian.com/
Submission: On July 18 via manual (July 18th 2023, 9:00:21 pm UTC) from US — Scanned from DE

Summary HTTP 194 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 24 domains to perform 194 HTTP transactions. The main IP is 2a00:1450:4001:806::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.101dian.com.
TLS certificate: Issued by GTS CA 1D4 on May 23rd 2023. Valid for: 3 months.

This is the only time www.101dian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:91a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700:303... 2606:4700:3035::6815:1471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2009	15169 (GOOGLE) (GOOGLE)
16	34.149.108.21 34.149.108.21	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
12	2600:9000:223... 2600:9000:223f:d600:1c:d826:cd80:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
19	2600:9000:261... 2600:9000:2611:f200:1b:29b:ed80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.76 13.32.99.76	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2 19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.1.15 178.250.1.15	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	34.111.170.216 34.111.170.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	2600:9000:223... 2600:9000:223d:e200:e:aa0e:eb00:93a1	16509 (AMAZON-02) (AMAZON-02)
194	36

5 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.101dian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:91a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dulichdau.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:1471 (United States)

ASN13335 (CLOUDFLARENET, US)

static.copyrighted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.149.108.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.108.149.34.bc.googleusercontent.com

affiliate.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:223f:d600:1c:d826:cd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:2611:f200:1b:29b:ed80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-76.fra60.r.cloudfront.net

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.15 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.170.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.170.111.34.bc.googleusercontent.com

log.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:223d:e200:e:aa0e:eb00:93a1 (United States)

ASN16509 (AMAZON-02, US)

res.klook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	klook.com affiliate.klook.com — Cisco Umbrella Rank: 124170 cdn.klook.com — Cisco Umbrella Rank: 107238 log.klook.com — Cisco Umbrella Rank: 75137 res.klook.com — Cisco Umbrella Rank: 62138	892 KB
30	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	615 KB
22	gstatic.com fonts.gstatic.com www.gstatic.com	201 KB
12	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	83 KB
12	bstatic.com cf.bstatic.com — Cisco Umbrella Rank: 12076 q.bstatic.com — Cisco Umbrella Rank: 58514	88 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	375 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	187 KB
10	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12469	480 KB
7	pages.dev dulichdau.pages.dev	78 KB
5	101dian.com 1 redirects www.101dian.com	71 KB
4	google.com translate.google.com — Cisco Umbrella Rank: 1517 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	32 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	169 KB
3	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1310 fonts.googleapis.com — Cisco Umbrella Rank: 88	77 KB
2	criteo.com cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9055 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13879	474 B
2	booking.com www.booking.com — Cisco Umbrella Rank: 6028	33 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	218 KB
1	criteo.net imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998	16 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4752	408 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	600 B
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 8877	155 KB
1	copyrighted.com static.copyrighted.com — Cisco Umbrella Rank: 289327	2 KB
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 13228	3 KB
1	instant.page instant.page — Cisco Umbrella Rank: 19281	1 KB
0	flagcounter.com Failed s11.flagcounter.com Failed
194	24

	Domain	Requested by
19	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	cdn.klook.com	affiliate.klook.com cdn.klook.com
16	affiliate.klook.com	www.101dian.com cdn.klook.com affiliate.klook.com
15	fonts.gstatic.com	www.101dian.com fonts.googleapis.com
12	res.klook.com
12	www.googletagmanager.com	www.101dian.com www.googletagmanager.com affiliate.klook.com
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	cf.bstatic.com	www.101dian.com www.booking.com cf.bstatic.com
11	pagead2.googlesyndication.com	www.101dian.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	blogger.googleusercontent.com	www.101dian.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.101dian.com
7	www.gstatic.com	www.101dian.com www.gstatic.com googleads.g.doubleclick.net
7	dulichdau.pages.dev	www.101dian.com
5	www.101dian.com	1 redirects www.101dian.com dulichdau.pages.dev www.blogger.com
3	log.klook.com	cdn.klook.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	www.101dian.com tpc.googlesyndication.com
2	www.booking.com	cf.bstatic.com
2	cdn.jsdelivr.net	www.101dian.com
1	rtb.nl3.eu.criteo.com	www.101dian.com
1	cat.nl3.eu.criteo.com	www.101dian.com
1	imageproxy.eu.criteo.net	googleads.g.doubleclick.net
1	q.bstatic.com	cf.bstatic.com
1	www.google.de	www.101dian.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	translate.googleapis.com
1	www.blogger.com	www.101dian.com
1	static.copyrighted.com	www.101dian.com
1	images.dmca.com	www.101dian.com
1	translate.google.com	www.101dian.com
1	instant.page	www.101dian.com
0	s11.flagcounter.com Failed	www.101dian.com
194	36

This site contains links to these domains. Also see Links.

Domain
dulichdau.com
tophotel.dulichdau.com
translate.google.com
c.lazada.vn
www.facebook.com
info.flagcounter.com
www.dulichdau.com
www.homestaydalatdep.com
www.dmca.com
www.copyrighted.com
www.blogger.com

Subject Issuer	Validity	Valid
www.101dian.com GTS CA 1D4	`2023-05-23` - `2023-08-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
dulichdau.pages.dev GTS CA 1P5	`2023-05-31` - `2023-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
images.dmca.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
affiliate.klook.com GTS CA 1D4	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-21` - `2023-10-11`	a year	crt.sh
*.klook.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-12` - `2024-03-14`	a year	crt.sh
*.booking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-12` - `2024-05-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
log.klook.com GTS CA 1D4	`2023-05-22` - `2023-08-20`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.101dian.com/
Frame ID: 21815B2F2681E0E0908CABCDFA4A962E
Requests: 73 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html
Frame ID: 97FE20004F6E680B0B41D170F4ADCCF0
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1E091A486072B29E4C77BB74FFEFBCFD
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=en-US&aid=1695190&target_aid=1695190&dest_id=-3733750&dest_type=city&df_num_properties=6&fid=1689714013952&
Frame ID: C0A92E5B2C234AD554F8AA66A52FAC15
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&adk=1812271804&adf=3025194257&lmt=1689684090&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.101dian.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013806&bpp=3&bdt=427&idt=268&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=777978380621&frm=20&pv=2&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: 2D1DB8239BE5382BBA4D72BF0A28D9FF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=200&slotname=6307787892&adk=2398210235&adf=2029293275&pi=t.ma~as.6307787892&w=1200&fwrn=4&lmt=1689684090&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013809&bpp=2&bdt=430&idt=297&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EpzQt1Thzz&p=https%3A//www.101dian.com&dtd=301
Frame ID: 654473F3A0B6AF3129955F0B5D8DBE7C
Requests: 14 HTTP requests in this frame

Frame: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1
Frame ID: 9BA55ED243914C13DBC6D08ACD6405F2
Requests: 14 HTTP requests in this frame

Frame: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2
Frame ID: 9884EE34AF2EF082A73D0A6C810F0AF4
Requests: 23 HTTP requests in this frame

Frame: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3
Frame ID: 3BD3B4F02325558F0ED634CCAADEA7B2
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=280&slotname=6499359585&adk=1056236196&adf=2025191683&pi=t.ma~as.6499359585&w=1179&fwrn=4&fwrnh=100&lmt=1689684090&rafmt=1&format=1179x280&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013811&bpp=1&bdt=433&idt=325&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=74YLXMm6u4&p=https%3A//www.101dian.com&dtd=328
Frame ID: 825D886210466E6998D952801D705331
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=1032&slotname=7800036804&adk=1647789852&adf=1799527695&pi=t.ma~as.7800036804&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1689684090&rafmt=9&format=300x1032&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013813&bpp=1&bdt=435&idt=349&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200%2C1179x280&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1244&ady=1591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=b1rLE9x4Gi&p=https%3A//www.101dian.com&dtd=352
Frame ID: 12BA2130FB2502687BD8E71AB1B48E13
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js
Frame ID: 3C4987C688AFCED6D089948EEE96AE59
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js
Frame ID: F8427FAFC0F87DC47FA09F3288999673
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6871745EBDE643129B31B92C658CC312
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCEE36823363CB621212DBF99C7AAE6D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

101dian.com - 101 đi ăn - 101 địa điểm ăn uống

Page URL History Show full URLs

http://www.101dian.com/ HTTP 301
https://www.101dian.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

194
Requests

97 %
HTTPS

82 %
IPv6

24
Domains

36
Subdomains

36
IPs

4
Countries

3777 kB
Transfer

8625 kB
Size

12
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://dulichdau.com/2022/10/bang-gia-review-du-lich-guest-post-tren.html
Title: Bảng giá đăng bài QC

Search URL Search Domain Scan URL

URL: https://tophotel.dulichdau.com/
Title: Top Khách Sạn

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://c.lazada.vn/t/c.0PWIfZ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kinhnghiemdulichbuitietkiem/

Search URL Search Domain Scan URL

URL: https://info.flagcounter.com/97M1

Search URL Search Domain Scan URL

URL: https://www.dulichdau.com/
Title: Du lịch đâu

Search URL Search Domain Scan URL

URL: https://www.homestaydalatdep.com/
Title: Homestay Đà Lạt Đẹp

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=8a1d50ae-179c-48c7-8501-15e887607320&refurl=https://webcache.googleusercontent.com/search?q=cache:EWiWHZaRLpkJ:https://www.101dian.com/&cd=2&hl=vi&ct=clnk&gl=vn

Search URL Search Domain Scan URL

URL: https://www.copyrighted.com/website/oYDpIqsLIWCb7bgL?url=https%3A%2F%2Fwebcache.googleusercontent.com%2Fsearch%3Fq%3Dcache%3AEWiWHZaRLpkJ%3Ahttps%3A%2F%2Fwww.101dian.com%2F%26cd%3D2%26hl%3Dvi%26ct%3Dclnk%26gl%3Dvn

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.101dian.com/ HTTP 301
https://www.101dian.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 130

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

194 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.101dian.com/
Redirect Chain

http://www.101dian.com/
https://www.101dian.com/

237 KB
56 KB

590ms
537ms

Document
text/html

2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc582c74d0956e46875f8cd511395c4df87425a08f6db49764afec0a0da15abd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 57034
content-type: text/html; charset=UTF-8
date: Tue, 18 Jul 2023 21:00:13 GMT
etag: W/"8ab6aa34bff1e03ce87699a64c438abefd3402b24683bb94b3d8fbc37d238d1f"
expires: Tue, 18 Jul 2023 21:00:13 GMT
last-modified: Tue, 18 Jul 2023 12:41:30 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 173
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 21:00:12 GMT
Expires: Tue, 18 Jul 2023 21:00:12 GMT
Location: https://www.101dian.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 agoda6.css
cdn.jsdelivr.net/gh/chungtsn/khochat@main/ 829 KB
108 KB 80ms
29ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/chungtsn/khochat@main/agoda6.css

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1ee7d78deef6b9cd76bdadf746a2e6c26969409be0c75fdf8519eeb71063f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 21:00:13 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3122
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 109653
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: branch
etag: W/"cf27e-TPyBk4D7cSTwHyWhG/1nR1R7+UA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5.1.1 Show response
instant.page/ 3 KB
1 KB 86ms
32ms Script
text/javascript 2606:4700::6811:91a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/5.1.1
Requested by: Host: www.101dian.com
URL: https://www.101dian.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:91a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0ee7a16ae3c3063d7644963128afd917c75e9aab66dc4582966b6e5aaeaf6c

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 7e8da727fb8dbbe3-FRA

GET
H2 200 jquery.min.js Show response
dulichdau.pages.dev/ 87 KB
32 KB 114ms
53ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/jquery.min.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"29c4e63801623c5ad6a13313b0cd8d2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78LfOQTL2Oy9IuXc9G2I%2BYvOoTycgEMLbEkcPKxb%2BdcuQ%2FT89cVgZv%2Bc3aZUKjsXTodiK4oPQ7OA6GgoauKbpMD1rze8I%2FLlz7A6oU9mHP79yy7Pq9AKObiwchsENjCTHuLbpnt%2FapPwFW%2FDyPzk8BYT"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da7280db8361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css.min.css
dulichdau.pages.dev/ 29 KB
5 KB 120ms
59ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/css.min.css

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f196ac08fe959fc09d20710af2db44a86d0cb6eba20e53dc98d828db0de7e56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b7e2ccdd32d97f81751d0b5b591d2f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dtQVmt0vF8%2FMvwsbFoaSeqgJcpAlmplxI7LO5SlIY3W1S50fcZGygg5xPk9ns7i89Eo7JXLK1XUqJjGRQUKkI5XaIiM5zIrzJRL12h0O9OEvPSs3Ay78Q3ZfDLSH9J0qeRD3yoL5ltH2lgmHBhBH827"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da7280db4361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 javascript.min.js Show response
dulichdau.pages.dev/ 46 KB
13 KB 134ms
73ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/javascript.min.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45c518ca11ce2ee2224117ede9b5b226070dd075a6a3cbf246802b74e6fc10f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4e233440edf4336eead79b64a8d3678e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqDKT%2BuCC74fOX2ws11ey2YutjiurAArljEVdEURAel40Po%2FD1p3wteEeqF48JYk%2Ftdg%2FutXYvzaTAtd7NeSMOZG1SxOPc%2B9yOorb4rGLGue6RkTgg59W4B72WxeeuFLOj5P8GkjghRfn2A%2BGAtWcWYd"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da7280dbb361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 toc.min.css
dulichdau.pages.dev/ 1 KB
1 KB 112ms
51ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/toc.min.css

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8e10110cfb56759d124562fd555905ea820c2fa1095810123d13b30f44a7022

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c446fb8be454924649f11faa1690847c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLUBEhBzMyCK%2F3So%2B%2B%2Fj%2FneS1kxb6kdHdP%2FLOQEFjUNAGw9dRnRcRJ5I8%2FV7zzWawUrYT89vXjFDvoHm3FakbTVR%2FamXiUWAFU2ZQjEYOxqxteVt13%2Bwb3MupHIO7x%2BRtIo3CcESEtAHMkRlTKjopcwz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da7280db7361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 94ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-74658838-37

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f105fa1a6bb1624bf9f15c31ad4a5d9a3e7ce09af9623a2435a30bc4884e6353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 65817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 21:00:13 GMT

GET
H2 200 bootstrap-icons.css
dulichdau.pages.dev/ 87 KB
12 KB 115ms
70ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/bootstrap-icons.css

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"216fc61927a825e5ba542cebac4ffb5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLYBrbTY43ZqVPpHI4Rb9xQZ1ZRK3Ua%2BrwLkH67o%2FWmaWPCOJZyxwwjtKY%2BAIV0vMfErVvmDZyszCfeZl21YJi%2F0DdXcgAlGCZ6NfKeVvZoC0L5k2H%2F36NPx4UxINYdXnE1spfTHDk2BuOstZNpJr%2FbN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da7280db5361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 179ms
125ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36fc26d5d8580ae66e2b148dca1cbb09a1854e1d09f04c2a712c70df82254f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50567
x-xss-protection: 0
server: cafe
etag: 1557103196626446384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:13 GMT

GET
H2 200 AVvXsEgu-c6XZokkwD9Ge0ETFmTNT5xIlitFYE_oQAz2F3NuLx32RW1NcZR7FjstejhFdxHb5MqFuLTHvxjYyp1dAcKgQpVF_czqvojyu2Np1LjZTXfBPC3OeULuS8MMBFyjUjvQM_dTrHEFzax-2nbzUn-VfIStSDoCSwlf6hLWLcoyaok6IlKf0SNSUWSv6w=s200
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 928ms
877ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgu-c6XZokkwD9Ge0ETFmTNT5xIlitFYE_oQAz2F3NuLx32RW1NcZR7FjstejhFdxHb5MqFuLTHvxjYyp1dAcKgQpVF_czqvojyu2Np1LjZTXfBPC3OeULuS8MMBFyjUjvQM_dTrHEFzax-2nbzUn-VfIStSDoCSwlf6hLWLcoyaok6IlKf0SNSUWSv6w=s200

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12187e04b94f2fd54ad69c1b2ee6207b221934de889c0a77a31ed9bddec05982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v4083a"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="101dian.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1944
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 125ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1256170089840912

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2897d652245aee8097a3e0b9126a8304bb896d265e182e2dba8a5482c93e6a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50641
x-xss-protection: 0
server: cafe
etag: 12688881718745565726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:13 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 86 KB
30 KB 101ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d13ecc9d287a97b2c5ecc1f1ccc93936ee9572ec79864c48226fc271ef8050cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 NY23_AFF_MAIN%20KV_320x480.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJAqXPCN9fZMkDIbtQ32_ltAHHR0fvfyQ3WmZqwA1D8tI9-I8gTtX2Olby-bDzozIFdkDKVJ0n10YeXrxvgXYNqEJav-UAyTSoAKGvYSaKRPAqojVUyaNiQPSA_c8wF70Uks9huaCU1fEGgl7-... 132 KB
132 KB 657ms
606ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJAqXPCN9fZMkDIbtQ32_ltAHHR0fvfyQ3WmZqwA1D8tI9-I8gTtX2Olby-bDzozIFdkDKVJ0n10YeXrxvgXYNqEJav-UAyTSoAKGvYSaKRPAqojVUyaNiQPSA_c8wF70Uks9huaCU1fEGgl7-qq-05jUtMqJtJ84D7O3T-MgRdae5pzWVgxOOQ9GS/w426-h640/NY23_AFF_MAIN%20KV_320x480.png

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f59cd54d0ebbf740d37015cc0cd1d26ab8e8e6716addc81155ae1dc8431fbf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v3e3dc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NY23_AFF_MAIN KV_320x480.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135156
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:14 GMT

GET
H2 200 AVvXsEhn7Vcvzmg7UiKcyKZ_VNEaTXL8ULpMZeYmJg5TZfa_AAaU302cdpFAVpTAvef3Bv1ai4XFYnahOK6kg7jpNnraBbutLciB6w_0qnHVUvqhtFw9BI-UGv0W5o-SAWoZolWkjh-t2_neO_VwAekizkrsiOQEdWaD9EcYIiea-CXYmVAeAQ-6oLHVF_aajA=s200
blogger.googleusercontent.com/img/a/ 2 KB
2 KB 888ms
837ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhn7Vcvzmg7UiKcyKZ_VNEaTXL8ULpMZeYmJg5TZfa_AAaU302cdpFAVpTAvef3Bv1ai4XFYnahOK6kg7jpNnraBbutLciB6w_0qnHVUvqhtFw9BI-UGv0W5o-SAWoZolWkjh-t2_neO_VwAekizkrsiOQEdWaD9EcYIiea-CXYmVAeAQ-6oLHVF_aajA=s200

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12187e04b94f2fd54ad69c1b2ee6207b221934de889c0a77a31ed9bddec05982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v4083c"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="101dian.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1944
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:14 GMT

GET /
s11.flagcounter.com/count2/97M1/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_10/viewers_0/labels_0/pageviews_1/flags_1/percent_0/ 0
0

GET
H2 200 dmca_protected_sml_120b.png
images.dmca.com/Badges/ 2 KB
3 KB 78ms
25ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120b.png?ID=8a1d50ae-179c-48c7-8501-15e887607320
Requested by: Host: www.101dian.com
URL: https://www.101dian.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8e45bb7e8ed0913b06e8956ecf1d1492304b9958f32c21584c3770b3501f0038

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
last-modified: Tue, 04 May 2010 23:19:12 GMT
server: Microsoft-IIS/10.0
etag: "7c6c234e0ebca1:0"
x-powered-by: ASP.NET
x-hw: 1689714013.cds271.fr8.hn,1689714013.cds288.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
link: <https://www.dmca.com/Badges/dmca_protected_sml_120b.png>; rel="canonical"
content-length: 2319

GET
H2 200 04_2.png
static.copyrighted.com/badges/125x25/ 862 B
2 KB 83ms
27ms Image
image/png 2606:4700:3035::6815:1471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.copyrighted.com/badges/125x25/04_2.png

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:1471 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0142a071db7d7ba9641b73c489af7ed3b1e7363e09539528452f37241c9cef64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22023
alt-svc: h3=":443"; ma=86400
content-length: 862
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Feb 2018 19:25:00 GMT
server: cloudflare
etag: "5a945f0c-35e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekd%2FnFguJvzRHq6dAexGJCXeijUqbxLpW0cyh5lp7jRDepiHmisE6ZCZo%2FE1fWIWs0A7W0W85TX2iUfElofE6wNXavrn7KHFbxsrEqEgwqCflnIHgAE4hpCb2wVt8MO3DbW9%2BQKVj3x92RsesVlUVv4xMbuI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 7e8da7297b1e9131-FRA
expires: Thu, 17 Aug 2023 14:53:09 GMT

GET
H2 200 base.js Show response
dulichdau.pages.dev/ 19 KB
8 KB 85ms
85ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/base.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d06c3f93c9bbe473644ed52c1153d34b5e30120afef23ef40f0f967181bf2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3e140da8466d62e82e7d1f8e798dee5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL%2F79uf8FI9iPbSiFe1s1beRvGDzphzrOcZNSaWlEaDSGzaerH4Qk5uqg4pIG8NytDJRdj4zG0ryIlZiK8DzJAlTZbC0iXVTSpwXtP2yqKoYjo%2Fygb5y%2B4bHIgbwvf9ZHsfvgC5aAyc5di6kiHJKRhYQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da7289e67361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 vtrick-scripts.js Show response
dulichdau.pages.dev/ 24 KB
7 KB 66ms
64ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dulichdau.pages.dev/vtrick-scripts.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b22ecfd2334b5779a496c7d71858b52bce813d23359997aff10fcc9b498d4ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9ea895eefd89d610b4567ad3cf050f11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWmbUjBHQSW363zuZMRL9QYWlAj%2FxMGpHEszUmq6eaZ7WaFRGnDMhyQjoK%2BIwKm23Q1ynyeZqZ%2BxQNNvsM4jwoJN8vo9KHcm9LTWl%2FpAdaKfUzrYWZE0RHz3GYmJn4mDmqE0yZ3qijVcCMz6cVB5h3SS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 7e8da728ae75361b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 cookienotice.js Show response
www.101dian.com/js/ 6 KB
2 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.101dian.com/js/cookienotice.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 19:54:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Tue, 25 Jul 2023 21:00:13 GMT

GET
H2 200 2767558538-widgets.js Show response
www.blogger.com/static/v1/widgets/ 155 KB
155 KB 76ms
22ms Script
text/javascript 2a00:1450:4001:82f::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2767558538-widgets.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12e66fe63efa1a28b691e08832e5ea0858a3e4f9cb84fd22b78164dc88a34129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 11:50:57 GMT
x-content-type-options: nosniff
age: 32956
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158511
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 17:54:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Wed, 17 Jul 2024 11:50:57 GMT

GET
H2 200 fetch-iframe-init.js Show response
affiliate.klook.com/widget/ 587 B
726 B 86ms
22ms Script
application/javascript 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.klook.com/widget/fetch-iframe-init.js

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

21.108.149.34.bc.googleusercontent.com

Software

ReplaceHeaderValue /

Resource Hash

f2767375f9a38497e1cf2279ff98dc1407081074ccd0fda78709c84387f6c5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 20:52:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
x-cdn-cache: hit
age: 466
x-kong-proxy-latency: 0
x-kong-upstream-latency: 2
x-readtime: 0
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 387
x-xss-protection: 1; mode=block
server: ReplaceHeaderValue
x-download-options: noopen
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600,public

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/ 110 KB
110 KB 45ms
21ms Font
font/woff2 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 21:00:13 GMT
x-content-type-options: nosniff
age: 3016186
x-jsd-version: 1.9.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 112440
x-served-by: cache-fra-eddf8230053-FRA
x-jsd-version-type: version
etag: W/"1b738-OihLBhh3Hynajra+kA6ZQ5JT3OA"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v21/ 13 KB
14 KB 99ms
49ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be37f36989880a124a0df21a0b4931bfd75d67bd9d844418ecbb79a47514507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 18:04:37 GMT
x-content-type-options: nosniff
age: 10536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13788
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:08:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 18:04:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 69ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 322186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 03:30:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 90ms
44ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 11:44:36 GMT
x-content-type-options: nosniff
age: 33337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 11:44:36 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 101ms
55ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:28:59 GMT
x-content-type-options: nosniff
age: 390674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2024 08:28:59 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58i-wi40.woff2
fonts.gstatic.com/s/quicksand/v21/ 11 KB
11 KB 73ms
28ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58i-wi40.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe9f05ae5147c35fb2b020b81a542eed2e8de0bc5861ef291ca7feec66c767d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 22:21:07 GMT
x-content-type-options: nosniff
age: 340746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11256
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:31:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2024 22:21:07 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 22 KB
5 KB 71ms
21ms Stylesheet
text/css 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.JRJFcNG92_I.O/d=1/rs=AN8SPfpA9WxCHs7axwo0oPr3d0It6yut6w/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 10:24:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4176
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 10:24:06 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JRJFcNG92_I.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpA9WxCHs7axwo0oPr3d0It6yut6w/ 213 KB
76 KB 69ms
22ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JRJFcNG92_I.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpA9WxCHs7axwo0oPr3d0It6yut6w/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.JRJFcNG92_I.O/d=1/rs=AN8SPfpA9WxCHs7axwo0oPr3d0It6yut6w/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d363e240ef167500152bfefe58f7fbf9a49b0638099db3739aadfc801db4c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76948
x-xss-protection: 0
last-modified: Mon, 17 Jul 2023 17:12:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 17:35:50 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58m-wi40.woff2
fonts.gstatic.com/s/quicksand/v21/ 4 KB
4 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58m-wi40.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e87f180c3c5bfda9c7fc7d506ecd1e581d442fc7c4e9d5f1850f3c6a1c79ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:46:52 GMT
x-content-type-options: nosniff
age: 278001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3760
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:39:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:46:52 GMT

GET
H2 200 flexiproduct.js Show response
cf.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 86ms
21ms Script
application/javascript 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1689714013685

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:04:31 GMT
content-encoding: br
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680942
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Jun 2022 03:41:28 GMT
server: nginx
etag: W/"62a6b1e8-1849"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 7XQu86ztMVKsHlcUcNnKE5pAijwBJxI82wZgvj2INSL6yVhhXv5jLw==
expires: Sat, 29 Jul 2023 10:04:31 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v21/ 13 KB
14 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4813a05d0d0fb1efdaeb730c134af8a9bfcb824f1993cd66026af4fd50f4b492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 01:57:15 GMT
x-content-type-options: nosniff
age: 586978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13724
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:25:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 01:57:15 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wi40.woff2
fonts.gstatic.com/s/quicksand/v21/ 11 KB
11 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58i-wi40.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c703e3b6876f45923043852412e0ddac6e7974c56a7bc4a1d9400744cfe59082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 04:23:38 GMT
x-content-type-options: nosniff
age: 318995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11324
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 04:23:38 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2
fonts.gstatic.com/s/quicksand/v21/ 13 KB
14 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58a-wg.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db27b19be7d69de841dc1403b1d22f385fdd87fa87b7d6501c29a08e7540993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 18:02:40 GMT
x-content-type-options: nosniff
age: 356253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13820
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2024 18:02:40 GMT

GET
H3 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58i-wi40.woff2
fonts.gstatic.com/s/quicksand/v21/ 11 KB
11 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58i-wi40.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4815e8faa7756a65078655197f7eba2211a7299808a685f547fa96b3797abe4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 15:55:38 GMT
x-content-type-options: nosniff
age: 277475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11180
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:39:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 15:55:38 GMT

GET
H2 200 %C4%83n%20g%C3%AC%20h%C3%A0%20n%E1%BB%99i Show response
www.101dian.com/feeds/posts/default/-/ 51 KB
12 KB 396ms
396ms XHR
application/json 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.101dian.com/feeds/posts/default/-/%C4%83n%20g%C3%AC%20h%C3%A0%20n%E1%BB%99i?alt=json&max-results=5

Requested by

Host: dulichdau.pages.dev
URL: https://dulichdau.pages.dev/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

c7e069315c1522f8097f97e224dedecfeb6c5f0bc4bb7aed1d8aadc2c600d489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.101dian.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jul 2023 12:41:30 GMT
server: blogger-renderd
etag: W/"cb3d6b0f5005ba82c4127167990a72ba7f1906400fdae3c4850f3bb245c90a31"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 12086
x-xss-protection: 0
expires: Tue, 18 Jul 2023 21:00:14 GMT

GET
H2 200 stats Show response
www.101dian.com/b/ 410 B
318 B 187ms
187ms XHR
text/html 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.101dian.com/b/stats?style=BLACK_TRANSPARENT&timeRange=ALL_TIME&token=APq4FmA1VgD7NtJFCcpIE2xgmSzn1ndKB_YSCmdmd8oiMEPh1bpwYwm-0Nk1SLSsPzwnO9jPW07Z1CnLG-tVSxURRSJeJovpGg

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/2767558538-widgets.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f53800bedd5119e68c29b900b0d745104133c3c077b35add8503e6194140bb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
content-length: 253
x-xss-protection: 1; mode=block
expires: Tue, 18 Jul 2023 21:00:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GPEQTE607G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74658838-37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

796a61bead3e9772a611f92c0bed7cc91b4c68746e84d8faf6adcc4e4e3edfa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 21:00:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74658838-37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6936
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 18 Jul 2023 21:04:37 GMT

GET
H3 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58m-wi40.woff2
fonts.gstatic.com/s/quicksand/v21/ 4 KB
4 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkCEv58m-wi40.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7e25e954375dd00e78737af22cabc8286dc72349914b6b02e45dcb46c91dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:11:50 GMT
x-content-type-options: nosniff
age: 445703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3708
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:39:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 17:11:50 GMT

GET
H3 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58m-wi40.woff2
fonts.gstatic.com/s/quicksand/v21/ 4 KB
4 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58m-wi40.woff2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bb07039b52e809f4d1b1f90bfbec7c03744cb261339999987957b3b724e7d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Origin: https://www.101dian.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 18:41:38 GMT
x-content-type-options: nosniff
age: 267515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3716
x-xss-protection: 0
last-modified: Fri, 26 Jun 2020 02:21:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 18:41:38 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/ 359 KB
123 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1256170089840912&plah=www.101dian.com&bust=31076187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1256170089840912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e7f320deb55eed41d267fe68b610394c92c0fd3e2d05f7aafe7c2f0f81597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126152
x-xss-protection: 0
server: cafe
etag: 17382198972712192619
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/ Frame 97FE 10 KB
5 KB 71ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230717/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1256170089840912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 21:37:22 GMT
etag: 12368291122986407432
expires: Mon, 31 Jul 2023 21:37:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe-init-v1.0.10.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/ 16 KB
6 KB 182ms
66ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/iframe-init-v1.0.10.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/fetch-iframe-init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

db18cb52427e02c7de9ad4d90ca593068388c3fdac72903ee699779d92b0a74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:47:25 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: PX8QJJS0G92AHRJR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 850368
x-cache: Hit from cloudfront
x-amz-id-2: sZTYMAPsP5YrjYS+HIvwX9lnIRoiEB49vURGbFOwnD0rAzrLOJmoBsrmyE9knaNiHM6QJy4yxJo=
last-modified: Fri, 07 Jul 2023 09:32:25 GMT
server: nginx
etag: W/"2cfb3029203fe32534cdc18eab919e12"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: mRRPogQjhjm-ZdtQYCxRV1Km13FS2vK_40GkQ94Xulie7W8-kTVEkA==
expires: Mon, 08 Jul 2024 00:47:25 GMT

GET
H2 200 AVvXsEirgsyTHXukAmNPV--qIM9YQ6IDXJ-cB6rRsj3bRtKRYYuPBcJdjmmyiQj9HuZ_x9sibDFNi1fKQQuE9R7Tx_rEiANilwrfZyKTC6GZn8hxEv1SiK9FAmYiTVjQ-aspsTMr_WARQbRKtlU1642nd8wI-K3i58MfFruEnBcpjnF3uDnmVrJfPAhKVzr6-w=w1...
blogger.googleusercontent.com/img/a/ 117 KB
117 KB 2057ms
2057ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEirgsyTHXukAmNPV--qIM9YQ6IDXJ-cB6rRsj3bRtKRYYuPBcJdjmmyiQj9HuZ_x9sibDFNi1fKQQuE9R7Tx_rEiANilwrfZyKTC6GZn8hxEv1SiK9FAmYiTVjQ-aspsTMr_WARQbRKtlU1642nd8wI-K3i58MfFruEnBcpjnF3uDnmVrJfPAhKVzr6-w=w1132-h708-p-k-no-nu

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31e9ca8026b0d4c6e4b88a13e64d4b151465561ec6cb15574197da4b0d3a5bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v410c9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB_IMG_1684339677915-707915.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119654
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:15 GMT

GET
H2 400 69480628_3314377515246517_2557363037166108672_n.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiczbbqlu_kvGVOa9iRXsxUfCyDfBGXuWWFafZCCqWpmgwsBwXNPp0Ez51D9IBML4mUBFTkiOwCEtbSAb_jUgKT8rIPBQDix2gFQ6poUOIIi9cyIk9XhW4tzcfY21_Xiw/w0-h0-p-k-no-nu/ 0
0 372ms
372ms Image
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiczbbqlu_kvGVOa9iRXsxUfCyDfBGXuWWFafZCCqWpmgwsBwXNPp0Ez51D9IBML4mUBFTkiOwCEtbSAb_jUgKT8rIPBQDix2gFQ6poUOIIi9cyIk9XhW4tzcfY21_Xiw/w0-h0-p-k-no-nu/69480628_3314377515246517_2557363037166108672_n.jpg
Requested by: Host: www.101dian.com
URL: https://www.101dian.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
DATA 200
OK truncated Show response
/ Frame 1E09 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 65ms
22ms Image
image/svg+xml 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 15:46:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 15:46:54 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 22ms
21ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:52:03 GMT
x-content-type-options: nosniff
age: 14890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Jul 2024 16:52:03 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 22ms
22ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 20:35:09 GMT
x-content-type-options: nosniff
age: 87904
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 16 Jul 2024 20:35:09 GMT

GET
H2 200 flexiproduct.html Show response
www.booking.com/ Frame C0A9 72 KB
31 KB 334ms
261ms Document
text/html 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=en-US&aid=1695190&target_aid=1695190&dest_id=-3733750&dest_type=city&df_num_properties=6&fid=1689714013952&

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1689714013685

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

4c401bb395a750ff456942bcaf4db925947cf4c1f4be0fefe76bda5070c55a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: br
content-length: 30470
content-type: text/html; charset=UTF-8
date: Tue, 18 Jul 2023 21:00:14 GMT
nel: {"max_age":604800,"report_to":"default"}
report-to: {"max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default"}
server: nginx
strict-transport-security: max-age=300; includeSubDomains
vary: Accept-Encoding, User-Agent
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-id: L-zJyBOBfH3Ch72mBx00ddw6Sw31UbpvsPc4y1p2sGEQRRUNgOfrAw==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 27ms
26ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=648486857&t=pageview&_s=1&dl=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=101dian.com%20-%20101%20%C4%91i%20%C4%83n%20-%20101%20%C4%91%E1%BB%8Ba%20%C4%91i%E1%BB%83m%20%C4%83n%20u%E1%BB%91ng&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1194662082&gjid=2109756728&cid=1308830312.1689714014&tid=UA-74658838-37&_gid=215432116.1689714014&_r=1&gtm=457e37h0&jsscut=1&z=260397331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.101dian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.101dian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 80ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GPEQTE607G&gtm=45je37h0&_p=648486857&cid=1308830312.1689714014&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&ngs=1&_s=1&sid=1689714013&sct=1&seg=0&dl=https%3A%2F%2Fwww.101dian.com%2F&dt=101dian.com%20-%20101%20%C4%91i%20%C4%83n%20-%20101%20%C4%91%E1%BB%8Ba%20%C4%91i%E1%BB%83m%20%C4%83n%20u%E1%BB%91ng&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GPEQTE607G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.101dian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 32ms
31ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=www.101dian.com%2F&tdp=G-GPEQTE607G;127224542;1;1;0&z=0

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 28ms
27ms Image
image/gif 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=www.101dian.com%2F&tdp=G-GPEQTE607G;127224542;1;1;0&z=0
Requested by: Host: www.101dian.com
URL: https://www.101dian.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:14 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 47ms
47ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtm.init&eid=0&h=Ag&tr=1ogtgasend.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 47ms
47ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtag.config&eid=1&u=AAAAAAAAAAAAAAAAAAAAAAE&h=Ag&tr=1gct&ti=1gct&z=0

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 47ms
46ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&epr=1G.2G&z=0

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 34ms
34ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtm.dom&eid=3&u=AAAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&z=0

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 86ms
29ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-74658838-37&cid=1308830312.1689714014&jid=1194662082&gjid=2109756728&_gid=215432116.1689714014&_u=YEBAAUAAAAAAACAAI~&z=1019266316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.101dian.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.101dian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
600 B 120ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.101dian.com&callback=_gfp_s_&client=ca-pub-1256170089840912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1256170089840912&plah=www.101dian.com&bust=31076187

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c89fa0755076f72d479eebd17cc7c68b779b5c16a38747b7fed19d9b86fa7c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
31ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.101dian.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2D1D 318 KB
76 KB 1782ms
1781ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&adk=1812271804&adf=3025194257&lmt=1689684090&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.101dian.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013806&bpp=3&bdt=427&idt=268&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=777978380621&frm=20&pv=2&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b5db57c29154e261a3a03ee6f33ddaba372a814774e4439adb7a3f6fbc92291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 77282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:00:14 GMT
expires: Tue, 18 Jul 2023 21:00:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6544 124 KB
39 KB 536ms
535ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=200&slotname=6307787892&adk=2398210235&adf=2029293275&pi=t.ma~as.6307787892&w=1200&fwrn=4&lmt=1689684090&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013809&bpp=2&bdt=430&idt=297&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EpzQt1Thzz&p=https%3A//www.101dian.com&dtd=301

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9eef48d6bd2d5ef12ab8bdd152079ba3e18a326cc3089b9be3d4a6130366ee69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39642
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:00:14 GMT
expires: Tue, 18 Jul 2023 21:00:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 render Show response
affiliate.klook.com/widget/ Frame 9BA5 12 KB
5 KB 294ms
293ms Document
text/html 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/iframe-init-v1.0.10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

21.108.149.34.bc.googleusercontent.com

Software

ReplaceHeaderValue /

Resource Hash

559f9d994b5fa170cd3b4ef08cc5df9a110bafd26dc639048fc5ef266bc86e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 21:00:14 GMT
server: ReplaceHeaderValue
server-timing: render-all;dur=0
vary: Accept-Encoding
via: 1.1 google
x-cdn-cache: miss
x-cdn-vendor: gcp
x-content-type-options: nosniff
x-download-options: noopen
x-kong-proxy-latency: 0
x-kong-upstream-latency: 3
x-readtime: 0
x-xss-protection: 1; mode=block

GET
H2 200 render Show response
affiliate.klook.com/widget/ Frame 9884 12 KB
5 KB 295ms
294ms Document
text/html 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/iframe-init-v1.0.10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

21.108.149.34.bc.googleusercontent.com

Software

ReplaceHeaderValue /

Resource Hash

559f9d994b5fa170cd3b4ef08cc5df9a110bafd26dc639048fc5ef266bc86e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 21:00:14 GMT
server: ReplaceHeaderValue
server-timing: render-all;dur=0
vary: Accept-Encoding
via: 1.1 google
x-cdn-cache: miss
x-cdn-vendor: gcp
x-content-type-options: nosniff
x-download-options: noopen
x-kong-proxy-latency: 0
x-kong-upstream-latency: 3
x-readtime: 0
x-xss-protection: 1; mode=block

GET
H2 200 render Show response
affiliate.klook.com/widget/ Frame 3BD3 12 KB
5 KB 296ms
296ms Document
text/html 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/iframe/iframe-init-v1.0.10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

21.108.149.34.bc.googleusercontent.com

Software

ReplaceHeaderValue /

Resource Hash

559f9d994b5fa170cd3b4ef08cc5df9a110bafd26dc639048fc5ef266bc86e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 21:00:14 GMT
server: ReplaceHeaderValue
server-timing: render-all;dur=0
vary: Accept-Encoding
via: 1.1 google
x-cdn-cache: miss
x-cdn-vendor: gcp
x-content-type-options: nosniff
x-download-options: noopen
x-kong-proxy-latency: 1
x-kong-upstream-latency: 3
x-readtime: 0
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 825D 124 KB
39 KB 500ms
500ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=280&slotname=6499359585&adk=1056236196&adf=2025191683&pi=t.ma~as.6499359585&w=1179&fwrn=4&fwrnh=100&lmt=1689684090&rafmt=1&format=1179x280&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013811&bpp=1&bdt=433&idt=325&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=74YLXMm6u4&p=https%3A//www.101dian.com&dtd=328

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd2f307efad798e337267f39da673516e9f4aef3a770192fdc5d604d7f63d1f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39741
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:00:14 GMT
expires: Tue, 18 Jul 2023 21:00:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AVvXsEjm7MQt7gm5-v_esFHuxM18u8KSj4DJiDrRPd0QIjEGL6lB-MpW02RA1z2xTVRXYmlUkfCYbZr81110epV80WXAoUA4z-XaZq7i2Bm3_DwTN-gl4XYzBa0kona4olvscyS2NItninmsGO-oy7n53XOVIXFOBnR1YVtG8u0GstmVm25TBoe055ShLlMB-g=s320
blogger.googleusercontent.com/img/a/ 24 KB
25 KB 1733ms
1732ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjm7MQt7gm5-v_esFHuxM18u8KSj4DJiDrRPd0QIjEGL6lB-MpW02RA1z2xTVRXYmlUkfCYbZr81110epV80WXAoUA4z-XaZq7i2Bm3_DwTN-gl4XYzBa0kona4olvscyS2NItninmsGO-oy7n53XOVIXFOBnR1YVtG8u0GstmVm25TBoe055ShLlMB-g=s320

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

976ca35441209539fa4e01d9e83f4c9557bbea10834ee5e491eeab26aef317fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v40734"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB_IMG_1682094630443-779421.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25002
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:14 GMT

GET
H2 200 AVvXsEhxnsA7HxVa0lxzJ4bV66NH3gEyb1LbkHomsxqPxItR8TqkIfggJuXZrLYDrZYoxKn0pWZI2TBoKkNaQ5DAEfgndToH3s4jXUMGd6w0K3Hh8AGvSLz0JD66ciBfWNDhBjky0Dcl2ok2wTSszokVpWCaWGhhmsvIB_a3XeFQewyM9oE6F7t8cpoTc5cKjA=s320
blogger.googleusercontent.com/img/a/ 45 KB
45 KB 1735ms
1734ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhxnsA7HxVa0lxzJ4bV66NH3gEyb1LbkHomsxqPxItR8TqkIfggJuXZrLYDrZYoxKn0pWZI2TBoKkNaQ5DAEfgndToH3s4jXUMGd6w0K3Hh8AGvSLz0JD66ciBfWNDhBjky0Dcl2ok2wTSszokVpWCaWGhhmsvIB_a3XeFQewyM9oE6F7t8cpoTc5cKjA=s320

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

86494e311e6790fb6d186742863e85b0a8b303163ec919f6ac4d620d7f30715e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v3fde8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB_IMG_1679493873490-714002.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46201
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:14 GMT

GET
H2 200 AVvXsEgf9vh2CuYWXkqyePp51BIU9qCUSnRCEwk5DLhuZhhiWowaBP40vIA2DbVxlAJuDDqDjk4iF5BeSdwV0XwAyNrRTFV2bbbxec9_MlZd70UWnDbAFGr-8FNwyl5XR90899E53CBjIerWnkJdjMEmAf8kzSQbWjRZ8WrDpLhUmDEs5KqTWBubAyR_7419Ng=s320
blogger.googleusercontent.com/img/a/ 65 KB
65 KB 1776ms
1775ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgf9vh2CuYWXkqyePp51BIU9qCUSnRCEwk5DLhuZhhiWowaBP40vIA2DbVxlAJuDDqDjk4iF5BeSdwV0XwAyNrRTFV2bbbxec9_MlZd70UWnDbAFGr-8FNwyl5XR90899E53CBjIerWnkJdjMEmAf8kzSQbWjRZ8WrDpLhUmDEs5KqTWBubAyR_7419Ng=s320

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

171e6ab7a0ee61e778731993ae3f6a678179ed261bae6688da1fe6f0205f9efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v3efd8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB_IMG_1675530308234-742923.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66372
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:15 GMT

GET
H2 200 AVvXsEguTO_0Oa3NcW9VBroMxuWdeXqHXdDqGNmrt5jG92ZnMfTX9Vy4PyMQtIS68B_W5snK1FZXweCSh_tMGcoe27L4KnIkq88fxrjhd_JBL4pZ4Sth9Swvk57Y7Nm60ZHbOPNypwNmGSOlfBj4U50W5wZr0J86goam4jWAWnXnWWLKl8Bg4A8Le9o1R1INAA=s320
blogger.googleusercontent.com/img/a/ 42 KB
42 KB 1775ms
1775ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEguTO_0Oa3NcW9VBroMxuWdeXqHXdDqGNmrt5jG92ZnMfTX9Vy4PyMQtIS68B_W5snK1FZXweCSh_tMGcoe27L4KnIkq88fxrjhd_JBL4pZ4Sth9Swvk57Y7Nm60ZHbOPNypwNmGSOlfBj4U50W5wZr0J86goam4jWAWnXnWWLKl8Bg4A8Le9o1R1INAA=s320

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

28428caafa6b96cdac8379a3c058e025b5185ef8d52c60e257044044cba2356e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v3eee7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB_IMG_1675085164994-799849.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42958
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:15 GMT

GET
H2 200 AVvXsEiJ7ENgMTspTmd6NuHjVVrbYICvbuTitWAkDxCkfPg3UKio1v5ArYIFQyFV4zc6uSJOghCbG-6EpABKEYzCMa_jrf9m647DJymzsZVJR2P1VtvPQOLCUNDsiVvSJHg573Gqno_B_TJUpB4qv5N0MuivXllNgff4y1SM-YwQTIFEDZjrNhGDGop8S6WhrA=s320
blogger.googleusercontent.com/img/a/ 50 KB
50 KB 1779ms
1778ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiJ7ENgMTspTmd6NuHjVVrbYICvbuTitWAkDxCkfPg3UKio1v5ArYIFQyFV4zc6uSJOghCbG-6EpABKEYzCMa_jrf9m647DJymzsZVJR2P1VtvPQOLCUNDsiVvSJHg573Gqno_B_TJUpB4qv5N0MuivXllNgff4y1SM-YwQTIFEDZjrNhGDGop8S6WhrA=s320

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e0b2182fc69d279d908a5f4289d1c8d170357d92dc1444fcc0de4b45b9545562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v3ee85"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FB_IMG_1675083617303-757707.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50798
x-xss-protection: 0
expires: Wed, 19 Jul 2023 21:00:15 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 96ms
45ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74658838-37&cid=1308830312.1689714014&jid=1194662082&_u=YEBAAUAAAAAAACAAI~&z=69489034

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 92ms
45ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-74658838-37&cid=1308830312.1689714014&jid=1194662082&_u=YEBAAUAAAAAAACAAI~&z=69489034

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 12BA 87 KB
28 KB 487ms
487ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=1032&slotname=7800036804&adk=1647789852&adf=1799527695&pi=t.ma~as.7800036804&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1689684090&rafmt=9&format=300x1032&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013813&bpp=1&bdt=435&idt=349&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200%2C1179x280&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1244&ady=1591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=b1rLE9x4Gi&p=https%3A//www.101dian.com&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec4db6352c5daeef9127e9057837b4c5d3ee7a36bba620ea176c87ebcae71cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:00:14 GMT
expires: Tue, 18 Jul 2023 21:00:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame C0A9 1 KB
1015 B 22ms
21ms Stylesheet
text/css 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=en-US&aid=1695190&target_aid=1695190&dest_id=-3733750&dest_type=city&df_num_properties=6&fid=1689714013952&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:17:22 GMT
content-encoding: br
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680172
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: W1xFNL8KfBq7_2TmPukud2eYELGUbtAsqkCRA_dqZpb2MFExOKLQHA==
expires: Sat, 29 Jul 2023 10:17:22 GMT

GET
H2 200 f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame C0A9 11 KB
3 KB 22ms
22ms Stylesheet
text/css 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:17:21 GMT
content-encoding: br
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680173
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 14:42:31 GMT
server: nginx
etag: W/"5eda59d7-2ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: v62fsQRJyJLaaiNUC065_GLV56Qhz7fJp63q2uM_0HVHNPNBwJ9uDg==
expires: Sat, 29 Jul 2023 10:17:21 GMT

GET
H2 200 19d26ccbecea13a40501b1a204f92d7797638c6b.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame C0A9 13 KB
3 KB 23ms
20ms Stylesheet
text/css 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/19d26ccbecea13a40501b1a204f92d7797638c6b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:17:21 GMT
content-encoding: br
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680173
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jun 2022 06:07:04 GMT
server: nginx
etag: W/"62ba9a88-33d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: ZGBh23PbIE-u45fWsuCiW1RCrmI5-A3XZitxZMQanATCaRa_9P62Tg==
expires: Sat, 29 Jul 2023 10:17:21 GMT

GET
H2 200 e64c0e1deedf8041f9d8526c0500b696a743bf64.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_df2/ Frame C0A9 3 KB
1 KB 24ms
20ms Stylesheet
text/css 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_product_df2/e64c0e1deedf8041f9d8526c0500b696a743bf64.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

798f5ce3a1569ac0d3facb8eca4109afc978245811b83d062ea2d5ef2f122d68

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 09:48:08 GMT
content-encoding: br
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2373126
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 28 Jun 2022 06:07:04 GMT
server: nginx
etag: W/"62ba9a88-d90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 0paRtJUS6B9EJFabLKcBkB3x9wD-S9ez_bldKqfUgVfwov1VOYqxSg==
expires: Fri, 21 Jul 2023 09:48:08 GMT

GET
H2 200 61498d0dfab033edb299e6d4ae0dd3b9f98ddccf.png
cf.bstatic.com/static/img/flags/32/vn/ Frame C0A9 792 B
1 KB 21ms
21ms Image
image/png 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/flags/32/vn/61498d0dfab033edb299e6d4ae0dd3b9f98ddccf.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b44a77f22d9dfd6cbc49ad2d1c1ad1d45724ae26606e4a5347ca8a2adb3d4854

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 13:45:32 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2358882
x-cache: Hit from cloudfront
content-length: 792
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
server: nginx
etag: "5cadd1d1-318"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: v244CBO_v_ulp9YvmTxokLQDavd-C9fIBMkd2eqSkRKlNJLlfQMheA==
expires: Fri, 21 Jul 2023 13:45:32 GMT

GET
H2 200 85522fc012ea427986aabb503405f288a30cc3c8.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame C0A9 123 KB
39 KB 71ms
25ms Script
application/javascript 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:17:22 GMT
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680172
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 25 May 2022 11:00:45 GMT
server: nginx
etag: W/"628e0c5d-1ed10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: C-lFwHvKSLMxgNwhYdRTz4wt8knOhf6FVRsm3b_VGLSW7PfJDkkAhw==
expires: Sat, 29 Jul 2023 10:17:22 GMT

GET
H2 200 7e03f1178ca725d97fdd726255c96b3e71b660d2.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/ Frame C0A9 392 B
966 B 88ms
44ms Script
application/javascript 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/7e03f1178ca725d97fdd726255c96b3e71b660d2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:17:21 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680172
x-cache: Hit from cloudfront
content-length: 392
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: "5e39454a-188"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SCpHcFqkv00fJKZJxRD1Cz6c8pN_dMAodFurl913jopoldnz5ji6MQ==
expires: Sat, 29 Jul 2023 10:17:21 GMT

GET
H2 200 688957.webp
cf.bstatic.com/xdata/images/city/600x200/ Frame C0A9 17 KB
17 KB 25ms
24ms Image
image/webp 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/xdata/images/city/600x200/688957.webp?k=6bc63b5884419076abe1099773d93c0ab8e8a9d88c455eb0b5fb3f7a71e5dd6c&o=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

453cda9d16e80ec77a801c4031f6dfa3552b98b40d06371de84c90701aa5e97f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 15:49:17 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P5
age: 2265057
etag: "40596df3669b674390e12996d9e7f6ff8a8e13f4"
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: pejBvWiCf4OZH3pe0gJaLIzKNxzz1eupDtnh2dWxQn_Fix0I4afNnw==
content-length: 17276
x-xss-protection: 1; mode=block
expires: Sat, 22 Jul 2023 15:49:17 GMT

GET
H2 200 75023142ca291f26b46bbd3a56d416308c197349.png
q.bstatic.com/static/img/affiliate_base/df-postcard-header-bcg/ Frame C0A9 244 B
810 B 89ms
21ms Image
image/png 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.bstatic.com/static/img/affiliate_base/df-postcard-header-bcg/75023142ca291f26b46bbd3a56d416308c197349.png

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexi_product_df2/e64c0e1deedf8041f9d8526c0500b696a743bf64.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

92403784bf395496017a1b1656d0ea68ec6477c8ada5ad56937593ae12955585

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.bstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 09:51:39 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1681715
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-f4"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lmEHbRECu1vcKVBWFRwgkhhMYBLXI4_kaN4ouiN0Dir-z-uB6hEjVQ==
expires: Sat, 29 Jul 2023 09:51:39 GMT

GET
H2 200 750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame C0A9 8 KB
8 KB 32ms
22ms Font
application/font-woff 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
Origin: https://www.booking.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:17:22 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 1680172
x-cache: Hit from cloudfront
content-length: 7772
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-1e5c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: z2cQ5YkSjHnv8D0Y3iuiOBfjso0qJmdddia3V63c9zYMztpf_LSi0w==
expires: Sat, 29 Jul 2023 10:17:22 GMT

GET
H2 200 flexiproduct.html Show response
www.booking.com/ Frame C0A9 7 KB
2 KB 2165ms
2165ms XHR
text/html 13.32.99.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=df2&w=100%25&h=auto&lang=en-US&aid=1695190&target_aid=1695190&dest_id=-3733750&dest_type=city&df_num_properties=6&fid=1689714013952&ajax_resp=1

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/85522fc012ea427986aabb503405f288a30cc3c8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-76.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

803fd8773f39357daedd0218c279f2433dd2da0ad9dfa6ead534b4fef9280c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.booking.com/flexiproduct.html?product=dfl2&w=100%25&h=auto&lang=en-US&aid=1695190&target_aid=1695190&dest_id=-3733750&dest_type=city&df_num_properties=6&fid=1689714013952&
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=300; includeSubDomains
nel: {"max_age":604800,"report_to":"default"}
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
content-length: 983
x-xss-protection: 1; mode=block
server: nginx
vary: Accept-Encoding, User-Agent
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
content-type: text/html; charset=UTF-8
cache-control: private
x-amz-cf-id: h0o5WzS6fCzIUfKkMFyA6j82Xbektrb7JdDRWJn3bOMQEVGBjy7fTA==

GET
H2 200 5b002027c2209cf328a1aeffd1954c5516fa0913.gif
cf.bstatic.com/static/img/map-loader/ Frame C0A9 8 KB
9 KB 22ms
22ms Image
image/gif 2600:9000:223f:d600:1c:d826:cd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/map-loader/5b002027c2209cf328a1aeffd1954c5516fa0913.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:d600:1c:d826:cd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d8314b4eff35940506acf61b840b57de7f67e594af6b0b7976ddf05040334fc6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 09:57:01 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
x-amz-cf-pop: FRA56-P5
age: 2372593
x-cache: Hit from cloudfront
content-length: 8685
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:54 GMT
server: nginx
etag: "5cadd1d2-21ed"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QdDIGNX58ycNTeCArqAVPGmRqtXdtZp0fkrJX2vG5Y6skCBG6j1gtw==
expires: Fri, 21 Jul 2023 09:57:01 GMT

GET
H2 200 chunk-vendors.c1b35f39.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 9BA5 343 KB
128 KB 153ms
86ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.c1b35f39.js

Requested by

Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eae20b6a872c824d99168409e3da233d44beb889c6baafb4898fc92a9e839523

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 00:45:05 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: DPK91AESG773Y4AR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 764109
x-cache: Hit from cloudfront
x-amz-id-2: xUN8PJfhAH/SJvDM4shl2dJ/bAB2ZQf3TVFkbmsTQbkxF2+r1F3b4N6+VXuWBC+fqUnreuG4wRs=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"dc334a93bc85b932bf66934c28893460"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: Y5nlQQESEVZTmvYCnWE_4iu9SWdwuen5Khqb7o83lPFCBokcocVORQ==
expires: Tue, 09 Jul 2024 00:45:05 GMT

GET
H2 200 chunk-common.d2e21474.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 9BA5 32 KB
13 KB 249ms
182ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cef730d6893fbe68c977250c2b198d38ef2ec30da5973ffd4e8d871bb60ac0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 01:25:47 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 5QTVE3JDQN47YKK3
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 761667
x-cache: Hit from cloudfront
x-amz-id-2: Kk9UzK7XiDTIhmJSPrbYrZIKhKqI1hKhvEvenouFtT36+8Er39VAGnl5irU+P4vqmLqNKAIZWKc=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"d0485b9833256e032b623f3922f5faf6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: oKVL_owcHFehLmHYE-jZlbDRgAz6DOAdnmuLltRRb_kFC7hu86ZP-A==
expires: Tue, 09 Jul 2024 01:25:47 GMT

GET
H2 200 dynamic_widget.9f2d2177.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 9BA5 8 KB
4 KB 248ms
181ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/dynamic_widget.9f2d2177.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a13d03a2be358a67f288e8bfd72865bbb0ae374ea185a98cbf3cf50f268e3fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 01:08:42 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: PHBBYFE2668WYRSD
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 503492
x-cache: Hit from cloudfront
x-amz-id-2: a9t0TcUMyATSv6e2FH/TrMqLqPb9agL76Q6vBgmeQHbOiJt3A1TJA1iYZOodVtJxWDBJxqifeqQ=
last-modified: Wed, 12 Jul 2023 11:10:17 GMT
server: nginx
etag: W/"d206181646ac818a7b40758443d95b1c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: evkfuByRGGe36gu67FavdNOS-MZysfp90jx2UE9grDPNLx6H5iJ7Yw==
expires: Fri, 12 Jul 2024 01:08:42 GMT

GET
H2 200 dynamic_widget.f97a9dd5.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame 9BA5 7 KB
2 KB 124ms
58ms Stylesheet
text/css 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

288fff604e9230d8cc7efeae7aa33898f38dc2c0aa6778b6e5478f8570738ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 00:55:24 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 8Q7JEPJTMNEFTADR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 417890
x-cache: Hit from cloudfront
x-amz-id-2: wVy4+L4JPF2s/iU/MDbXkDVEd0C8ePT95LKmRnL06T+hHHOCGrly0JFt6MDSbsMYKBixbkCTN04=
last-modified: Wed, 12 Jul 2023 11:10:17 GMT
server: nginx
etag: W/"9224d862a22a844b3932df3892df598b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: xFNSjjkSSQs-cxviZsasi_6qrhAJLFG1hMAFLSYmBdFCG0WquWT_UA==
expires: Sat, 13 Jul 2024 00:55:24 GMT

GET
H2 200 chunk-vendors.c1b35f39.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 9884 343 KB
128 KB 222ms
164ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.c1b35f39.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eae20b6a872c824d99168409e3da233d44beb889c6baafb4898fc92a9e839523

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 00:45:05 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: DPK91AESG773Y4AR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 764109
x-cache: Hit from cloudfront
x-amz-id-2: xUN8PJfhAH/SJvDM4shl2dJ/bAB2ZQf3TVFkbmsTQbkxF2+r1F3b4N6+VXuWBC+fqUnreuG4wRs=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"dc334a93bc85b932bf66934c28893460"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: Nvh0PjxDa8AJmYHREnquL8TCPfcMkIaXZ9vAnfUgPYdceiAe5IzdCQ==
expires: Tue, 09 Jul 2024 00:45:05 GMT

GET
H2 200 chunk-common.d2e21474.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 9884 32 KB
13 KB 121ms
63ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cef730d6893fbe68c977250c2b198d38ef2ec30da5973ffd4e8d871bb60ac0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 01:25:47 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 5QTVE3JDQN47YKK3
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 761667
x-cache: Hit from cloudfront
x-amz-id-2: Kk9UzK7XiDTIhmJSPrbYrZIKhKqI1hKhvEvenouFtT36+8Er39VAGnl5irU+P4vqmLqNKAIZWKc=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"d0485b9833256e032b623f3922f5faf6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: _IYlg01Zcl3FS7lnSeLUb66yOAbOH5ZxFwywlxXa38GilZtysrFsPw==
expires: Tue, 09 Jul 2024 01:25:47 GMT

GET
H2 200 dynamic_widget.9f2d2177.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 9884 8 KB
4 KB 113ms
55ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/dynamic_widget.9f2d2177.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a13d03a2be358a67f288e8bfd72865bbb0ae374ea185a98cbf3cf50f268e3fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 01:08:42 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: PHBBYFE2668WYRSD
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 503492
x-cache: Hit from cloudfront
x-amz-id-2: a9t0TcUMyATSv6e2FH/TrMqLqPb9agL76Q6vBgmeQHbOiJt3A1TJA1iYZOodVtJxWDBJxqifeqQ=
last-modified: Wed, 12 Jul 2023 11:10:17 GMT
server: nginx
etag: W/"d206181646ac818a7b40758443d95b1c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: jB8gCsaXxOOomwl76fgeQ5IZpg9slQnXOZZQwzPEkqIzdx4HQ7hICA==
expires: Fri, 12 Jul 2024 01:08:42 GMT

GET
H2 200 dynamic_widget.f97a9dd5.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame 9884 7 KB
2 KB 115ms
57ms Stylesheet
text/css 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

288fff604e9230d8cc7efeae7aa33898f38dc2c0aa6778b6e5478f8570738ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 00:55:24 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 8Q7JEPJTMNEFTADR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 417890
x-cache: Hit from cloudfront
x-amz-id-2: wVy4+L4JPF2s/iU/MDbXkDVEd0C8ePT95LKmRnL06T+hHHOCGrly0JFt6MDSbsMYKBixbkCTN04=
last-modified: Wed, 12 Jul 2023 11:10:17 GMT
server: nginx
etag: W/"9224d862a22a844b3932df3892df598b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: m7vdfYXfb8IowBm0mLW_5rQazNVem3xqII5-H7hJZEjLf8lxeE_CRw==
expires: Sat, 13 Jul 2024 00:55:24 GMT

POST
H3 403 version Show response
affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/ Frame 9BA5 134 B
149 B 124ms
124ms Fetch
text/html 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/version
Requested by: Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c996c0469ef05ff6fdd1f7cefbc3f7e109bb21969de42fcf591498a828a7ad5f

Request headers

Accept: application/json
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-cdn-vendor: gcp
x-cdn-cache: uncacheable
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
content-type: text/html; charset=UTF-8

GET
H2 200 chunk-vendors.c1b35f39.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 3BD3 343 KB
128 KB 186ms
138ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.c1b35f39.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

eae20b6a872c824d99168409e3da233d44beb889c6baafb4898fc92a9e839523

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 00:45:05 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: DPK91AESG773Y4AR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 764109
x-cache: Hit from cloudfront
x-amz-id-2: xUN8PJfhAH/SJvDM4shl2dJ/bAB2ZQf3TVFkbmsTQbkxF2+r1F3b4N6+VXuWBC+fqUnreuG4wRs=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"dc334a93bc85b932bf66934c28893460"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: IWKG-VrKLpUb--m3rynsVIng2h6noYJSPd_5e0fY0heMisG-Kcmr3w==
expires: Tue, 09 Jul 2024 00:45:05 GMT

GET
H2 200 chunk-common.d2e21474.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 3BD3 32 KB
13 KB 229ms
180ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cef730d6893fbe68c977250c2b198d38ef2ec30da5973ffd4e8d871bb60ac0c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 10 Jul 2023 01:25:47 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 5QTVE3JDQN47YKK3
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 761667
x-cache: Hit from cloudfront
x-amz-id-2: Kk9UzK7XiDTIhmJSPrbYrZIKhKqI1hKhvEvenouFtT36+8Er39VAGnl5irU+P4vqmLqNKAIZWKc=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"d0485b9833256e032b623f3922f5faf6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: PY_PSAsaoJTPCfUi-AX3OLNONnFpAqDDmFZRY9wUN0ZmIVZWGA7Ljg==
expires: Tue, 09 Jul 2024 01:25:47 GMT

GET
H2 200 dynamic_widget.9f2d2177.js Show response
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame 3BD3 8 KB
4 KB 229ms
181ms Script
text/javascript 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/dynamic_widget.9f2d2177.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a13d03a2be358a67f288e8bfd72865bbb0ae374ea185a98cbf3cf50f268e3fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 01:08:42 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: PHBBYFE2668WYRSD
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 503492
x-cache: Hit from cloudfront
x-amz-id-2: a9t0TcUMyATSv6e2FH/TrMqLqPb9agL76Q6vBgmeQHbOiJt3A1TJA1iYZOodVtJxWDBJxqifeqQ=
last-modified: Wed, 12 Jul 2023 11:10:17 GMT
server: nginx
etag: W/"d206181646ac818a7b40758443d95b1c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: GNTyPtsuG4r4HOoqmhx2nGhhEN2ts-GVJnsrFOEbgk0lo49BYnX3Sw==
expires: Fri, 12 Jul 2024 01:08:42 GMT

GET
H2 200 dynamic_widget.f97a9dd5.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame 3BD3 7 KB
2 KB 228ms
180ms Stylesheet
text/css 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

288fff604e9230d8cc7efeae7aa33898f38dc2c0aa6778b6e5478f8570738ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

Referer: https://affiliate.klook.com/
Origin: https://affiliate.klook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 00:55:24 GMT
content-encoding: gzip
via: 1.1 8ddb96aad88e511bfa9397674ed822f6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: 8Q7JEPJTMNEFTADR
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 417890
x-cache: Hit from cloudfront
x-amz-id-2: wVy4+L4JPF2s/iU/MDbXkDVEd0C8ePT95LKmRnL06T+hHHOCGrly0JFt6MDSbsMYKBixbkCTN04=
last-modified: Wed, 12 Jul 2023 11:10:17 GMT
server: nginx
etag: W/"9224d862a22a844b3932df3892df598b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: m3M3Q0lUvq70jlHJPX3eOKHAOBoQenaxplHHv8nzzHGLbY5bAwiNAg==
expires: Sat, 13 Jul 2024 00:55:24 GMT

POST
H3 403 version Show response
affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/ Frame 9884 134 B
149 B 125ms
125ms Fetch
text/html 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/version
Requested by: Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c996c0469ef05ff6fdd1f7cefbc3f7e109bb21969de42fcf591498a828a7ad5f

Request headers

Accept: application/json
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-cdn-vendor: gcp
x-cdn-cache: uncacheable
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
content-type: text/html; charset=UTF-8

POST
H3 403 version Show response
affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/ Frame 3BD3 134 B
149 B 126ms
125ms Fetch
text/html 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/version
Requested by: Host: affiliate.klook.com
URL: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c996c0469ef05ff6fdd1f7cefbc3f7e109bb21969de42fcf591498a828a7ad5f

Request headers

Accept: application/json
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
x-cdn-vendor: gcp
x-cdn-cache: uncacheable
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
content-type: text/html; charset=UTF-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 9884 229 KB
78 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70ad3add297964a804bf78d1b3ab8650041047670e6b2acf3c55a0db9fefad8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79741
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 21:00:14 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 9BA5 229 KB
78 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37b5507161c87c84f452e0102b793ebfdd03c46ea93f5fbe9aaa3ca8e6c69644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 21:00:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 825D 4 KB
728 B 1273ms
1140ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=280&slotname=6499359585&adk=1056236196&adf=2025191683&pi=t.ma~as.6499359585&w=1179&fwrn=4&fwrnh=100&lmt=1689684090&rafmt=1&format=1179x280&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013811&bpp=1&bdt=433&idt=325&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=74YLXMm6u4&p=https%3A//www.101dian.com&dtd=328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 19:16:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 21:00:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6544 4 KB
1 KB 1270ms
1139ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=200&slotname=6307787892&adk=2398210235&adf=2029293275&pi=t.ma~as.6307787892&w=1200&fwrn=4&lmt=1689684090&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013809&bpp=2&bdt=430&idt=297&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EpzQt1Thzz&p=https%3A//www.101dian.com&dtd=301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 19:15:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 21:00:15 GMT

GET
H3 200 cac0c864edda0087bf141d240f6ef92e.js Show response
www.gstatic.com/mysidia/ Frame 12BA 9 KB
4 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cac0c864edda0087bf141d240f6ef92e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=1032&slotname=7800036804&adk=1647789852&adf=1799527695&pi=t.ma~as.7800036804&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1689684090&rafmt=9&format=300x1032&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013813&bpp=1&bdt=435&idt=349&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200%2C1179x280&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1244&ady=1591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=b1rLE9x4Gi&p=https%3A//www.101dian.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3959
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 16:44:46 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 12BA 2 KB
926 B 1604ms
1480ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H3 200 f652c80daa37f9844d95f617d06cf859.js Show response
www.gstatic.com/mysidia/ Frame 12BA 22 KB
9 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f652c80daa37f9844d95f617d06cf859.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7f0f83e1774b0d910ef27ef2f90d0983c2b8b5e6674af853e35be3a21f75329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9294
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 17:56:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 12BA 23 KB
9 KB 1767ms
1755ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 12BA 3 KB
1 KB 1514ms
1502ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 12BA 20 KB
9 KB 1595ms
1472ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12BA 179 KB
57 KB 1235ms
1111ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 825D 2 KB
973 B 1566ms
1478ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 825D 23 KB
9 KB 1566ms
1479ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 825D 3 KB
1 KB 1578ms
1491ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 825D 20 KB
8 KB 1560ms
1474ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 825D 179 KB
56 KB 1853ms
1768ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:15 GMT

GET
H3 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 825D 33 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 16:44:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6544 2 KB
926 B 1837ms
1754ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:11:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/ Frame 6544 23 KB
9 KB 1585ms
1503ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:04:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6544 3 KB
1 KB 1563ms
1481ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 16:10:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/ Frame 6544 20 KB
8 KB 1557ms
1476ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230717/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:06:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8291
x-xss-protection: 0
server: cafe
etag: 17061476539903440100
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Aug 2023 17:06:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6544 179 KB
56 KB 1603ms
1522ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:15 GMT

GET
H3 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 6544 33 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 16:44:47 GMT

GET
DATA 200
OK truncated
/ Frame 6544 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 6544
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
108 KB

32ms
22ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:42:39 GMT
x-content-type-options: nosniff
age: 389857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 08:42:39 GMT

Redirect headers

date: Tue, 18 Jul 2023 19:41:01 GMT
x-content-type-options: nosniff
server: cafe
age: 4754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 19:41:01 GMT

GET
DATA 200
OK truncated
/ Frame 825D 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 825D
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

143ms
132ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:42:39 GMT
x-content-type-options: nosniff
age: 389857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Jul 2024 08:42:39 GMT

Redirect headers

date: Tue, 18 Jul 2023 19:41:01 GMT
x-content-type-options: nosniff
server: cafe
age: 4754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Aug 2023 19:41:01 GMT

GET
H3 200 experiments Show response
affiliate.klook.com/v2/usrcsrv/hit/ Frame 9884 30 KB
5 KB 1525ms
1524ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: ee08c2cd74b3dd1c9312b7c7b58dfc843069fb1d38cca913a9bfa52afcc73724

Request headers

Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2
X-Klook-Request-Id: fa613697-32e9-4fd0-aec2-d9ab0ca161b3
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: fa613697-32e9-4fd0-aec2-d9ab0ca161b3
x-cdn-cache: miss
accept-language: en_US
x-kong-proxy-latency: 0
x-klook-service-id: 01
x-kong-upstream-latency: 5
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currency: HKD
server: ReplaceHeaderValue
x-klook-version: 1
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
x-klook-lang: en_US

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3BD3 229 KB
78 KB 1155ms
1155ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd37c1ec19c5de17a1643f04dd6685a472e6676e8776ca5a2875950284b1ecb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 21:00:15 GMT

GET
H3 200 experiments Show response
affiliate.klook.com/v2/usrcsrv/hit/ Frame 9BA5 30 KB
5 KB 1799ms
1799ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: b26be828f78e7f97b2632563e906daf831519f1ee74318bd8b0174abe068fc92

Request headers

Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1
X-Klook-Request-Id: d3e7d1d1-0998-4f32-ada2-f137eaee5ca8
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 18 Jul 2023 21:00:16 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: d3e7d1d1-0998-4f32-ada2-f137eaee5ca8
x-cdn-cache: miss
accept-language: en_US
x-kong-proxy-latency: 0
x-klook-service-id: 01
x-kong-upstream-latency: 4
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currency: HKD
server: ReplaceHeaderValue
x-klook-version: 1
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
x-klook-lang: en_US

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9884 52 KB
21 KB 1165ms
1165ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6938
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 18 Jul 2023 21:04:37 GMT

GET
H3 200 experiments Show response
affiliate.klook.com/v2/usrcsrv/hit/ Frame 3BD3 30 KB
5 KB 1928ms
1928ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: b26be828f78e7f97b2632563e906daf831519f1ee74318bd8b0174abe068fc92

Request headers

Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3
X-Klook-Request-Id: 3d80bfc0-541b-4370-b941-e17935f9033e
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 18 Jul 2023 21:00:16 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: 3d80bfc0-541b-4370-b941-e17935f9033e
x-cdn-cache: miss
accept-language: en_US
x-kong-proxy-latency: 1
x-klook-service-id: 01
x-kong-upstream-latency: 3
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currency: HKD
server: ReplaceHeaderValue
x-klook-version: 1
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
x-klook-lang: en_US

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9BA5 52 KB
21 KB 1153ms
1153ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6938
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 18 Jul 2023 21:04:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 12BA 15 KB
16 KB 1516ms
358ms Image
image/webp 178.250.1.15
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23085032-0hGg7tT7.jpg&ups=1&v=3&w=800&s=VmKxhNCd6zesZNkiqOD2ny12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f988c05430bc94180ee7ca44b2016d4c4fc239583852c24370837bf7a5076b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 15810
expires: Mon, 24 Jul 2023 21:22:10 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/ 154 KB
52 KB 343ms
343ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/reactive_library_fy2021.js?bust=31076187

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eeb8eb2b0024edeab080d0515cfba1c6e79e5b64f97bac02923d7b20ff5f2978

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53493
x-xss-protection: 0
server: cafe
etag: 2130362327437532061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 21:00:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 9BA5 3 B
23 B 279ms
279ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1803580303&t=pageview&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fadid%3D670374%26lang%3D%26currency%3DVND%26cardh%3D126%26padding%3D92%26lgh%3D470%26edgevalue%3D655%26cid%3D-1%26tid%3D-1%26amount%3D6%26prod%3Ddynamic_widget%26uid%3D1&dr=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAEABAAAAACAEKC~&jid=1882310437&gjid=1145716159&cid=647755348.1689714016&tid=UA-86696233-5&_gid=88015015.1689714016&_r=1&_slc=1&gtm=45He37h0n81WNBGXWM&cd4=f99e922c-c766-4da3-987a-8fb4b5647027&cd1=647755348.1689714016&z=1253619305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliate.klook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliate.klook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 9884 3 B
23 B 276ms
276ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=497743335&t=pageview&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fadid%3D670374%26lang%3D%26currency%3DVND%26cardh%3D126%26padding%3D92%26lgh%3D470%26edgevalue%3D655%26cid%3D-1%26tid%3D-1%26amount%3D6%26prod%3Ddynamic_widget%26uid%3D2&dr=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=268x150&je=0&_u=QACAAEABAAAAACAEKC~&jid=&gjid=&cid=647755348.1689714016&tid=UA-86696233-5&_gid=88015015.1689714016&_slc=1&gtm=45He37h0n81WNBGXWM&cd4=f99e922c-c766-4da3-987a-8fb4b5647027&cd1=647755348.1689714016&z=1311384524

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliate.klook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliate.klook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3BD3 52 KB
21 KB 267ms
267ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6939
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 18 Jul 2023 21:04:37 GMT

GET
DATA 200
OK truncated
/ Frame 825D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e95ac4c9dffbf3cfa1291a084ef6b5e79c3ad987cbd9b55119249377a86b0ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 12BA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77c7df604af10e3224e859b9a09a937b839aef044f84155ed7052197e75f4a7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dynamic Show response
affiliate.klook.com/v3/affsrv/ads/widget/ Frame 9884 27 KB
5 KB 1326ms
1326ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/widget/dynamic?adid=670374
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: 60a81baa96a8bf17d10a6839db65923d49d337f6fae8649464d636f88bc5aa8d

Request headers

X-Klook-Request-Id: 1c4959ca-4884-460c-a28a-ecb0b1fadf3f
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2
X-Klook-Tint: []

Response headers

date: Tue, 18 Jul 2023 21:00:17 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: 1c4959ca-4884-460c-a28a-ecb0b1fadf3f
server: ReplaceHeaderValue
x-cdn-cache: miss
x-kong-proxy-latency: 1
vary: Accept-Encoding
content-type: application/json
x-kong-upstream-latency: 1039
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 6544 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62014fd8f1d39de9a60dff3b831843919bc998e7446a7b912ecb3f41fe966fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 3BD3 3 B
23 B 257ms
257ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1651165528&t=pageview&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fadid%3D670374%26lang%3D%26currency%3DVND%26cardh%3D126%26padding%3D92%26lgh%3D470%26edgevalue%3D655%26cid%3D-1%26tid%3D-1%26amount%3D6%26prod%3Ddynamic_widget%26uid%3D3&dr=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=1509x150&je=0&_u=QICAAEABAAAAACAEKC~&jid=&gjid=&cid=647755348.1689714016&tid=UA-86696233-5&_gid=88015015.1689714016&_slc=1&gtm=45He37h0n81WNBGXWM&cd4=f99e922c-c766-4da3-987a-8fb4b5647027&cd1=647755348.1689714016&z=1788491197

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://affiliate.klook.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://affiliate.klook.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lgn.php
cat.nl3.eu.criteo.com/delivery/ Frame 12BA 43 B
348 B 86ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=qmUJQr9l8LIDFBl1bc1JjgewknWn1yfMVKrdmHwy1gnKYZqRSQhblsApfNtjqcAFEd5Itapy3WzwV1lW_wL150tEgBWEPG61ye21p09xQEv26DEPYRM_M_6MZcguOoJO8uc36SSPsM173qsWve-c7Ojq14MNWC5rQA1r90fVEqeetkRUFROjgSIwnhehNu8zQIoYhFlTi4adQUr7GoXtji7r6kTCPvj4Rvpeta7KqFqR0Cgp79FezVBdiPJxpSjX_kPKkLLZqGtbaXp4eXW0S8A3bntYCZh3dQQI0UP_C20eFLzi4AaKzO8RtIkPFjz5-9NVyJGpNrue48X3M1PUNp-lB_X7UW1aUDyP4PmAP_XFnPddgELoHxaZtyfyYKBLLb5TaYHV-YkFYWHVtRXIPA9Ory-ieGQ82CInYx8ONYWnh3x8&z=ZLb9XgAEE-AD58Y3AAaAfgHE-UfDkwWfw-7Qvw&cbvp=2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:16 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1572817
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 12BA 0
126 B 123ms
36ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EIrGMAAAnYNiAgIAAAAlIDHgkGtCgBBe_bZk49CDz3SiF51cBAAAEgMBCgpBUVVCQVFFQkFR&wp=ZLb9XgAEE-AD58Y3AAaAfgHE-UfDkwWfw-7Qvw&cbvp=2

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:15 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 175517
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 12BA 0
23 B 61ms
61ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb6DFXv22ZOCnELeMn88P_oCayA3JntKxXNWdkfdwwI23ARABIABglaqwgrgHggEXY2EtcHViLTEyNTYxNzAwODk4NDA5MTLIAQmpAvzg-4ke1LI-qAMBqgT3AU_QXbEblF4BK1fF2-6NlnZb1aFjPKuhDMgetwmExRv1rGcKbJXPkQ-xfWuHQ-xL0RtTN-87IYW5lsnSzsW6S7erzh8dOHDF_izV7sj7c0Qf8Mf7CHXhP0KMsL2w6nRXHruStWxwdcjlsIfVMwV7fb9gwB8tAp_0lHEW2uVD0jGwkyGVJgxbxceUhBUAq-Dv_Rc25fPVX30ovWEXo5ZjqRlgi4XbF5wRXaxtxosN_qlL9I32A2c-CJG-vvhLKyoIa6VLeJS31tu_spr23NB0jDLleLY_rpxmIJlCC0pDfMRElROSqMxwUeWI2-yMf2VjK9RWJnJ7cWCABuXxipHSsbCikwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTI1NjE3MDA4OTg0MDkxMhgA&sigh=t3jcUaUIGvI&uach_m=[UACH]&cid=CAQSGwBpAlJW0_TPVi-WWe9j-4W_J3N9PlrHdT6KVRgB&vt=10&cbvp=2&vis=1

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=1032&slotname=7800036804&adk=1647789852&adf=1799527695&pi=t.ma~as.7800036804&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1689684090&rafmt=9&format=300x1032&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013813&bpp=1&bdt=435&idt=349&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200%2C1179x280&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1244&ady=1591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=b1rLE9x4Gi&p=https%3A//www.101dian.com&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 21:00:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 12BA 0
23 B 64ms
64ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9lxZXv22ZOCnELeMn88P_oCayA3JntKxXNWdkfdwwI23ARABIABglaqwgrgHggEXY2EtcHViLTEyNTYxNzAwODk4NDA5MTLIAQmpAvzg-4ke1LI-qAMByAMCqgT3AU_QXbEblF4BK1fF2-6NlnZb1aFjPKuhDMgetwmExRv1rGcKbJXPkQ-xfWuHQ-xL0RtTN-87IYW5lsnSzsW6S7erzh8dOHDF_izV7sj7c0Qf8Mf7CHXhP0KMsL2w6nRXHruStWxwdcjlsIfVMwV7fb9gwB8tAp_0lHEW2uVD0jGwkyGVJgxbxceUhBUAq-Dv_Rc25fPVX30ovWEXo5ZjqRlgi4XbF5wRXaxtxosN_qlL9I32A2c-CJG-vvhLKyoIa6VLeJS31tu_spr23NB0jDLleLY_rpxmIJlCC0pDfMRElROSqMxwUeWI2-yMf2VjK9RWJnJ7cWCABuXxipHSsbCikwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTI1NjE3MDA4OTg0MDkxMhgA&sigh=vc4tF-1XZnE&uach_m=[UACH]&cid=CAQSGwBpAlJW0_TPVi-WWe9j-4W_J3N9PlrHdT6KVRgB&cbvp=2&vis=1

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=1032&slotname=7800036804&adk=1647789852&adf=1799527695&pi=t.ma~as.7800036804&w=300&cr_col=1&cr_row=13&fwrn=2&lmt=1689684090&rafmt=9&format=300x1032&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013813&bpp=1&bdt=435&idt=349&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200%2C1179x280&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1244&ady=1591&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=b1rLE9x4Gi&p=https%3A//www.101dian.com&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 21:00:16 GMT

GET
H3 200 dynamic Show response
affiliate.klook.com/v3/affsrv/ads/widget/ Frame 9BA5 27 KB
5 KB 1339ms
1338ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/widget/dynamic?adid=670374
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: c01b07adfd0d7e2b1a06c7a33a21c7fc82e8987d33c93caf630ed9f0c22f9bb4

Request headers

X-Klook-Request-Id: 59b7cea5-fa4c-4750-b8df-beb2d74edce6
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1
X-Klook-Tint: []

Response headers

date: Tue, 18 Jul 2023 21:00:17 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: 59b7cea5-fa4c-4750-b8df-beb2d74edce6
server: ReplaceHeaderValue
x-cdn-cache: miss
x-kong-proxy-latency: 1
vary: Accept-Encoding
content-type: application/json
x-kong-upstream-latency: 40
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6544 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 328184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 01:50:32 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 825D 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 01:50:32 GMT
x-content-type-options: nosniff
age: 328184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 01:50:32 GMT

GET
H3 200 dynamic Show response
affiliate.klook.com/v3/affsrv/ads/widget/ Frame 3BD3 27 KB
5 KB 1533ms
1533ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/widget/dynamic?adid=670374
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: d7a5590ca36b9919eb2d766b496df97e34ad8216a1f469147f1d7b22588f0147

Request headers

X-Klook-Request-Id: 7251dba7-f34c-48b6-921c-60d911d0189b
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=utf-8
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3
X-Klook-Tint: []

Response headers

date: Tue, 18 Jul 2023 21:00:18 GMT
content-encoding: gzip
via: 1.1 google
x-klook-request-id: 7251dba7-f34c-48b6-921c-60d911d0189b
server: ReplaceHeaderValue
x-cdn-cache: miss
x-kong-proxy-latency: 0
vary: Accept-Encoding
content-type: application/json
x-kong-upstream-latency: 37
x-cdn-vendor: gcp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6544 0
19 B 68ms
67ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcGprXv22ZIzyDK38n88Ph9qIsAzNqtvGbZG87MGoDOqf3KDUARABIJP50UBglaqwgrgHoAGwuqHXA8gBCakC_OD7iR7Usj6oAwHIA8sEqgSDAk_QiFSN7NctDmyUOxO3R0IDUvSglB0NyAtKxo0o38H-96XdTu8_WLEaW8VFNCmzsaZ65cHJqXKb6MDDpo1_RKEOWalquKF8SSr58IyzD2DkD3rsGpd0ZZZ2UNOnwLd9dSxeU19p0TW1Gov30LVoEFwB3aW32bxKqp33P5lPO-ohOssmRHltRmmCbBIOPthjUi6jr7IoZonrwrrewsSZdYIAxiBvLTK-o5hBpWHFNOGlF5PjytrKpvsVNcFzYPMPPbT7sVNW9zhQabBBDYOAJHm7DNh4VLzcBCCb61-w-WhtA7o4FIim0yBuzQQhBWmoAnGD5QwtTgvCdXqVudgEPOOB0TfABOHf4sqOA5IFBAgEGAGSBQQIBRgEoAYugAe_2b1gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEOamFtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMTI1NjE3MDA4OTg0MDkxMhgA&sigh=MRrZkd2PQVs&uach_m=[UACH]&cid=CAQSGwBpAlJWScWpRQ7W5b8vewlxDtsou0dV8cBydhgB&template_id=494&cbvp=2&vis=1

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=200&slotname=6307787892&adk=2398210235&adf=2029293275&pi=t.ma~as.6307787892&w=1200&fwrn=4&lmt=1689684090&rafmt=11&format=1200x200&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013809&bpp=2&bdt=430&idt=297&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=97&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EpzQt1Thzz&p=https%3A//www.101dian.com&dtd=301
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C49 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14623
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:57:12 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 825D 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZfOMXv22ZLTJCsv_tgf49a_oAs2q28ZtkbzswagM6p_coNQBEAEgk_nRQGCVqrCCuAegAbC6odcDyAEJqQL84PuJHtSyPqgDAcgDywSqBIMCT9AcornFnUUIQnWkumMcxvJzQ8XKs0aDv_RO1YRwVX4yJyjRTNpJtWxS7Nv85IiLq-jOEoPnHTCWIR4axZ-5MbQ5cnFITfryxx-0ke2XB_cmuNz-p1ovqJ9cyuA_iZwaog1XS4-8Ux95J4RG4lgmnY9pgrqaC_3Bbdx9mt_68m419neqi_F3c_-wlCqINzcMDFeKzomwYT-iBCo0kEJbteruTaPzebIdpgAMIFht_eMiCfq_Au5Y2W0VjL4bi5MwUTgdqzxUeQSkETcBvo7GYD5xRFTfV_smbbpq-3X5hKfvB-UHeO3JcGDVHWR0pE6B4rMcJMl56ouvHHZobLv9GZtO6MAE4d_iyo4DkgUECAQYAZIFBAgFGASgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ1JcL0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOoAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0xMjU2MTcwMDg5ODQwOTEyGAA&sigh=ATteWTHsU9s&uach_m=[UACH]&cid=CAQSGwBpAlJWzfY9PI9PscnYQes_17bHYUeDxGyggxgB&template_id=494&cbvp=2&vis=1

Requested by

Host: www.101dian.com
URL: https://www.101dian.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-1256170089840912&output=html&h=280&slotname=6499359585&adk=1056236196&adf=2025191683&pi=t.ma~as.6499359585&w=1179&fwrn=4&fwrnh=100&lmt=1689684090&rafmt=1&format=1179x280&url=https%3A%2F%2Fwww.101dian.com%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689714013811&bpp=1&bdt=433&idt=325&shv=r20230717&mjsv=m202307170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x200&nras=1&correlator=777978380621&frm=20&pv=1&ga_vid=1308830312.1689714014&ga_sid=1689714014&ga_hid=648486857&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=56&ady=1550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31076187%2C44788442&oid=2&pvsid=1238137384023767&tmod=1261267934&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=74YLXMm6u4&p=https%3A//www.101dian.com&dtd=328
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 18 Jul 2023 21:00:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230717&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34a062385dc21c7a225a03f114769cfb2690e98e94b1548817b3835cd735f271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11757
x-xss-protection: 0

GET
H3 200 cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js Show response
pagead2.googlesyndication.com/bg/ Frame F842 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14623
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:57:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 21:00:16 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6871 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 16:23:57 GMT
expires: Wed, 17 Jul 2024 16:23:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BCEE 783 B
968 B 32ms
31ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ddd145d355c65d847e682f25b75b89501e85c006bd6e195358ee83813df0a8cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-458uYyaIBcwpdkMnsBJ-Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.101dian.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-458uYyaIBcwpdkMnsBJ-Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 21:00:16 GMT
expires: Tue, 18 Jul 2023 21:00:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6871 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cHXiv2Zk-prJL7FgPqrpMWRmFmfvuFMWFBKWE-bwhsU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14623
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:57:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BCEE 0
0 55ms
55ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230717&jk=1238137384023767&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6871 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?78Z1Hg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 37ms
36ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-GPEQTE607G&v=3&t=t&pid=1050914608&cv=2&rv=37h0&tc=12&es=1&e=gtm.load&eid=4&u=AgAAAAAAAAAAACAAAAAAAAE&ut=Ag&h=Ag&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 21:00:17 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230717&jk=1238137384023767&bg=!4-Cl4LTNAAa3SiIRl0o7ADkAdvg8Wpi6Se5eACib1nsiO8tLpgPtfitKszafeSnZaoh1g6AeAEhg0fvM3ahGS2IZmJHqjuJk2ZkCAAAASFIAAAAbaAEHmQKm8A7F0itKumUJp6zPrzbyib4cX0kHoBzktJbZNLp41GDANDk_pSnOOGPd7qJKmud_O-De-In9qLb1zWcSUhKu3JE0gN84CxBjzSq4_TJNzVLe7MlZ_iFlH0Al4L5QX-QClqbIaZlv-hgqrRZmGufqOcc7kPXrfab8C2RdIo7tt5473N14MONEmKvnk1-I6VY-VD_rtbKEk9OgDWEN-7fY4Sy4YDikiD4NUkE8FHXMboUqvCUAfsnEolt_BnxnDnHYh5OILn9dh4bLi5Dn_aZs6M8-ZEnMERTPVmgBhqehKbj885BxPUshe7z1YYTPb_FO0DXKYnOYtX2agZSsgM2VqAvNH514euG78Q5Gd_5_GzNyG40z599MQlZO2U8vhoNYXa18MoxgOT0NVC0VRUc_X6xSDMycMWMr2E2_Ku-7rQS9uocmm2wK2VG21O1-FZ_i7hHHX4GEX5qAhGKZDYTPDl4xA_chzXwf0wkKSZvhgD9ANtp67uLNYm2V-alpfAvqDXHIdIPVOGX2pXXkYautTJCuaMjS5Cj6DYFI2JlOcm1i_qfcPqy7TOPwGwr2fDvs6JgKn8Iba-cOqDXaXXPFb4_ZgMkiG8fVPCtqxHm1QFLl0BLVIi20HbygevEHPkByHK3IOCAmlxT4eJe3zGbCiLxXoWg0nI3ugiFtqc2bfOGjpmBLeaHZv-lp-Y3tiOyYLCsPFuk2Jr_yg80JsPOrHHKU_rq69fISME-erIgEM8yQaSR8AbwSED5GcINAIrUWaQAFgmYQyP0l343LN0VWF7qiLh5PSW1IMfSqiMvGGcUTeST6HFu92tGKHiG_VzORHHaLzxLQcaolUusypEzKjVrcMPn5rwwb17Qe9C1NWGTKeNyGlnQm2Yczq_l2113EMuez5Gjm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.101dian.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

OPTIONS
H2 200 web
log.klook.com/v2/frontlogsrv/log/ Frame 0
0 994ms
912ms Preflight 34.111.170.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.klook.com/v2/frontlogsrv/log/web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.170.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-deviceid,x-platform
Access-Control-Request-Method: POST
Origin: https://affiliate.klook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 18 Jul 2023 21:00:18 GMT
via: 1.1 google
x-cdn-vendor: gcp

POST web
log.klook.com/v2/frontlogsrv/log/ Frame 9884 0
0

POST
H3 200 event Show response
affiliate.klook.com/v3/affsrv/ads/ Frame 9884 70 B
92 B 293ms
293ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/event
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id: 2200e093-78e8-4e42-8ac5-4718db7b5d14
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=UTF-8
X-iframe-Data: {"type":4,"data":""}
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=2

Response headers

date: Tue, 18 Jul 2023 21:00:17 GMT
via: 1.1 google
x-klook-request-id: 2200e093-78e8-4e42-8ac5-4718db7b5d14
server: ReplaceHeaderValue
x-cdn-cache: uncacheable
x-kong-proxy-latency: 0
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-kong-upstream-latency: 1
x-cdn-vendor: gcp
access-control-allow-headers: Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
content-length: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jn7yizdbzpizxkwnqshi.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 9884 30 KB
31 KB 119ms
46ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/jn7yizdbzpizxkwnqshi.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

75375eabbe9d3106b0d1bfb4f9fcaff78ef0691c58edb3ffaab1e635b25a49dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 10:19:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5395274
x-cache: Hit from cloudfront
content-length: 31163
last-modified: Fri, 10 Feb 2023 15:05:16 GMT
server: Cloudinary
etag: "986ca044b8336edff9e6bdf22d2f5102"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5d6t1IxHOACGfaSRWa3JSDP0vxl1GG8kvlJg5jNYDPk6WrHclNUjeg==

GET
H2 200 discount_tag.e0e3de40.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 9884 951 B
1 KB 61ms
59ms Image
image/svg+xml 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag.e0e3de40.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 00:28:15 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: M7VWAJKRF56CA780
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 73922
x-cache: Hit from cloudfront
x-amz-id-2: i6+7qQVxQ1FHWYjoECuiz7gf1SxZZXkOtuB1TKThVRU5jOmt2CqO3p9PLhtwoIJGHYL0FB9TIxw=
last-modified: Mon, 17 Jul 2023 02:35:32 GMT
server: nginx
etag: W/"73fe4f4789c649448f50bd8cd7c33443"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: PVOkUb2uIsr0FDCfG7i5N5HjJMrt6HUCH9Z4XkIu74T9Fm_QhzBSyg==
expires: Wed, 17 Jul 2024 00:28:15 GMT

GET
H2 200 discount_tag_2.69d9dac9.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 9884 945 B
1 KB 59ms
57ms Image
image/svg+xml 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag_2.69d9dac9.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 00:25:15 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: ER5NKG0D91P26Z3C
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 678902
x-cache: Hit from cloudfront
x-amz-id-2: oIsUGRzyCOh8/6ErnAGxV0DyeqSVdehdP8zlGP4Nd0iP95wT7qSpJZXK2MJjQWyjgOexqe8fu9g=
last-modified: Mon, 10 Jul 2023 09:20:58 GMT
server: nginx
etag: W/"0ecccb9ccb594c2f50986543a7b41596"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ZzRwtWtCux7IXLDTA6x1db3dFe7wOHyRQmnb-6xg7wqhRfv5-LJL8A==
expires: Wed, 10 Jul 2024 00:25:15 GMT

GET
H2 200 score_horn.c3c4b90e.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 9884 273 B
806 B 64ms
63ms Image
image/svg+xml 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/score_horn.c3c4b90e.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:50 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: AFKEB7J49BR8ZYV8
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 850767
x-cache: Hit from cloudfront
x-amz-id-2: Yj+Wm3PWl8byjMBjjUQINil4AiXgJ0LO1yEIUkqot1azP/e6WxuokoWyqx/rRaAGRGqJmdfY24c=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"285c40b4f2b0100e2ac64ad32549ac8f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: Yi-uKQFZuJt9f9tU0JOgMmvskhWkdHbXR3cieQdYmuFbtd7ncAO6Eg==
expires: Mon, 08 Jul 2024 00:40:50 GMT

GET
H2 200 f1987451-Macau-TurboJet.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 9884 36 KB
36 KB 99ms
27ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/f1987451-Macau-TurboJet.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f762af1e5a62c876a520c7dfe5983a233fc98cda43ee405c6e4444a8be4ea1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:32:36 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 7176461
x-cache: Hit from cloudfront
content-length: 36676
last-modified: Wed, 11 Jan 2023 09:26:15 GMT
server: Cloudinary
etag: "def5dec19c98b34d03a3d63f7fbade83"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6f-JmLapmNbgrDpMYNUdS_bP39aMEp7_yLXc4ySfiBrOHGlRDUXbBg==

GET
H2 200 eogmmkjoibsj1suqvj9i.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 9884 39 KB
40 KB 130ms
58ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/eogmmkjoibsj1suqvj9i.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

149bb380b64201bf08dede77b817b6a97dac56ce63403e396a80de9ca7b72c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:24:33 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5772944
x-cache: Hit from cloudfront
content-length: 40213
last-modified: Thu, 01 Jul 2021 06:11:52 GMT
server: Cloudinary
etag: "36fb406ee23a30b0625ee4d663d2b1af"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xhy1Lws3ceIkvEUZAB6WP1OYygPnMOyz4-rKB_q_yiAwODF8htbYfQ==

GET
H2 200 mcrvwxqphedql57adfbh.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 9884 26 KB
26 KB 95ms
23ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mcrvwxqphedql57adfbh.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f34b517035a5f8577f753ca9907f5130cd12c7cbb002fa44ee74619ea03406f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 09:12:07 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5399290
x-cache: Hit from cloudfront
content-length: 26503
last-modified: Tue, 21 Feb 2023 08:45:20 GMT
server: Cloudinary
etag: "2729aebd6ef5a8a69fb6e8ce84ba88f8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2JrLTFkFz-OkVPJelGyqBqDSs1457bdJMj-VQWhoI9pcPF_p4fkrFA==

GET
H2 200 xt0lfiig3twuxskoyveb.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 9884 30 KB
30 KB 143ms
72ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/xt0lfiig3twuxskoyveb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

da95e7a3e12eba1ff645ed3006739e4254c45c8ebfbbb890fc9b4183c0c31787

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 20 May 2023 01:17:39 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5168558
x-cache: Hit from cloudfront
content-length: 30332
last-modified: Tue, 13 Jul 2021 18:33:22 GMT
server: Cloudinary
etag: "5932068f2233689cd965ac967db9f4e2"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gfR14-tMxzkIH5nFPXVVkG7w63DjVjF_ddkBtAJ6RlG1pMG4f9QC9g==

GET
H2 200 uufmft3cuhp4ml6gop1m.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 9884 33 KB
34 KB 138ms
67ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/uufmft3cuhp4ml6gop1m.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

52f1be9cf30e226c36fcea7b1fa26f74ad5cf7affea254a08b85385f8754e3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 12:47:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 7805594
x-cache: Hit from cloudfront
content-length: 33764
last-modified: Wed, 25 Aug 2021 06:03:26 GMT
server: Cloudinary
etag: "037e514685912ede3f7605280107a477"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Dh8u4vPo3jknPe5Udv6C8n3thqN3f7q4R-232EWCmmyExr9mKLrifQ==

GET
H3 200 collect
www.google-analytics.com/ Frame 9884 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=497743335&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fadid%3D670374%26lang%3D%26currency%3DVND%26cardh%3D126%26padding%3D92%26lgh%3D470%26edgevalue%3D655%26cid%3D-1%26tid%3D-1%26amount%3D6%26prod%3Ddynamic_widget%26uid%3D2&dr=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=268x150&je=0&ec=My%20Ads&ea=Affiliate%20Ad%20Impression&el=Dynamic%20Widget%20TTD&_u=SICAAEABAAAAACAEKC~&jid=&gjid=&cid=647755348.1689714016&tid=UA-86696233-5&_gid=88015015.1689714016&gtm=45He37h0n81WNBGXWM&cd4=f99e922c-c766-4da3-987a-8fb4b5647027&cd5=&cd6=670374&cd7=34191&cd1=647755348.1689714016&z=51260477

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 20:27:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6544 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOaDutUyy0iK4w8YTMYLFDAojxPdz-7GVDnP6ZMKiWg6VqoPfL3UifvkRVTjZFwrQJWVQyqXANqP0uyrv4SNtQEkx2X6S1WHjgP7tsyG4ztkJII7y00RwN7HUix2Kwm2UHSHY4aT6MaHpF&sai=AMfl-YSL2W0cXKpFiubBz3f91jn7EwTSZYg9MQe3JAeKg-kvy2lqk98EQzYR3JCbbo0psbHi2BB_WrVDAnPS&sig=Cg0ArKJSzJoiIX7v43UaEAE&cid=CAQSGwBpAlJWScWpRQ7W5b8vewlxDtsou0dV8cBydhgB&id=lidar2&mcvt=1000&p=0,0,200,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2398210235&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689714014111&rpt=2604&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 web
log.klook.com/v2/frontlogsrv/log/ Frame 0
0 917ms
917ms Preflight 34.111.170.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.klook.com/v2/frontlogsrv/log/web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.170.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-deviceid,x-platform
Access-Control-Request-Method: POST
Origin: https://affiliate.klook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 18 Jul 2023 21:00:18 GMT
via: 1.1 google
x-cdn-vendor: gcp

POST web
log.klook.com/v2/frontlogsrv/log/ Frame 9BA5 0
0

POST
H3 200 event Show response
affiliate.klook.com/v3/affsrv/ads/ Frame 9BA5 70 B
92 B 289ms
289ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/event
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id: 51b059be-f889-48c8-a2fa-326d9cfe9f3f
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=UTF-8
X-iframe-Data: {"type":4,"data":""}
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=1

Response headers

date: Tue, 18 Jul 2023 21:00:18 GMT
via: 1.1 google
x-klook-request-id: 51b059be-f889-48c8-a2fa-326d9cfe9f3f
server: ReplaceHeaderValue
x-cdn-cache: uncacheable
x-kong-proxy-latency: 0
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-kong-upstream-latency: 1
x-cdn-vendor: gcp
access-control-allow-headers: Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
content-length: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 collect
www.google-analytics.com/ Frame 9BA5 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1803580303&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fadid%3D670374%26lang%3D%26currency%3DVND%26cardh%3D126%26padding%3D92%26lgh%3D470%26edgevalue%3D655%26cid%3D-1%26tid%3D-1%26amount%3D6%26prod%3Ddynamic_widget%26uid%3D1&dr=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=&je=0&ec=My%20Ads&ea=Affiliate%20Ad%20Impression&el=Dynamic%20Widget%20TTD&_u=aMDAAEABAAAAACAEKC~&jid=&gjid=&cid=647755348.1689714016&tid=UA-86696233-5&_gid=88015015.1689714016&gtm=45He37h0n81WNBGXWM&cd4=f99e922c-c766-4da3-987a-8fb4b5647027&cd5=&cd6=670374&cd7=34191&cd1=647755348.1689714016&z=1341171641

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 20:27:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1951
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 web
log.klook.com/v2/frontlogsrv/log/ Frame 0
0 905ms
905ms Preflight 34.111.170.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.klook.com/v2/frontlogsrv/log/web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.170.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-deviceid,x-platform
Access-Control-Request-Method: POST
Origin: https://affiliate.klook.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 18 Jul 2023 21:00:18 GMT
via: 1.1 google
x-cdn-vendor: gcp

POST web
log.klook.com/v2/frontlogsrv/log/ Frame 3BD3 0
0

POST
H3 200 event Show response
affiliate.klook.com/v3/affsrv/ads/ Frame 3BD3 70 B
92 B 295ms
295ms XHR
application/json 34.149.108.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://affiliate.klook.com/v3/affsrv/ads/event
Requested by: Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 21.108.149.34.bc.googleusercontent.com
Software: ReplaceHeaderValue /
Resource Hash: dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id: a21e50cf-fbec-4408-b2be-7201a60380f6
accept-language: de-DE,de;q=0.9
X-Klook-Kepler-Id: f99e922c-c766-4da3-987a-8fb4b5647027
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json; charset=UTF-8
X-iframe-Data: {"type":4,"data":""}
Accept: application/json, text/javascript
Referer: https://affiliate.klook.com/widget/render?adid=670374&lang=&currency=VND&cardh=126&padding=92&lgh=470&edgevalue=655&cid=-1&tid=-1&amount=6&prod=dynamic_widget&uid=3

Response headers

date: Tue, 18 Jul 2023 21:00:18 GMT
via: 1.1 google
x-klook-request-id: a21e50cf-fbec-4408-b2be-7201a60380f6
server: ReplaceHeaderValue
x-cdn-cache: uncacheable
x-kong-proxy-latency: 0
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
x-kong-upstream-latency: 2
x-cdn-vendor: gcp
access-control-allow-headers: Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
content-length: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jn7yizdbzpizxkwnqshi.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 3BD3 30 KB
31 KB 20ms
20ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/jn7yizdbzpizxkwnqshi.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

75375eabbe9d3106b0d1bfb4f9fcaff78ef0691c58edb3ffaab1e635b25a49dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 10:19:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5395275
x-cache: Hit from cloudfront
content-length: 31163
last-modified: Fri, 10 Feb 2023 15:05:16 GMT
server: Cloudinary
etag: "986ca044b8336edff9e6bdf22d2f5102"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KHKKCXYc0tQ3wszoHouwkzLh-FC1vF6gmfN3aZSf16b3bpGsHgemsQ==

GET
H2 200 discount_tag.e0e3de40.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 3BD3 951 B
1 KB 61ms
60ms Image
image/svg+xml 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag.e0e3de40.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 00:28:15 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: M7VWAJKRF56CA780
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 73923
x-cache: Hit from cloudfront
x-amz-id-2: i6+7qQVxQ1FHWYjoECuiz7gf1SxZZXkOtuB1TKThVRU5jOmt2CqO3p9PLhtwoIJGHYL0FB9TIxw=
last-modified: Mon, 17 Jul 2023 02:35:32 GMT
server: nginx
etag: W/"73fe4f4789c649448f50bd8cd7c33443"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ZRX7mQj_DfG3c9Pjaha3Eg9Atirqat-guFzWhKOn1g51jOy6LXTMYg==
expires: Wed, 17 Jul 2024 00:28:15 GMT

GET
H2 200 discount_tag_2.69d9dac9.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 3BD3 945 B
1 KB 58ms
57ms Image
image/svg+xml 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag_2.69d9dac9.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 00:25:15 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: ER5NKG0D91P26Z3C
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 678903
x-cache: Hit from cloudfront
x-amz-id-2: oIsUGRzyCOh8/6ErnAGxV0DyeqSVdehdP8zlGP4Nd0iP95wT7qSpJZXK2MJjQWyjgOexqe8fu9g=
last-modified: Mon, 10 Jul 2023 09:20:58 GMT
server: nginx
etag: W/"0ecccb9ccb594c2f50986543a7b41596"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: srmOXDN8UHTruCZ18cADuWa469Yx9n2dy_Kw9QNjg1bIjeh3R6FNmQ==
expires: Wed, 10 Jul 2024 00:25:15 GMT

GET
H2 200 score_horn.c3c4b90e.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame 3BD3 273 B
808 B 66ms
65ms Image
image/svg+xml 2600:9000:2611:f200:1b:29b:ed80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/score_horn.c3c4b90e.svg

Requested by

Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:f200:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 00:40:50 GMT
content-encoding: gzip
via: 1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-amz-request-id: AFKEB7J49BR8ZYV8
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
age: 850768
x-cache: Hit from cloudfront
x-amz-id-2: Yj+Wm3PWl8byjMBjjUQINil4AiXgJ0LO1yEIUkqot1azP/e6WxuokoWyqx/rRaAGRGqJmdfY24c=
last-modified: Fri, 07 Jul 2023 09:32:26 GMT
server: nginx
etag: W/"285c40b4f2b0100e2ac64ad32549ac8f"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: xNilKdOUf1GdNPUQmV-5FWfQVAPluZQSgjQJiAvqNCdFNU4TwfDHfg==
expires: Mon, 08 Jul 2024 00:40:50 GMT

GET
H2 200 f1987451-Macau-TurboJet.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 3BD3 36 KB
36 KB 22ms
21ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/f1987451-Macau-TurboJet.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f762af1e5a62c876a520c7dfe5983a233fc98cda43ee405c6e4444a8be4ea1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 19:32:36 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 7176462
x-cache: Hit from cloudfront
content-length: 36676
last-modified: Wed, 11 Jan 2023 09:26:15 GMT
server: Cloudinary
etag: "def5dec19c98b34d03a3d63f7fbade83"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: R87r4aNGK7KhwqTVKEDuAudskMuKLmxGiJ_W2DWhRzKtG10pn5bm9A==

GET
H2 200 eogmmkjoibsj1suqvj9i.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 3BD3 39 KB
40 KB 25ms
24ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/eogmmkjoibsj1suqvj9i.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

149bb380b64201bf08dede77b817b6a97dac56ce63403e396a80de9ca7b72c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 13 May 2023 01:24:33 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5772945
x-cache: Hit from cloudfront
content-length: 40213
last-modified: Thu, 01 Jul 2021 06:11:52 GMT
server: Cloudinary
etag: "36fb406ee23a30b0625ee4d663d2b1af"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: qTG57DU83L7oXKSEnVZyO4By04_wywQ8QjBCMSypb7EBp4mJ6z5GRQ==

GET
H2 200 mcrvwxqphedql57adfbh.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 3BD3 26 KB
26 KB 28ms
27ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mcrvwxqphedql57adfbh.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f34b517035a5f8577f753ca9907f5130cd12c7cbb002fa44ee74619ea03406f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 17 May 2023 09:12:07 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5399291
x-cache: Hit from cloudfront
content-length: 26503
last-modified: Tue, 21 Feb 2023 08:45:20 GMT
server: Cloudinary
etag: "2729aebd6ef5a8a69fb6e8ce84ba88f8"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 8o-szZqQrBJ9O3zmkgYdv8f2kLYA2dHUpIAKJUzYNEWZuJ-ITSuX8A==

GET
H2 200 xt0lfiig3twuxskoyveb.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 3BD3 30 KB
30 KB 29ms
29ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/xt0lfiig3twuxskoyveb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

da95e7a3e12eba1ff645ed3006739e4254c45c8ebfbbb890fc9b4183c0c31787

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 20 May 2023 01:17:39 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 5168559
x-cache: Hit from cloudfront
content-length: 30332
last-modified: Tue, 13 Jul 2021 18:33:22 GMT
server: Cloudinary
etag: "5932068f2233689cd965ac967db9f4e2"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: w-5CnNx-d9oPEXMqxd6-4mFhplZIBGTPJFblAnsfsePH-lUgmjmcww==

GET
H2 200 uufmft3cuhp4ml6gop1m.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame 3BD3 33 KB
34 KB 31ms
31ms Image
image/jpeg 2600:9000:223d:e200:e:aa0e:eb00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/uufmft3cuhp4ml6gop1m.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:e200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

52f1be9cf30e226c36fcea7b1fa26f74ad5cf7affea254a08b85385f8754e3ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 12:47:03 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 7805595
x-cache: Hit from cloudfront
content-length: 33764
last-modified: Wed, 25 Aug 2021 06:03:26 GMT
server: Cloudinary
etag: "037e514685912ede3f7605280107a477"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3hF-3NMLvdhKMz5G_SGZoo1Bsswje6_mVb_GebelXTpGknJTKTcHYA==

GET
H3 200 collect
www.google-analytics.com/ Frame 3BD3 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1651165528&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fwidget%2Frender%3Fadid%3D670374%26lang%3D%26currency%3DVND%26cardh%3D126%26padding%3D92%26lgh%3D470%26edgevalue%3D655%26cid%3D-1%26tid%3D-1%26amount%3D6%26prod%3Ddynamic_widget%26uid%3D3&dr=https%3A%2F%2Fwww.101dian.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=1509x150&je=0&ec=My%20Ads&ea=Affiliate%20Ad%20Impression&el=Dynamic%20Widget%20TTD&_u=SICAAEABAAAAACAEKC~&jid=&gjid=&cid=647755348.1689714016&tid=UA-86696233-5&_gid=88015015.1689714016&gtm=45He37h0n81WNBGXWM&cd4=f99e922c-c766-4da3-987a-8fb4b5647027&cd5=&cd6=670374&cd7=34191&cd1=647755348.1689714016&z=1913719130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://affiliate.klook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 20:27:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1952
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s11.flagcounter.com
URL: https://s11.flagcounter.com/count2/97M1/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_10/viewers_0/labels_0/pageviews_1/flags_1/percent_0/

Domain: log.klook.com
URL: https://log.klook.com/v2/frontlogsrv/log/web

Domain: log.klook.com
URL: https://log.klook.com/v2/frontlogsrv/log/web

Domain: log.klook.com
URL: https://log.klook.com/v2/frontlogsrv/log/web

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.101dian.com/	1970-01-20 13:23:20	Name: _gid Value: GA1.2.215432116.1689714014
.101dian.com/	1970-01-20 13:21:54	Name: _gat_gtag_UA_74658838_37 Value: 1
.101dian.com/	1970-01-20 22:57:54	Name: _ga_GPEQTE607G Value: GS1.1.1689714013.1.0.1689714013.0.0.0
.101dian.com/	1970-01-20 22:57:54	Name: _ga Value: GA1.1.1308830312.1689714014
.101dian.com/	1970-01-20 22:43:30	Name: __gads Value: ID=b0bdcf920450b3af-22db1b4230de002c:T=1689714014:RT=1689714014:S=ALNI_MaHDtCaJk_cMGbTEmcv6Steevfp5g
.101dian.com/	1970-01-20 22:43:30	Name: __gpi Value: UID=00000c3feb936c82:T=1689714014:RT=1689714014:S=ALNI_MZGLSiXbu-NIhSuz32fx0L90TI6UA
affiliate.klook.com/	1970-01-20 22:57:54	Name: kepler_id Value: f99e922c-c766-4da3-987a-8fb4b5647027
.klook.com/	1970-01-20 22:57:54	Name: _ga Value: GA1.2.647755348.1689714016
.klook.com/	1970-01-20 13:23:20	Name: _gid Value: GA1.2.88015015.1689714016
.klook.com/	1970-01-20 13:21:54	Name: _gat_UA-86696233-5 Value: 1
.booking.com/	1970-01-20 22:57:54	Name: bkng Value: 11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPedzXtEGWnVnatEJakGNVT9h%2FaQqPwnTkCF5RTtmbCoiDSZInwLEvLpsynjI%2Be1llnE6zR7rx6NudFbHHsdBngBC1NKEu%2F8nHvOoFvLegy8X2BCSQB79HBTA1reaHwCiC2wFzh98I90whxvOziVxlGpHu0bHODCqCqc%3D
.doubleclick.net/	1970-01-20 22:43:30	Name: IDE Value: AHWqTUnoAobRPPPR-cVusP3_n2gFav4txTfgIoiOlJavpCuq0KoJO_tRQoe-XD41OVk

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s11.flagcounter.com/count2/97M1/bg_FFFFFF/txt_000000/border_CCCCCC/columns_3/maxflags_10/viewers_0/labels_0/pageviews_1/flags_1/percent_0/ Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiczbbqlu_kvGVOa9iRXsxUfCyDfBGXuWWFafZCCqWpmgwsBwXNPp0Ez51D9IBML4mUBFTkiOwCEtbSAb_jUgKT8rIPBQDix2gFQ6poUOIIi9cyIk9XhW4tzcfY21_Xiw/w0-h0-p-k-no-nu/69480628_3314377515246517_2557363037166108672_n.jpg Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/version Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/version Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://affiliate.klook.com/4359d65e-dd82-3237-8c34-3c0c315503df/eudaapi/version Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
affiliate.klook.com
blogger.googleusercontent.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdn.klook.com
cf.bstatic.com
dulichdau.pages.dev
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
images.dmca.com
instant.page
log.klook.com
pagead2.googlesyndication.com
partner.googleadservices.com
q.bstatic.com
region1.google-analytics.com
res.klook.com
rtb.nl3.eu.criteo.com
s11.flagcounter.com
static.copyrighted.com
stats.g.doubleclick.net
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.101dian.com
www.blogger.com
www.booking.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
log.klook.com
s11.flagcounter.com
13.32.99.76
151.139.128.10
178.250.1.15
178.250.1.6
2001:4860:4802:34::36
2600:9000:223d:e200:e:aa0e:eb00:93a1
2600:9000:223f:d600:1c:d826:cd80:93a1
2600:9000:2611:f200:1b:29b:ed80:93a1
2606:4700:3035::6815:1471
2606:4700::6811:91a
2a00:1450:4001:800::2003
2a00:1450:4001:806::2013
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::2009
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9c
2a02:2638:3::9
2a04:4e42:200::485
2a06:98c1:3121::3
34.111.170.216
34.149.108.21
0142a071db7d7ba9641b73c489af7ed3b1e7363e09539528452f37241c9cef64
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d0ee7a16ae3c3063d7644963128afd917c75e9aab66dc4582966b6e5aaeaf6c
0d363e240ef167500152bfefe58f7fbf9a49b0638099db3739aadfc801db4c46
0db27b19be7d69de841dc1403b1d22f385fdd87fa87b7d6501c29a08e7540993
0e87f180c3c5bfda9c7fc7d506ecd1e581d442fc7c4e9d5f1850f3c6a1c79ead
0f59cd54d0ebbf740d37015cc0cd1d26ab8e8e6716addc81155ae1dc8431fbf7
12187e04b94f2fd54ad69c1b2ee6207b221934de889c0a77a31ed9bddec05982
12e66fe63efa1a28b691e08832e5ea0858a3e4f9cb84fd22b78164dc88a34129
149bb380b64201bf08dede77b817b6a97dac56ce63403e396a80de9ca7b72c5a
171e6ab7a0ee61e778731993ae3f6a678179ed261bae6688da1fe6f0205f9efb
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
28428caafa6b96cdac8379a3c058e025b5185ef8d52c60e257044044cba2356e
288fff604e9230d8cc7efeae7aa33898f38dc2c0aa6778b6e5478f8570738ebe
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e9ca8026b0d4c6e4b88a13e64d4b151465561ec6cb15574197da4b0d3a5bf7
34a062385dc21c7a225a03f114769cfb2690e98e94b1548817b3835cd735f271
36fc26d5d8580ae66e2b148dca1cbb09a1854e1d09f04c2a712c70df82254f5f
37b5507161c87c84f452e0102b793ebfdd03c46ea93f5fbe9aaa3ca8e6c69644
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b5db57c29154e261a3a03ee6f33ddaba372a814774e4439adb7a3f6fbc92291
3bb07039b52e809f4d1b1f90bfbec7c03744cb261339999987957b3b724e7d56
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e95ac4c9dffbf3cfa1291a084ef6b5e79c3ad987cbd9b55119249377a86b0ea
424bf606a1d0dc5c56a2f54917c3cbc6af946e33785ab71e35bac0b28fc9e959
453cda9d16e80ec77a801c4031f6dfa3552b98b40d06371de84c90701aa5e97f
45c518ca11ce2ee2224117ede9b5b226070dd075a6a3cbf246802b74e6fc10f2
4813a05d0d0fb1efdaeb730c134af8a9bfcb824f1993cd66026af4fd50f4b492
4815e8faa7756a65078655197f7eba2211a7299808a685f547fa96b3797abe4e
4c401bb395a750ff456942bcaf4db925947cf4c1f4be0fefe76bda5070c55a6f
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52f1be9cf30e226c36fcea7b1fa26f74ad5cf7affea254a08b85385f8754e3ee
559f9d994b5fa170cd3b4ef08cc5df9a110bafd26dc639048fc5ef266bc86e9e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a7e25e954375dd00e78737af22cabc8286dc72349914b6b02e45dcb46c91dac
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
60a81baa96a8bf17d10a6839db65923d49d337f6fae8649464d636f88bc5aa8d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62014fd8f1d39de9a60dff3b831843919bc998e7446a7b912ecb3f41fe966fd9
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
6be37f36989880a124a0df21a0b4931bfd75d67bd9d844418ecbb79a47514507
6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61
6f2c2164df92670e1f44b40c516e974340a0a4834b5a2b2156faf3f1c6fc0e90
7075e2bf6664fa9ac92fb1603eaae93164661667efb8531614129613e6f086c5
70ad3add297964a804bf78d1b3ab8650041047670e6b2acf3c55a0db9fefad8c
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
75375eabbe9d3106b0d1bfb4f9fcaff78ef0691c58edb3ffaab1e635b25a49dc
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
77c7df604af10e3224e859b9a09a937b839aef044f84155ed7052197e75f4a7d
796a61bead3e9772a611f92c0bed7cc91b4c68746e84d8faf6adcc4e4e3edfa2
798f5ce3a1569ac0d3facb8eca4109afc978245811b83d062ea2d5ef2f122d68
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
803fd8773f39357daedd0218c279f2433dd2da0ad9dfa6ead534b4fef9280c50
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
855e7f320deb55eed41d267fe68b610394c92c0fd3e2d05f7aafe7c2f0f81597
86494e311e6790fb6d186742863e85b0a8b303163ec919f6ac4d620d7f30715e
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
8d06c3f93c9bbe473644ed52c1153d34b5e30120afef23ef40f0f967181bf2db
8e45bb7e8ed0913b06e8956ecf1d1492304b9958f32c21584c3770b3501f0038
92403784bf395496017a1b1656d0ea68ec6477c8ada5ad56937593ae12955585
976ca35441209539fa4e01d9e83f4c9557bbea10834ee5e491eeab26aef317fc
9eef48d6bd2d5ef12ab8bdd152079ba3e18a326cc3089b9be3d4a6130366ee69
a13d03a2be358a67f288e8bfd72865bbb0ae374ea185a98cbf3cf50f268e3fe6
a39315ea3815262f3c844b9c50e4fb52bc77561504c65b29abdd1fc0488db912
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f0f83e1774b0d910ef27ef2f90d0983c2b8b5e6674af853e35be3a21f75329
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b22ecfd2334b5779a496c7d71858b52bce813d23359997aff10fcc9b498d4ef3
b26be828f78e7f97b2632563e906daf831519f1ee74318bd8b0174abe068fc92
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b44a77f22d9dfd6cbc49ad2d1c1ad1d45724ae26606e4a5347ca8a2adb3d4854
b7637a4cc7e15b52376c9dba975683af0b7987a44b3d05200747c035a6852274
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
c01b07adfd0d7e2b1a06c7a33a21c7fc82e8987d33c93caf630ed9f0c22f9bb4
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
c703e3b6876f45923043852412e0ddac6e7974c56a7bc4a1d9400744cfe59082
c7e069315c1522f8097f97e224dedecfeb6c5f0bc4bb7aed1d8aadc2c600d489
c89fa0755076f72d479eebd17cc7c68b779b5c16a38747b7fed19d9b86fa7c80
c996c0469ef05ff6fdd1f7cefbc3f7e109bb21969de42fcf591498a828a7ad5f
cef730d6893fbe68c977250c2b198d38ef2ec30da5973ffd4e8d871bb60ac0c9
d13ecc9d287a97b2c5ecc1f1ccc93936ee9572ec79864c48226fc271ef8050cb
d7a5590ca36b9919eb2d766b496df97e34ad8216a1f469147f1d7b22588f0147
d8314b4eff35940506acf61b840b57de7f67e594af6b0b7976ddf05040334fc6
da7cec1b9368c3c3c6ecdd18613157a1d81c19e1be2f2ab987499032b03d272f
da95e7a3e12eba1ff645ed3006739e4254c45c8ebfbbb890fc9b4183c0c31787
db18cb52427e02c7de9ad4d90ca593068388c3fdac72903ee699779d92b0a74c
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29
dd2f307efad798e337267f39da673516e9f4aef3a770192fdc5d604d7f63d1f0
ddd145d355c65d847e682f25b75b89501e85c006bd6e195358ee83813df0a8cf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e0b2182fc69d279d908a5f4289d1c8d170357d92dc1444fcc0de4b45b9545562
e2897d652245aee8097a3e0b9126a8304bb896d265e182e2dba8a5482c93e6a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
eae20b6a872c824d99168409e3da233d44beb889c6baafb4898fc92a9e839523
ec4db6352c5daeef9127e9057837b4c5d3ee7a36bba620ea176c87ebcae71cbf
ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e
ee08c2cd74b3dd1c9312b7c7b58dfc843069fb1d38cca913a9bfa52afcc73724
eeb8eb2b0024edeab080d0515cfba1c6e79e5b64f97bac02923d7b20ff5f2978
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
f105fa1a6bb1624bf9f15c31ad4a5d9a3e7ce09af9623a2435a30bc4884e6353
f196ac08fe959fc09d20710af2db44a86d0cb6eba20e53dc98d828db0de7e56e
f1ee7d78deef6b9cd76bdadf746a2e6c26969409be0c75fdf8519eeb71063f54
f2767375f9a38497e1cf2279ff98dc1407081074ccd0fda78709c84387f6c5ae
f34b517035a5f8577f753ca9907f5130cd12c7cbb002fa44ee74619ea03406f9
f53800bedd5119e68c29b900b0d745104133c3c077b35add8503e6194140bb96
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f762af1e5a62c876a520c7dfe5983a233fc98cda43ee405c6e4444a8be4ea1e7
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8e10110cfb56759d124562fd555905ea820c2fa1095810123d13b30f44a7022
f988c05430bc94180ee7ca44b2016d4c4fc239583852c24370837bf7a5076b20
fc582c74d0956e46875f8cd511395c4df87425a08f6db49764afec0a0da15abd
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd37c1ec19c5de17a1643f04dd6685a472e6676e8776ca5a2875950284b1ecb8
fe9f05ae5147c35fb2b020b81a542eed2e8de0bc5861ef291ca7feec66c767d7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.101dian.com Open in urlscan Pro 2a00:1450:4001:806::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

97 %HTTPS

82 %IPv6

24 Domains

36 Subdomains

36 IPs

4 Countries

3777 kBTransfer

8625 kBSize

12 Cookies

11 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.101dian.com Open in urlscan Pro
2a00:1450:4001:806::2013 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

97 %
HTTPS

82 %
IPv6

24
Domains

36
Subdomains

36
IPs

4
Countries

3777 kB
Transfer

8625 kB
Size

12
Cookies

194 HTTP transactions
6 data transactions