urlscan.io logo urlscan.io
SecurityTrails logo

s.yam.com Open in urlscan Pro
52.187.123.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.istsolution.com.br/bMrcb#NUUrSkg0QXU5cDRMYWNkajFoRWhpZkI4OWIwNW1WZzdETVEzQkpiOVNtVHNROHI1azRneHpRWkhRd0JKUWhZWnhISm...
Effective URL: https://s.yam.com/fU0Hg
Submission: On June 02 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 41 HTTP transactions. The main IP is 52.187.123.178, located in Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is s.yam.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 18th 2022. Valid for: a year.
This is the only time s.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.240.57.136 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-8750444.istsolution.com.br
link.istsolution.com.br
1    52.187.123.178 (Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.yam.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.yamedia.tw
3    2606:4700:21::681b:ce5c (United States)

ASN13335 (CLOUDFLARENET, US)
yamedia.yam.com
travelimg.yam.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2600:9000:214f:6800:1b:29b:ed80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.klook.com
6    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    34.149.108.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.108.149.34.bc.googleusercontent.com
affiliate.klook.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    34.111.170.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.170.111.34.bc.googleusercontent.com
log.klook.com
3    2600:9000:223d:800:e:aa0e:eb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
res.klook.com
Apex Domain
Subdomains		 Transfer
16 klook.com
cdn.klook.com — Cisco Umbrella Rank: 89740
affiliate.klook.com — Cisco Umbrella Rank: 109654
log.klook.com — Cisco Umbrella Rank: 67730
res.klook.com — Cisco Umbrella Rank: 71887
260 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
41 KB
4 yam.com
s.yam.com
yamedia.yam.com
travelimg.yam.com
59 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3105
www.google.com — Cisco Umbrella Rank: 3
712 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 51
stats.g.doubleclick.net — Cisco Umbrella Rank: 111
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
208 KB
2 google.nl
www.google.nl — Cisco Umbrella Rank: 8104
515 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 367
88 KB
1 yamedia.tw
img.yamedia.tw
513 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
47 KB
1 istsolution.com.br
link.istsolution.com.br
515 B
0 hanalytics.eu Failed
hanalytics.eu Failed
41 12
Domain Requested by
8 cdn.klook.com s.yam.com
affiliate.klook.com
cdn.klook.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 affiliate.klook.com cdn.klook.com
3 res.klook.com
3 www.googletagmanager.com s.yam.com
www.googletagmanager.com
affiliate.klook.com
2 www.google.nl s.yam.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 travelimg.yam.com s.yam.com
1 log.klook.com cdn.klook.com
1 www.google.com s.yam.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cdn.jsdelivr.net s.yam.com
1 yamedia.yam.com s.yam.com
1 img.yamedia.tw 1 redirects
1 pagead2.googlesyndication.com s.yam.com
1 s.yam.com
1 link.istsolution.com.br 1 redirects
0 hanalytics.eu Failed s.yam.com
41 19

This site contains links to these domains. Also see Links.

Domain
travel.yam.com
ringnews.info
Subject Issuer Validity Valid
*.yam.com
Thawte RSA CA 2018		 2022-07-18 -
2023-07-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
yam.com
GTS CA 1P5		 2023-05-04 -
2023-08-02		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.klook.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-12 -
2024-03-14		 a year crt.sh
affiliate.klook.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
log.klook.com
GTS CA 1D4		 2023-05-22 -
2023-08-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://s.yam.com/fU0Hg
Frame ID: E9E706D58B9451B0A633EA9BC36EA20F
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Frame ID: 1BA7B1B26DA64C331744FBF2FD7A2E04
Requests: 1 HTTP requests in this frame

Frame: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Frame ID: CFC67F814BC37964A28E7980F692B32C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

yamShare-縮網址服務

Page URL History Show full URLs

  1. https://link.istsolution.com.br/bMrcb HTTP 301
    https://s.yam.com/fU0Hg Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

93 %
HTTPS

76 %
IPv6

12
Domains

19
Subdomains

16
IPs

4
Countries

710 kB
Transfer

1543 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.istsolution.com.br/bMrcb HTTP 301
    https://s.yam.com/fU0Hg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://img.yamedia.tw/2021/share/logo.png HTTP 302
  • https://yamedia.yam.com/2021/share/logo.png

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fU0Hg
s.yam.com/
Redirect Chain
  • https://link.istsolution.com.br/bMrcb
  • https://s.yam.com/fU0Hg
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yam.com/fU0Hg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.187.123.178 , Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dbb2bdbdb67f6ad9ea9529daae2b1cb976015da96294b46f8e8532f670c13e9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
4219
Content-Type
text/html; charset=utf-8
Date
Fri, 02 Jun 2023 05:17:14 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 02 Jun 2023 05:17:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
location
https://s.yam.com/fU0Hg
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6da4ea293c813e2d2d69b71dd0a9d69b68eb36f5e6bafdd816de0b5a1a138d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 05:17:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47383
x-xss-protection
0
server
cafe
etag
6598038562287310840
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Jun 2023 05:17:15 GMT
script.js
hanalytics.eu/js/ 		0
0
logo.png
yamedia.yam.com/2021/share/
Redirect Chain
  • https://img.yamedia.tw/2021/share/logo.png
  • https://yamedia.yam.com/2021/share/logo.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yamedia.yam.com/2021/share/logo.png
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f770cce2c2e7878a6044378b5a953c03be552ce26a5402704d5dece8e3069b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 02 Jun 2023 05:17:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Y+1jEmgYjP8CiQLDg0WN9Q==
cf-polished
origSize=15099
content-length
14244
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Jan 2021 02:55:26 GMT
server
cloudflare
etag
"0x8D8C3382A364852"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ujq6rIOKk%2Fo5e3a%2BBkurv3%2FBR7U%2BzHDnJiFUXd9Zt38RD6IjDAOa%2BJqqLzLZ6BptLwJaQhaMCijK692PZmF%2B8CtGZ2eDZxqwDULhs3oqhtsOEdmd1275IRk2qT4XRm3VXvt8TT0Wf6Vt8Y0haw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-ms-request-id
d9a0d2f8-d01e-003d-0528-61f98f000000
cache-control
max-age=14400
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
7d0d3a9dea5e0ba4-AMS

Redirect headers

date
Fri, 02 Jun 2023 05:17:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KABnxm0mdNjOjSVsOlFGHfJ54FYDkyz17YOYPMnQA9TPf5ADai6yUVXvBCEwgYmTd7YabuwsA%2Be18E7M7gUYjSv4LSbprStagESWEEegKiqkQVkmswSznsw4bT3yABuyCkRnG7IoGEI0ZIU8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://yamedia.yam.com/2021/share/logo.png
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7d0d3a9dbb9b1e5c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
2020111217022617.PNG
travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2020111217022617.PNG
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049409ae1f5609755051d9d8cd8ba8267730d625d22e362348f13e67fc2af812
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 05:17:15 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
15442
cf-resized
internal=ok/h q=0 n=14+0 c=13+25 v=2023.4.2 l=15442
last-modified
Thu, 12 Nov 2020 09:02:26 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf9a_yTgqwpCxmtkY3MCAPbNHj_h8U8Ar-qbnpfcXEDQ:7495b8bd2b8d61:0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXZyZpAYRyhQD3%2FW3%2BDonZ88MG6zlf0fipOCRBRvKUWgOpMtuUphfwozUXXxXRddzwcMWN81%2FaklbDgzkZ7ELs5d%2FNTwZrI8lIcUy0Y4mSugAce58zx8AJzoaQYmXk1sF3XNf6geV8MBL%2F1%2FNILd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
7d0d3a9c58c10ba4-AMS
2022082609183827.jpg
travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2022082609183827.jpg
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46b27b83274ec04ae88b815c230bb55c686b393fed2eb5e5724a904364df941
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 05:17:15 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
24402
cf-resized
internal=ok/h q=0 n=13+0 c=9+33 v=2023.4.2 l=24402
last-modified
Fri, 26 Aug 2022 01:18:38 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf0i-AlQ8TRhW2Ulg7CkVRK6p8_h8U8Ar-qbnpfcXEDQ:e1522ac5e9b8d81:0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aS3XcrN34S5ouhGx68qj%2F86ARsOY4aiDdCWQ5LWNUixEX%2FNPRpHfro5okvoQu5%2F1ieEe630Akvk%2B9P6lpUh1bm0JVHdRjEy3s%2FPmPSjemuIXGiw8E84h807RBZzhogvPK%2BIiOaJVbtbfhYOZVme"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
7d0d3a9c58c20ba4-AMS
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Jun 2023 05:17:15 GMT
x-content-type-options
nosniff
age
7172129
x-jsd-version
3.5.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
89476
x-served-by
cache-fra-eddf8230128-FRA, cache-ams21028-AMS
x-jsd-version-type
version
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		122 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29c0e883761e2740c2518cdd05ea188236b1334e31263a5f5b8f6cc0d0495d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 05:17:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Jun 2023 05:17:15 GMT
dynamic_widget_v1.js
cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
14f074b6a6848d050f8d16e84d33b5c9d1aea78dd1c2cb514427fc2941b4af78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Sat, 13 May 2023 01:15:06 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
7Z0QYB0MV6W9MEH3
x-amz-cf-pop
FRA53-C1
age
1742529
x-cache
Hit from cloudfront
x-amz-id-2
3LuDGr2DnU9ZUf8qNU7TdAP0QlyGiKA8sxbUDET5XRMAFXiqQKJ5dXfMRjDgvuqqYEadzJtKVTk=
last-modified
Mon, 18 Oct 2021 02:44:10 GMT
server
nginx
etag
W/"ceb152ddf5390a749f9c157d20252351"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
XkMvtqsHG4z6rUMM2b5yQUpBbK557_EAkS8-bXZEE1fBs9Jaua2ybg==
expires
Sun, 12 May 2024 01:15:06 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d116518aa6b776d9ad7acba0ba42931090e24987087c14d8f1f66357bfab5fed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 05:17:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85621
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 02 Jun 2023 05:17:15 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Jun 2023 05:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
741
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 02 Jun 2023 07:04:54 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/ Frame 1BA7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230530/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.yam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
34028
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 19:50:07 GMT
etag
15057649708203361565
expires
Thu, 15 Jun 2023 19:50:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
render
affiliate.klook.com/v1/affnode/ Frame CFC6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
9302a72631c7f7029a2116d09d5ad9cfb6b05eeba9485fdd83776f67a38e45a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
776
content-type
text/html; charset=utf-8
date
Fri, 02 Jun 2023 05:17:15 GMT
server
ReplaceHeaderValue
server-timing
render-all;dur=1
vary
Accept-Encoding
via
1.1 google
x-cdn-cache
miss
x-cdn-vendor
gcp
x-content-type-options
nosniff
x-download-options
noopen
x-kong-proxy-latency
1
x-kong-upstream-latency
4
x-readtime
1
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=45je35v0&_p=1806343759&_gaz=1&cid=171523144.1685683036&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685683035&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FfU0Hg&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RE4LTMGVEF&cid=171523144.1685683036&gtm=45je35v0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=171523144.1685683036&gtm=45je35v0&aip=1&z=1396076901
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1806343759&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2FfU0Hg&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=618325978&gjid=1001166603&cid=171523144.1685683036&tid=UA-16227618-1&_gid=351504120.1685683036&_r=1&gtm=457e35v0&jsscut=1&z=516693386
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-16227618-1&cid=171523144.1685683036&jid=618325978&gjid=1001166603&_gid=351504120.1685683036&_u=YADAAUAAAAAAACAAI~&z=173123882
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 02 Jun 2023 05:17:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-16227618-1&cid=171523144.1685683036&jid=618325978&_u=YADAAUAAAAAAACAAI~&z=116461166
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-16227618-1&cid=171523144.1685683036&jid=618325978&_u=YADAAUAAAAAAACAAI~&z=116461166
Requested by
Host: s.yam.com
URL: https://s.yam.com/fU0Hg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chunk-vendors.c1b35f39.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame CFC6 		343 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.c1b35f39.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
eae20b6a872c824d99168409e3da233d44beb889c6baafb4898fc92a9e839523
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:30:26 GMT
content-encoding
gzip
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
KRGAS1VDR4VXAMAY
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
1831610
x-cache
Hit from cloudfront
x-amz-id-2
acf/OtSYFL9REUwG9cZhtvQtrW+rgQiqI7i9rEw8+UTJohKl5WgGCHJHhoG0fEljLhN0NLlmshI=
last-modified
Tue, 09 May 2023 08:08:09 GMT
server
nginx
etag
W/"dc334a93bc85b932bf66934c28893460"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
mltsnmah0Jc_ZfIFcB5fy2vtjfF7smVgVTp7f787vO0xTKj-6V5Zkg==
expires
Sat, 11 May 2024 00:30:26 GMT
chunk-common.d2e21474.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame CFC6 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cef730d6893fbe68c977250c2b198d38ef2ec30da5973ffd4e8d871bb60ac0c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 09 May 2023 01:50:11 GMT
content-encoding
gzip
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
PRPZFB3ET8AFV8TH
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
2086025
x-cache
Hit from cloudfront
x-amz-id-2
rp34e65hqlTAutDNteJwaxC3eFrX+a5tfDpLz6YjmesrzG7fzBrlOK7yZNlOwKcQNXqaQDldwxY=
last-modified
Mon, 08 May 2023 07:08:47 GMT
server
nginx
etag
W/"d0485b9833256e032b623f3922f5faf6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
4TG7XguSKEEAJrmfYUSLXwXSWa8OhgzMhtgjZCh18QeY1eV_ab-DNw==
expires
Wed, 08 May 2024 01:50:11 GMT
dynamic_widget.9f2d2177.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame CFC6 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/dynamic_widget.9f2d2177.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a13d03a2be358a67f288e8bfd72865bbb0ae374ea185a98cbf3cf50f268e3fe6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 25 May 2023 03:41:36 GMT
content-encoding
gzip
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
517WJYQB24DAA17K
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
696940
x-cache
Hit from cloudfront
x-amz-id-2
iJKIr+YfW2d3aPHLP7aEUFHnjfaPlFyoKvn+AQ7b6QSCy22C0KuBy2cWCuHVzsxt3ZXthCMWcEE=
last-modified
Thu, 25 May 2023 03:32:49 GMT
server
nginx
etag
W/"d206181646ac818a7b40758443d95b1c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
A_MsCTkHRCFM9K-hFNMKKVJ_Sb0xbTcW1OB1g1diqUkRO9mY6msE-Q==
expires
Fri, 24 May 2024 03:41:36 GMT
dynamic_widget.f97a9dd5.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame CFC6 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
288fff604e9230d8cc7efeae7aa33898f38dc2c0aa6778b6e5478f8570738ebe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 25 May 2023 03:41:36 GMT
content-encoding
gzip
via
1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
517TFHR7C6GCRVQ2
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
696940
x-cache
Hit from cloudfront
x-amz-id-2
abpE4h9+GARBb4pmnvfGXiYu3rvWVz8nG4KILEgbMJahbk5sZWhi+FBmt8SFyrNXRm6PpKVNUKQ=
last-modified
Thu, 25 May 2023 03:32:49 GMT
server
nginx
etag
W/"9224d862a22a844b3932df3892df598b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
SQlQun9NvBwQdvR88hMi73lpm1MO5tNnIbDGp0cJo3-azXAZ32MjCw==
expires
Fri, 24 May 2024 03:41:36 GMT
gtm.js
www.googletagmanager.com/ Frame CFC6 		225 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0586e936caee167833df35c37df14747420382db00e341a44b6a1367b8a1d098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 05:17:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78821
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Jun 2023 05:17:16 GMT
experiments
affiliate.klook.com/v2/usrcsrv/hit/ Frame CFC6 		44 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
396b9dcb98349b65f1a47de6d12c43853718df7e79f49d9919c41aaba9d462db

Request headers

Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
X-Klook-Request-Id
cdf318b6-2485-46f9-9259-b1639e53197c
accept-language
nl-NL,nl;q=0.9
X-Klook-Kepler-Id
1a8a710f-7b85-4bd9-8957-005a2671df71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 02 Jun 2023 05:17:16 GMT
content-encoding
gzip
via
1.1 google
x-klook-request-id
cdf318b6-2485-46f9-9259-b1639e53197c
x-cdn-cache
miss
accept-language
en_US
x-kong-proxy-latency
0
x-klook-service-id
01
x-kong-upstream-latency
5
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currency
HKD
server
ReplaceHeaderValue
x-klook-version
1
content-type
application/json; charset=UTF-8
x-klook-lang
en_US
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=45je35v0&_p=1806343759&cid=171523144.1685683036&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1685683035&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FfU0Hg&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=scroll&epn.percent_scrolled=90&_et=11
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1806343759&t=event&_s=2&dl=https%3A%2F%2Fs.yam.com%2FfU0Hg&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=time&ea=3DADPAGE&el=play&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=171523144.1685683036&tid=UA-16227618-1&_gid=351504120.1685683036&gtm=457e35v0&jsscut=1&z=2061223286
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 09:19:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71888
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1806343759&t=event&_s=3&dl=https%3A%2F%2Fs.yam.com%2FfU0Hg&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E5%81%9C%E7%95%99%E6%99%82%E9%96%93&ea=3DADPAGE&el=5%E7%A7%92%E5%85%A7&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=171523144.1685683036&tid=UA-16227618-1&_gid=351504120.1685683036&gtm=457e35v0&jsscut=1&z=1752996568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 09:19:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
71888
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dynamic
affiliate.klook.com/v3/affsrv/ads/widget/ Frame CFC6 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v3/affsrv/ads/widget/dynamic?adid=535741
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
16b0a2eafae2f12f9f5e2426dbf4cda182af1e5e516a845d01be6e30db802f02

Request headers

X-Klook-Request-Id
309e68c0-8d63-4788-8dbc-68c0cf0cd304
accept-language
nl-NL,nl;q=0.9
X-Klook-Kepler-Id
1a8a710f-7b85-4bd9-8957-005a2671df71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
X-Klook-Tint
[]

Response headers

date
Fri, 02 Jun 2023 05:17:16 GMT
content-encoding
gzip
via
1.1 google
x-klook-request-id
309e68c0-8d63-4788-8dbc-68c0cf0cd304
server
ReplaceHeaderValue
x-cdn-cache
miss
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
application/json
x-kong-upstream-latency
29
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
web
log.klook.com/v2/frontlogsrv/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://log.klook.com/v2/frontlogsrv/log/web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.170.111.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-deviceid,x-platform
Access-Control-Request-Method
POST
Origin
https://affiliate.klook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 02 Jun 2023 05:17:17 GMT
via
1.1 google
x-cdn-vendor
gcp
web
log.klook.com/v2/frontlogsrv/log/ Frame CFC6 		0
0
analytics.js
www.google-analytics.com/ Frame CFC6 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Jun 2023 05:04:54 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
742
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 02 Jun 2023 07:04:54 GMT
event
affiliate.klook.com/v3/affsrv/ads/ Frame CFC6 		70 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v3/affsrv/ads/event
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.d2e21474.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id
ed4ce17b-4f9f-4257-9515-fba4365ad6a6
accept-language
nl-NL,nl;q=0.9
X-Klook-Kepler-Id
1a8a710f-7b85-4bd9-8957-005a2671df71
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json; charset=UTF-8
X-iframe-Data
{"type":4,"data":""}
Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&

Response headers

date
Fri, 02 Jun 2023 05:17:16 GMT
via
1.1 google
x-klook-request-id
ed4ce17b-4f9f-4257-9515-fba4365ad6a6
server
ReplaceHeaderValue
x-cdn-cache
uncacheable
x-kong-proxy-latency
1
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-kong-upstream-latency
2
x-cdn-vendor
gcp
access-control-allow-headers
Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
content-length
70
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zhtt5hq0saychg9cnzdz.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame CFC6 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/zhtt5hq0saychg9cnzdz.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:800:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0f40bc4a3335707725668e9ec7a2ec9ca721392e0e6ebee3222fcedae1a4e9a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:01:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
756967
x-cache
Hit from cloudfront
content-length
36228
last-modified
Mon, 29 Nov 2021 14:46:32 GMT
server
Cloudinary
etag
"80b8a3aeb9574a8635292aa846d9b439"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZTrZSE7WHbxjEfIk43hysukPiaHHqX55WZ9u0KAfh_Jq0tkxU4esrw==
score_horn.c3c4b90e.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame CFC6 		273 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/score_horn.c3c4b90e.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 11 May 2023 00:56:10 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
VQ9FN9ZSSCPE85SG
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
1916466
x-cache
Hit from cloudfront
x-amz-id-2
n+EVf7/pqK1i+vRCLxK2miODYOTk+Ojl2bni14cjBXnJktKBxNpNmofqi6jkufAOOXfFL+6bzWQ=
last-modified
Tue, 09 May 2023 08:08:09 GMT
server
nginx
etag
W/"285c40b4f2b0100e2ac64ad32549ac8f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
2XuZB4evXSVFugzXXP9zimkqhnQo-dC3SwmtsE6yVXRa2rrAs7ZJ-Q==
expires
Fri, 10 May 2024 00:56:10 GMT
mdhrbsteztsjyzjs8zy4.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame CFC6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mdhrbsteztsjyzjs8zy4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:800:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1b1d12f827f2c9b2d5f26dea3c869a60c3a8dd8fe52b243e6e959cf1330d46b0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 04:59:00 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
3802696
x-cache
Hit from cloudfront
content-length
25503
last-modified
Wed, 19 Apr 2023 03:46:09 GMT
server
Cloudinary
etag
"f87ef95ea161ca827b9aa2a8021f09f1"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6Ie5a2oMBK4Q8j7eNRuAPuTjAPmhcV25PByHgHUJpQt_AqUVI4DWNw==
discount_tag.e0e3de40.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame CFC6 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag.e0e3de40.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 16 May 2023 01:11:05 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
7PKA4Y3JSRA9R18A
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
1483571
x-cache
Hit from cloudfront
x-amz-id-2
bCrBlrBpfb6irvb5HCPaYvdq6mR83GN/XK7/rpas3zUvafW7WGC+/2B+TDWVPGZaNXWA8/0BNdU=
last-modified
Tue, 09 May 2023 08:08:09 GMT
server
nginx
etag
W/"73fe4f4789c649448f50bd8cd7c33443"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
hzPgvBXqamqoJ88I3KihY_kx1-WAg6hMyMSnRIUSV6IR6W9YNVDFmQ==
expires
Wed, 15 May 2024 01:11:05 GMT
discount_tag_2.69d9dac9.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame CFC6 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag_2.69d9dac9.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:6800:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.f97a9dd5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 12 May 2023 00:36:45 GMT
content-encoding
gzip
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
VRBF0GR5N5WWW6YE
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
age
1831231
x-cache
Hit from cloudfront
x-amz-id-2
6xKq+qnD5a/awvwcb78Sb8Jj3tB2wG/rk3vHkYgwlrwGF2hykOgD5Wi+vYkjwRRYMz8eJRJJbGM=
last-modified
Tue, 09 May 2023 08:08:09 GMT
server
nginx
etag
W/"0ecccb9ccb594c2f50986543a7b41596"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
-JtEvRI57U-CsMwDCQ_HxoB81tfdquHNOGZo7E65SOFW_76YxC8MjQ==
expires
Sat, 11 May 2024 00:36:45 GMT
a5ssxgcgzsqftjdbzcmu.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame CFC6 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/a5ssxgcgzsqftjdbzcmu.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:800:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6bdc47952795bf639271086fa36de38d55dfac0818adb78aa8df6f936ba55f16
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 25 May 2023 04:17:30 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
694786
x-cache
Hit from cloudfront
content-length
35753
last-modified
Wed, 29 Dec 2021 23:34:02 GMT
server
Cloudinary
etag
"5e9706be7f3cad4347159b504f01a7b0"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DD58GT1kuolcjiOWi3kFwokjeRMctOGTTtUSpUYtP3FW3m3qoAdvdg==
collect
www.google-analytics.com/j/ Frame CFC6 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1009275654&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fv1%2Faffnode%2Frender%3Fprod%3Ddynamic_widget%26adid%3D535741%26cid%3D59%26tid%3D-1%26amount%3D3%26&dr=https%3A%2F%2Fs.yam.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=1584x470&je=0&ec=My%20Ads&ea=Affiliate%20Ad%20Impression&el=Dynamic%20Widget%20TTD&_u=YEBAAEABAAAAACAEKC~&jid=194869373&gjid=77377126&cid=919699083.1685683037&tid=UA-86696233-5&_gid=164494756.1685683037&_r=1&_slc=1&gtm=45He35v0n81WNBGXWM&cd4=1a8a710f-7b85-4bd9-8957-005a2671df71&cd5=&cd6=535741&cd7=5116&cd1=919699083.1685683037&z=1782421010
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://affiliate.klook.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 05:17:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://affiliate.klook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hanalytics.eu
URL
https://hanalytics.eu/js/script.js
Domain
log.klook.com
URL
https://log.klook.com/v2/frontlogsrv/log/web

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery string| lang number| t number| st number| mv boolean| isStop function| showTime function| mover function| mout function| getRandom function| gev function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| KlookAffV5 function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData

10 Cookies

Domain/Path Name / Value
link.istsolution.com.br/ Name: PHPSESSID
Value: f975d489897bb8c5d94349b7f8948dca
link.istsolution.com.br/ Name: short_159
Value: 1
.yam.com/ Name: _ga
Value: GA1.2.171523144.1685683036
.yam.com/ Name: _gid
Value: GA1.2.351504120.1685683036
.yam.com/ Name: _gat_gtag_UA_16227618_1
Value: 1
affiliate.klook.com/ Name: kepler_id
Value: 1a8a710f-7b85-4bd9-8957-005a2671df71
.yam.com/ Name: _ga_RE4LTMGVEF
Value: GS1.1.1685683035.1.0.1685683036.59.0.0
.klook.com/ Name: _ga
Value: GA1.2.919699083.1685683037
.klook.com/ Name: _gid
Value: GA1.2.164494756.1685683037
.klook.com/ Name: _gat_UA-86696233-5
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://hanalytics.eu/js/script.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.klook.com
cdn.jsdelivr.net
cdn.klook.com
googleads.g.doubleclick.net
hanalytics.eu
img.yamedia.tw
link.istsolution.com.br
log.klook.com
pagead2.googlesyndication.com
region1.analytics.google.com
res.klook.com
s.yam.com
stats.g.doubleclick.net
travelimg.yam.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
yamedia.yam.com
hanalytics.eu
log.klook.com
162.240.57.136
2001:4860:4802:32::36
2600:9000:214f:6800:1b:29b:ed80:93a1
2600:9000:223d:800:e:aa0e:eb00:93a1
2606:4700:21::681b:ce5c
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a04:4e42:200::485
2a06:98c1:3120::3
34.111.170.216
34.149.108.21
52.187.123.178
049409ae1f5609755051d9d8cd8ba8267730d625d22e362348f13e67fc2af812
0586e936caee167833df35c37df14747420382db00e341a44b6a1367b8a1d098
0f40bc4a3335707725668e9ec7a2ec9ca721392e0e6ebee3222fcedae1a4e9a4
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
14f074b6a6848d050f8d16e84d33b5c9d1aea78dd1c2cb514427fc2941b4af78
16b0a2eafae2f12f9f5e2426dbf4cda182af1e5e516a845d01be6e30db802f02
1b1d12f827f2c9b2d5f26dea3c869a60c3a8dd8fe52b243e6e959cf1330d46b0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
288fff604e9230d8cc7efeae7aa33898f38dc2c0aa6778b6e5478f8570738ebe
29c0e883761e2740c2518cdd05ea188236b1334e31263a5f5b8f6cc0d0495d33
396b9dcb98349b65f1a47de6d12c43853718df7e79f49d9919c41aaba9d462db
6bdc47952795bf639271086fa36de38d55dfac0818adb78aa8df6f936ba55f16
6da4ea293c813e2d2d69b71dd0a9d69b68eb36f5e6bafdd816de0b5a1a138d2d
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
9302a72631c7f7029a2116d09d5ad9cfb6b05eeba9485fdd83776f67a38e45a3
a13d03a2be358a67f288e8bfd72865bbb0ae374ea185a98cbf3cf50f268e3fe6
b46b27b83274ec04ae88b815c230bb55c686b393fed2eb5e5724a904364df941
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
cef730d6893fbe68c977250c2b198d38ef2ec30da5973ffd4e8d871bb60ac0c9
d116518aa6b776d9ad7acba0ba42931090e24987087c14d8f1f66357bfab5fed
dbb2bdbdb67f6ad9ea9529daae2b1cb976015da96294b46f8e8532f670c13e9f
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eae20b6a872c824d99168409e3da233d44beb889c6baafb4898fc92a9e839523
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7f770cce2c2e7878a6044378b5a953c03be552ce26a5402704d5dece8e3069b