urlscan.io logo urlscan.io
SecurityTrails logo

s.yam.com Open in urlscan Pro
13.76.85.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://999.sh/han
Effective URL: https://s.yam.com/RTw3f
Submission: On August 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 7 countries across 20 domains to perform 66 HTTP transactions. The main IP is 13.76.85.56, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is s.yam.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 18th 2022. Valid for: a year.
This is the only time s.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.128.237.63 7489 (HOSTUS-GL...)
1 1 54.217.123.201 16509 (AMAZON-02)
1 1 148.251.234.93 24940 (HETZNER-AS)
1 13.76.85.56 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.216.107.43 210403 (LWS)
4 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:214... 16509 (AMAZON-02)
1 23.205.242.120 16625 (AKAMAI-AS)
4 34.149.245.231 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.38.21.4 16509 (AMAZON-02)
1 3.36.27.221 16509 (AMAZON-02)
2 52.48.14.237 16509 (AMAZON-02)
1 2 211.249.220.158 9457 (DREAMX-AS...)
2 2 142.250.186.98 15169 (GOOGLE)
1 52.78.181.17 16509 (AMAZON-02)
1 183.110.238.136 4766 (KIXS-AS-K...)
1 103.243.202.190 45974 (NHN-AS-KR...)
2 2600:9000:214... 16509 (AMAZON-02)
6 2600:1f13:800... 16509 (AMAZON-02)
3 34.111.170.216 15169 (GOOGLE)
3 2600:9000:205... 16509 (AMAZON-02)
66 27
1    104.128.237.63 (Los Angeles, United States)

ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK)
PTR: 999.sh
999.sh
1    54.217.123.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-123-201.eu-west-1.compute.amazonaws.com
smarturl.it
1    148.251.234.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: iplogger.com
02ip.ru
1    13.76.85.56 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.yam.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    91.216.107.43 (France)

ASN210403 (LWS, FR)
hanalytics.eu
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
img.yamedia.tw
4    2606:4700:3030::ac43:d4a7 (United States)

ASN13335 (CLOUDFLARENET, US)
yamedia.yam.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2600:9000:214f:4c00:1b:29b:ed80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.klook.com
1    23.205.242.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-242-120.deploy.static.akamaitechnologies.com
static.dable.io
4    34.149.245.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.245.149.34.bc.googleusercontent.com
affiliate.klook.com
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    3.38.21.4 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-21-4.ap-northeast-2.compute.amazonaws.com
api.dable.io
1    3.36.27.221 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-27-221.ap-northeast-2.compute.amazonaws.com
r-log.dable.io
2    52.48.14.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-14-237.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
2    211.249.220.158 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)
analytics.ad.daum.net
act.ds.kakao.com
2    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    52.78.181.17 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com
adx.dable.io
1    183.110.238.136 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
idsync.admixer.co.kr
1    103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)
cm-exchange.toast.com
2    2600:9000:214f:4400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    2600:1f13:800:7782:8175:1a1c:b701:5da6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
3    34.111.170.216 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 216.170.111.34.bc.googleusercontent.com
log.klook.com
3    2600:9000:2057:f200:e:aa0e:eb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
res.klook.com
Apex Domain
Subdomains		 Transfer
18 klook.com
cdn.klook.com — Cisco Umbrella Rank: 129880
affiliate.klook.com — Cisco Umbrella Rank: 128310
log.klook.com — Cisco Umbrella Rank: 93432
res.klook.com — Cisco Umbrella Rank: 90437
244 KB
10 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 602
static.adsafeprotected.com — Cisco Umbrella Rank: 594
dt.adsafeprotected.com — Cisco Umbrella Rank: 538
95 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
40 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
6 KB
5 yam.com
s.yam.com
yamedia.yam.com
379 KB
4 dable.io
static.dable.io — Cisco Umbrella Rank: 17523
api.dable.io — Cisco Umbrella Rank: 16187
r-log.dable.io — Cisco Umbrella Rank: 17734
adx.dable.io — Cisco Umbrella Rank: 1701
36 KB
4 yamedia.tw
img.yamedia.tw
1 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5596
627 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 5381
www.google.com — Cisco Umbrella Rank: 10
907 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
170 KB
1 toast.com
cm-exchange.toast.com — Cisco Umbrella Rank: 5102
605 B
1 admixer.co.kr
idsync.admixer.co.kr — Cisco Umbrella Rank: 3515
884 B
1 kakao.com
act.ds.kakao.com — Cisco Umbrella Rank: 20965
493 B
1 daum.net
analytics.ad.daum.net — Cisco Umbrella Rank: 18641
571 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 423
32 KB
1 hanalytics.eu
hanalytics.eu
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
56 KB
1 02ip.ru
02ip.ru
408 B
1 smarturl.it
smarturl.it — Cisco Umbrella Rank: 182188
702 B
1 999.sh
999.sh
272 B
66 20
Domain Requested by
8 cdn.klook.com s.yam.com
affiliate.klook.com
cdn.klook.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 dt.adsafeprotected.com s.yam.com
4 affiliate.klook.com cdn.klook.com
4 yamedia.yam.com s.yam.com
4 img.yamedia.tw 4 redirects
3 res.klook.com
3 log.klook.com cdn.klook.com
3 www.google.de s.yam.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com s.yam.com
www.googletagmanager.com
affiliate.klook.com
2 static.adsafeprotected.com pixel.adsafeprotected.com
s.yam.com
2 cm.g.doubleclick.net 2 redirects
2 pixel.adsafeprotected.com static.dable.io
s.yam.com
2 www.google.com s.yam.com
1 cm-exchange.toast.com s.yam.com
1 idsync.admixer.co.kr s.yam.com
1 adx.dable.io s.yam.com
1 act.ds.kakao.com s.yam.com
1 analytics.ad.daum.net 1 redirects
1 r-log.dable.io static.dable.io
1 api.dable.io static.dable.io
1 region1.analytics.google.com www.googletagmanager.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 static.dable.io s.yam.com
1 cdn.jsdelivr.net s.yam.com
1 hanalytics.eu s.yam.com
1 pagead2.googlesyndication.com s.yam.com
1 s.yam.com
1 02ip.ru 1 redirects
1 smarturl.it 1 redirects
1 999.sh 1 redirects
66 32

This site contains links to these domains. Also see Links.

Domain
travel.yam.com
cox-online-access3294-com.preview-domain.com
Subject Issuer Validity Valid
*.yam.com
Thawte RSA CA 2018		 2022-07-18 -
2023-07-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
hanalytics.eu
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.klook.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-25 -
2023-03-28		 a year crt.sh
static.dable.io
R3		 2022-07-26 -
2022-10-24		 3 months crt.sh
affiliate.klook.com
GTS CA 1D4		 2022-07-28 -
2022-10-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.dable.io
Amazon		 2022-06-26 -
2023-07-25		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.admixer.co.kr
GeoTrust RSA CA 2018		 2022-04-29 -
2023-05-01		 a year crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2022-06-30 -
2023-07-31		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
log.klook.com
GTS CA 1D4		 2022-06-11 -
2022-09-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://s.yam.com/RTw3f
Frame ID: 5C65E51C5F632B86B96FE5586B91A4F8
Requests: 41 HTTP requests in this frame

Frame: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Frame ID: E37726C80E9145BD31885818FF48CA2B
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Frame ID: 6251F8B24BEF51C90B2F23FB6DB39757
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 461F4B344852F5C193F91BEE2AB50417
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

yamShare-縮網址服務

Page URL History Show full URLs

  1. http://999.sh/han HTTP 301
    https://smarturl.it/BEDOSDISD8?/5 HTTP 301
    https://02ip.ru/2ncpw7?%2F5= HTTP 302
    https://s.yam.com/RTw3f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

66
Requests

86 %
HTTPS

48 %
IPv6

20
Domains

32
Subdomains

27
IPs

7
Countries

1060 kB
Transfer

2124 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://999.sh/han HTTP 301
    https://smarturl.it/BEDOSDISD8?/5 HTTP 301
    https://02ip.ru/2ncpw7?%2F5= HTTP 302
    https://s.yam.com/RTw3f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://img.yamedia.tw/2021/share/logo.png HTTP 302
  • https://yamedia.yam.com/2021/share/logo.png
Request Chain 3
  • https://img.yamedia.tw/2022/share/ad1.jpg HTTP 302
  • https://yamedia.yam.com/2022/share/ad1.jpg
Request Chain 4
  • https://img.yamedia.tw/2022/share/ad2.jpg HTTP 302
  • https://yamedia.yam.com/2022/share/ad2.jpg
Request Chain 5
  • https://img.yamedia.tw/2022/share/ad3.jpg HTTP 302
  • https://yamedia.yam.com/2022/share/ad3.jpg
Request Chain 30
  • https://analytics.ad.daum.net/match?d=111&uid=32084137.1659701660722 HTTP 307
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220805%22,%22u%22:%2232084137.1659701660722%22%7D%7D
Request Chain 31
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc= HTTP 302
  • https://adx.dable.io/pixel/google?google_gid=CAESEF9q76kVdFPJbL8wAITkr4w&google_cver=1

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RTw3f
s.yam.com/
Redirect Chain
  • http://999.sh/han
  • https://smarturl.it/BEDOSDISD8?/5
  • https://02ip.ru/2ncpw7?%2F5=
  • https://s.yam.com/RTw3f
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yam.com/RTw3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
05ac361d58b8f304b0f7eab73c64de2b8c9d8d32fb074d6740be3f1903559948

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
4994
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Aug 2022 12:14:18 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 05 Aug 2022 12:14:17 GMT
expires
Fri, 05 Aug 2022 12:14:17 +0000
location
https://s.yam.com/RTw3f
server
nginx
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
579ce3b7723d70e40dd04379ea15718e082e217560faefdf6706b15e86666040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57235
x-xss-protection
0
server
cafe
etag
9849314929955074742
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Aug 2022 12:14:19 GMT
script.js
hanalytics.eu/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://hanalytics.eu/js/script.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.216.107.43 , France, ASN210403 (LWS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
logo.png
yamedia.yam.com/2021/share/
Redirect Chain
  • https://img.yamedia.tw/2021/share/logo.png
  • https://yamedia.yam.com/2021/share/logo.png
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yamedia.yam.com/2021/share/logo.png
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Server
2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1e92360a6d94055900af28db943a53f734293370fbda7fbec89c097c616160

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 12:14:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Y+1jEmgYjP8CiQLDg0WN9Q==
content-length
15099
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 02:55:26 GMT
server
cloudflare
etag
"0x8D8C3382A364852"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8Ct%2BIIHCFYdBo0qsql9XdqmTwYfxGR%2BzeE%2F9lZBWiPLKDwrIkO%2FDbJktkNKLWRUgR4trvAKc4HMNe0mRrGaTQMdHxmh2KR2oIpNW1yVtm8d9DOoy1XXcU4GCWMNXlq4cMH6E3sKUlGPF4tikw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-ms-request-id
1de7c758-501e-009a-4050-85114d000000
cache-control
max-age=14400
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
735f73a9b860baf3-MXP

Redirect headers

date
Fri, 05 Aug 2022 12:14:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcYiQbioMkGKbDLQYHx2Q3EiQyWrRHcMnOPB7wvecLbR%2B%2FqARKkMU2ih7F%2FunQKmWSf032iZC8xjmPHS%2BiK%2BAplfQroLWq9Z%2B0ejK7BiAHZkfmagWRl%2FGEX28u%2Bl2vBykOEOoGJjTbp0Q3VB%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://yamedia.yam.com/2021/share/logo.png
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
735f73a8f9590e22-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
ad1.jpg
yamedia.yam.com/2022/share/
Redirect Chain
  • https://img.yamedia.tw/2022/share/ad1.jpg
  • https://yamedia.yam.com/2022/share/ad1.jpg
58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yamedia.yam.com/2022/share/ad1.jpg
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Server
2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ddada0acfcfe1a96a281232ead9f551f5815408ffec4060d0175c1b6cccbc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 12:14:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
EIH/dt2XVbdQ4Wu7hC3FDw==
content-length
59308
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 19 Jul 2022 01:50:51 GMT
server
cloudflare
etag
"0x8DA69291C7D2019"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F898qHIUqXYoWyukVhJAGqgv2tvUA%2FdoybxXU%2FfZ6S2N35tYv8Falo%2BetnARbni%2Fnkba%2BSJ7RcRTqMxsIsyyEUBiX4u58nvl6qzuYO9aP3Gvft6hnPMFBLAxYx%2F7d4h4SGpnS2NlwcVZ2hoRbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-ms-request-id
9ab0f28a-401e-0062-4b12-9b4db3000000
cache-control
max-age=14400
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
735f73a9b862baf3-MXP
cf-bgj
h2pri

Redirect headers

date
Fri, 05 Aug 2022 12:14:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVCEz79RR0L1YJCG29zWKdUORQ8%2BLF4sM5XiA4QFVBgJx3yrv22k9Bk%2FmslQIrBdl5B7ZNW9%2BCIcEGWaAnwD35qEc42wFew4zzOvPY32%2BqmLou7P2eOs2RMRoeOZWFmAtP94xXiZ0ZmDdckj1w%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://yamedia.yam.com/2022/share/ad1.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
735f73a8f95c0e22-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
ad2.jpg
yamedia.yam.com/2022/share/
Redirect Chain
  • https://img.yamedia.tw/2022/share/ad2.jpg
  • https://yamedia.yam.com/2022/share/ad2.jpg
156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yamedia.yam.com/2022/share/ad2.jpg
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Server
2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2454476908ab8a04d981a2db03e9ee5c679d02c4b64257511d6d07cc03ed9a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 12:14:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
eDX8p5b8rS8ke6Be0UdraQ==
content-length
159918
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 19 Jul 2022 01:28:03 GMT
server
cloudflare
etag
"0x8DA6925ED17E714"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DmBBa8%2FEGcRmAvTq71uV7CRWIalB0m8UJT%2Fi7JnvH5YOacVBVOGMhaUxs2qmyGy34r2BZQyH1t23TPSShZc8E9SSmmz64iwcnCF7bPdnsBhb%2BvE9Fl1pIW4gne22EEb4deKC6xTkgJpThpNWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-ms-request-id
9b502786-701e-0079-0d0f-9b73b0000000
cache-control
max-age=14400
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
735f73a9b863baf3-MXP
cf-bgj
h2pri

Redirect headers

date
Fri, 05 Aug 2022 12:14:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtXecNN3%2BuB2imbFYFY8uCMmAlYgMBNW%2FmZIKlVjxCrAfkuK9bdRJ2tuUQDX%2FND%2FwAbUA5pJqjHQHXvlpfUv3or1GTUqooUpSIr6U8OEXsaw0JK%2BXyYBfZ%2FuVa9Jva%2B10dKTu88DSASXqaBebA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://yamedia.yam.com/2022/share/ad2.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
735f73a8f95d0e22-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
ad3.jpg
yamedia.yam.com/2022/share/
Redirect Chain
  • https://img.yamedia.tw/2022/share/ad3.jpg
  • https://yamedia.yam.com/2022/share/ad3.jpg
143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yamedia.yam.com/2022/share/ad3.jpg
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Server
2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d65c0f0035c85dc4083c681f7ac095455886c3cbd3b7fac51f1a0511de93a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 Aug 2022 12:14:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
bCVyspsGdhPRmjbv/CeghQ==
content-length
146048
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Tue, 19 Jul 2022 01:28:03 GMT
server
cloudflare
etag
"0x8DA6925ED15EB89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0JNBG%2BGqawQu5C3dlmc196bBWaS%2BXxqrFhTnt9vN6tbG87J70fX23hJJahX85VBPNcWersQog7V%2F42hW37hBZL8D%2FbUYoDHHGdHQzU0JPjOA6Z4QzxSWCtLzBFmgLelliQjZ6fcDbC5OB7SlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-ms-request-id
ff8565e4-201e-0016-710e-9b7943000000
cache-control
max-age=14400
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
735f73a9b864baf3-MXP
cf-bgj
h2pri

Redirect headers

date
Fri, 05 Aug 2022 12:14:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GfV5%2BPwwfbxld0cqep6ac7WvOWr%2BnGgP6%2FVZo1o7teiYo7ojY%2Bpiw9Xotp7rp3jzGgomzBN1eANLLyrwkT8OflLvlz3nnRzdrpgScsqIeMoouse8ib5kv5ImbsIh%2Fc%2FXKoqUCf5EgHsTorJWA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://yamedia.yam.com/2022/share/ad3.jpg
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
735f73a8f95e0e22-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6861436
x-jsd-version
3.5.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19174-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyTw9FVkne37tjQl0e5u%2F0l0NLEdGvF1N5Tjm8pAF8YHQ%2FMff%2BLX5Evb6PC9s5LnJJNoikduj3urhE4n7p5ETSANTIlsMAB%2BmOLyIbxpkh6i0g9vGuqr6Wwy%2FQpBnBOSv6DoKMoXf%2F2Zcq8D%2FbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
735f73a8d9ba2397-ZRH
js
www.googletagmanager.com/gtag/ 		109 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79ad41eea2c62c754f2992a80d80f1866c9943a42f3693c097600a21f0c22b14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42881
x-xss-protection
0
expires
Fri, 05 Aug 2022 12:14:19 GMT
dynamic_widget_v1.js
cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
14f074b6a6848d050f8d16e84d33b5c9d1aea78dd1c2cb514427fc2941b4af78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 00:33:44 GMT
content-encoding
gzip
vary
Accept-Encoding
age
5312435
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
A2J0DENQ42DMNK3V
x-amz-id-2
i6ZJQ0HqOUSEbN74C9HiT7bdLGuBTwHmlzArpSKchNIAcrXjUuhcN1c0QpTW+0sGgQ2s/OIKRAI=
last-modified
Mon, 18 Oct 2021 02:44:10 GMT
server
nginx
etag
W/"ceb152ddf5390a749f9c157d20252351"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
b5Fr0DbT9ZSSkmWTQH1UBw4T9JFhWefEzGShGnYXuBmFjvAAcEG2kQ==
expires
Mon, 05 Jun 2023 00:33:44 GMT
plugin.min.js
static.dable.io/dist/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.205.242.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-242-120.deploy.static.akamaitechnologies.com
Software
nginx/1.20.0 /
Resource Hash
95aa09565cd2b57c0c3f6e17315c3cf4f0442d465d25e078b7493141c74e4b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
avl3_pVhjDzITYCtFnZnAndzVUminiOG
Content-Encoding
gzip
Last-Modified
Wed, 03 Aug 2022 01:41:33 GMT
Server
nginx/1.20.0
x-amz-request-id
B789AE7XP2REEPYK
ETag
"4b28e91d6c6fc653f070a0fdd086e56a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=35817
Date
Fri, 05 Aug 2022 12:14:19 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34728
x-amz-id-2
bHZ0QjnXQ9KoX4e0S0ctmly5qwRZ/CBzZn5C/RlGJwazMyVHv1TZpaMkr1YPv3s7vuXwosjGGTw=
render
affiliate.klook.com/v1/affnode/ Frame E377 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.245.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.245.149.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ce2229595f6fbf0014da7323e7d50e37095f7ca8490ba01f625d9a85f683afd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 05 Aug 2022 12:14:19 GMT
server
nginx
server-timing
render-all;dur=0
vary
Accept-Encoding
via
1.1 google
x-cdn-cache
miss
x-cdn-vendor
gcp
x-content-type-options
nosniff
x-download-options
noopen
x-kong-proxy-latency
0
x-kong-upstream-latency
3
x-readtime
0
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e1d6e30710d7d76aef5955eaf80ffc5a1c9bbbb5ab2c8f952907e406fc9d59e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72982
x-xss-protection
0
expires
Fri, 05 Aug 2022 12:14:19 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4339
date
Fri, 05 Aug 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 05 Aug 2022 13:02:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/ Frame 6251 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.yam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Aug 2022 02:41:30 GMT
etag
8616628553774171045
expires
Fri, 19 Aug 2022 02:41:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=2oe830&_p=503657638&_z=ccd.v9B&_gaz=1&cid=634126422.1659701659&ul=en-us&sr=1600x1200&_s=1&sid=1659701659&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2FRTw3f&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RE4LTMGVEF&cid=634126422.1659701659&gtm=2oe830&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=634126422.1659701659&gtm=2oe830&aip=1&z=844921875
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=503657638&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2FRTw3f&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1178714812&gjid=264666567&cid=634126422.1659701659&tid=UA-16227618-1&_gid=614400053.1659701659&_r=1&gtm=2ou830&z=684528605
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16227618-1&cid=634126422.1659701659&jid=1178714812&gjid=264666567&_gid=614400053.1659701659&_u=YADAAUAAAAAAAC~&z=1234018560
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 05 Aug 2022 12:14:19 GMT
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16227618-1&cid=634126422.1659701659&jid=1178714812&_u=YADAAUAAAAAAAC~&z=1074788620
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16227618-1&cid=634126422.1659701659&jid=1178714812&_u=YADAAUAAAAAAAC~&z=1074788620
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prefs2
api.dable.io/plugin/services/dq.yam.com/ 		708 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/dq.yam.com/prefs2?cached_uid=&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.38.21.4 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-38-21-4.ap-northeast-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e6469b91f753c214ac43df094ad7bf2e5b3513fc99cc895caa8e9c0699c7b6f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
istio-envoy
etag
W/"2c4-XI2AHbHMPZgTLWX3z/GZgLTYHo0"
content-type
text/javascript; charset=utf-8
x-envoy-upstream-service-time
82
Connection
keep-alive
Content-Length
389
chunk-vendors.7d24a73d.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame E377 		279 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.7d24a73d.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3c12c9b279ecd44f29f7b8540df516aa83c8e9ddff0c962b2e7f6a2d63807e39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 01 Aug 2022 02:10:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
381837
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
X56D7YGA53S9SZ2K
x-amz-id-2
JIHIVum4WlhJlgpe/7JU5WAix/MNCHr4EJj0bHYPxXADSpX5kjDbsTIE4lUCmdmbvSbYlGX+Fzk=
last-modified
Thu, 21 Jul 2022 10:02:46 GMT
server
nginx
etag
W/"0fc9fbd7ef2b1bff810afbb09ce1f7cd"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
a0-gMR7l8FZETvvF6WBYONMmCBwymbgDLbHM4vSsfBd9mWW4mmqhXg==
expires
Tue, 01 Aug 2023 02:10:23 GMT
chunk-common.0704f96d.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame E377 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.0704f96d.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
075484a797a22d8c56c5a590b3ac5c416ccc2d9757b92b36997291cf174c956b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 09:50:21 GMT
content-encoding
gzip
vary
Accept-Encoding
age
95039
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
8PJ237DW6Q0MA3A9
x-amz-id-2
PBeoFwILtMnN53VySFvRucwBvtEUfgXSbJde5smt6C0zcpIL4ieMDeRHBB6jdmvHvy7eyaPr9hA=
last-modified
Thu, 04 Aug 2022 09:47:31 GMT
server
nginx
etag
W/"34454ba624a8da17aae2225a0899b2b8"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
PnKLVi_ayHoY3DSjKSU18Cy7D_BwxRg7iNfGOfQv9edlQ7D9yKpkpg==
expires
Fri, 04 Aug 2023 09:50:21 GMT
dynamic_widget.8f935648.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame E377 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/dynamic_widget.8f935648.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ba6730883f30233e481bdddb17ad3a9c876231cad4c7d020554e46ad052269f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 09:29:02 GMT
content-encoding
gzip
vary
Accept-Encoding
age
96318
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
DT10QWS36YG9TPSB
x-amz-id-2
vLaYm/EMSPcsazatHqJ7a0xjIsa65DbjkBl3ndS9jnlMVjUpxpRuDX8c1ib0XyctAwaem8Np0lo=
last-modified
Thu, 04 Aug 2022 09:25:00 GMT
server
nginx
etag
W/"cfc33a8ec87b93c22ca2faa446811e58"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
unDu1csr2zjNgnBAayOiMnlj7EpzGjghKVn-Uhvpk3adf76d4AGpww==
expires
Fri, 04 Aug 2023 09:29:02 GMT
dynamic_widget.9930d134.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame E377 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
447e2dcaebbb0f6123fa29fc7b6df9d54abb67dfa3855fa5de462a940e767c5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 00:35:46 GMT
content-encoding
gzip
vary
Accept-Encoding
age
1856314
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
DXWC7ZSNRR0C8H37
x-amz-id-2
7tGcUFUz+6EJJBCNjfdLSLDUQw2Tr1m7mVM198zEliQU6zXfG51R8c929IwDYPSnIFtHtKRpE/Y=
last-modified
Thu, 14 Jul 2022 09:01:16 GMT
server
nginx
etag
W/"549830a2770f20c8a5750eafd68575ca"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
hVT1n9dyJpcsTAk9dKF5_FKSZh7n8R_tKcapgb-2t1vLogT2GCK2rg==
expires
Sat, 15 Jul 2023 00:35:46 GMT
gtm.js
www.googletagmanager.com/ Frame E377 		161 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12b6f9e91912104bcbec90557e6bc66161694b48f2ac906fcdfaf109c536e432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:20 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57410
x-xss-protection
0
expires
Fri, 05 Aug 2022 12:14:20 GMT
experiments
affiliate.klook.com/v2/usrcsrv/hit/ Frame E377 		20 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.0704f96d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.245.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.245.149.34.bc.googleusercontent.com
Software
/
Resource Hash
2c3b090f503ce79d6a5a7d7e2fb210f57f44638ffccb7079790a47b21c7b31b6

Request headers

Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
X-Klook-Request-Id
e18667db-104b-4e59-8d0b-86ccbebdfbd2
accept-language
de-DE,de;q=0.9
X-Klook-Kepler-Id
6759fdfc-c7d5-46eb-b576-ec4b72c7ccb7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 05 Aug 2022 12:14:21 GMT
currency
HKD
x-klook-request-id
e18667db-104b-4e59-8d0b-86ccbebdfbd2
x-cdn-cache
miss
accept-language
en_US
x-klook-version
1
x-kong-proxy-latency
0
x-klook-service-id
01
content-type
application/json; charset=UTF-8
via
1.1 google
x-kong-upstream-latency
5
x-cdn-vendor
gcp
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-klook-lang
en_US
visit
r-log.dable.io/s/dq.yam.com/u/32084137.1659701660722/ 		54 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r-log.dable.io/s/dq.yam.com/u/32084137.1659701660722/visit?url=https%3A%2F%2Fs.yam.com%2FRTw3f&ref=&lang=en-US&cid=32084137.1659701660722&z=124269&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.36.27.221 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-36-27-221.ap-northeast-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 05 Aug 2022 12:14:21 GMT
x-content-type-options
nosniff
server
nginx/1.20.0
content-length
54
content-type
text/javascript; charset=utf-8
jload
pixel.adsafeprotected.com/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.14.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-14-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5a22453885de02dd9f2c66686473d77ee78957dfbaec1aaf6ff702641b4d1174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:20 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=32084137.1659701660722
  • https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220805%22,%22u%22:%2232084137.1659701660722%22%7D%7D
0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220805%22,%22u%22:%2232084137.1659701660722%22%7D%7D
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Server
211.249.220.158 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:22 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/plain;charset=UTF-8
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220220805%22,%22u%22:%2232084137.1659701660722%22%7D%7D
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
0
google
adx.dable.io/pixel/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc=
  • https://adx.dable.io/pixel/google?google_gid=CAESEF9q76kVdFPJbL8wAITkr4w&google_cver=1
35 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.dable.io/pixel/google?google_gid=CAESEF9q76kVdFPJbL8wAITkr4w&google_cver=1
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Server
52.78.181.17 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-78-181-17.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 12:14:21 GMT
server
nginx
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adx.dable.io/pixel/google?google_gid=CAESEF9q76kVdFPJbL8wAITkr4w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idsync
idsync.admixer.co.kr/ 		43 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.admixer.co.kr/idsync?pid=120&uid=32084137.1659701660722
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.110.238.136 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05-Aug-2022 21:14:21 +0900
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP LAW NID PSA ADM OUR IND NAV COM"
Cache-Control
private, max-age=0, no-cache, no-store
Connection
close
Content-Type
image/gif;
Content-Length
43
Expires
Mon, 01 Jan 2000 00:00:00 +0900
pixel
cm-exchange.toast.com/ 		0
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=32084137.1659701660722&toast_push
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Fri, 05 Aug 2022 12:14:21 GMT
Server
nginx
Connection
close
P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
main.19.8.338.js
static.adsafeprotected.com/ 		191 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.338.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33c8de889b2ee1c98fab7f2225523a28e902cbf473cb2dd98ae0924060ec71da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 09:45:37 GMT
content-encoding
gzip
age
268125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 02 Aug 2022 08:13:45 GMT
server
AmazonS3
etag
W/"e1a5977704e37dd78510d2c525f8895e"
vary
Accept-Encoding
x-amz-version-id
ddsMqsfBsuUOeK4VRDJEuaGURph4IHy6
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
o4SQvlIDFhV6shmG4NB0LcrPp9-DyqCs-rLgB3h32Fn7tHo2NmkFyg==
sca.17.5.12.js
static.adsafeprotected.com/ Frame 461F 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
7011588
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
VDsv0ebl__o8RbyQKz2MWoassg_u3cc7kkzTwg0C4oUHKIl-uefJ7w==
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931153&advId=Dable&campId=IAS_Test_Campaign_Apr2021&adsafe_par&bidurl=null&adsafe_url=https%3A%2F%2Fs.yam.com%2FRTw3f&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fs.yam.com%2F&adsafe_type=f&adsafe_jsinfo=,id:7a8bdb26-599d-c2ae-e98d-c7c6047acd39,c:kpYp61,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-experiment-primary-5d4b987cf4-r8hvp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:8.8.1584.1200,am:a,cc:8.8.1584.1200,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,mtim:129,mot:0,app:0,maw:0,fm:tdDB1PQ+1*.931153%7C11%7C12,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:143,oid:22df222f-14b8-11ed-98ac-7a24e3eab78c,v:19.8.338,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.14.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-14-237.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=7a8bdb26-599d-c2ae-e98d-c7c6047acd39&tv=%7Bc:kpYp62,pingTime:-8,time:144,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:144,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:143,wc:0.0.1600.1200,ac:8.8.1584.1200,am:a,cc:8.8.1584.1200,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B12~0%5D,as:%5B12~1584.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tdDB1PQ+1*.931153%7C11%7C12,idMap:1*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8175:1a1c:b701:5da6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=7a8bdb26-599d-c2ae-e98d-c7c6047acd39&tv=%7Bc:kpYp6o,pingTime:-2,time:166,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:4427,bdZ:4614,beA:4615,beZ:4616,mfA:4744,cmA:4745,inA:4745,inZ:4749,prA:4749,prZ:4753,si:4758,poA:4760,poZ:4773,cmZ:4773,mfZ:4773,loA:4775,loZ:4776,ltA:4780,ltZ:4780,mdA:4616,mdZ:4723%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1584,h:1200,t:143%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:143,wc:0.0.1600.1200,ac:8.8.1584.1200,am:a,cc:8.8.1584.1200,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~1584.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tdDB1PQ+1*.931153%7C11%7C12,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,slid:%5B%5D,sinceFw:20,readyFired:true%7D&br=c
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8175:1a1c:b701:5da6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=7a8bdb26-599d-c2ae-e98d-c7c6047acd39&tv=%7Bc:kpYp7y,time:238,type:e,im:%7Bimprf:%7Bttecl:401,ecd:54,tsecr:1%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:238,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:143,wc:0.0.1600.1200,ac:8.8.1584.1200,am:a,cc:8.8.1584.1200,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~1584.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tdDB1PQ+1*.931153%7C11%7C12,idMap:1*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8175:1a1c:b701:5da6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=7a8bdb26-599d-c2ae-e98d-c7c6047acd39&tv=%7Bc:kpYpb6,pingTime:-10,time:458,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1659701661508%7C%7C7a79cdddddec767ec67e4ee4d8caa095%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7Cb2081c65f06d3862570cf9d20cfdfc6c%7C%7C1e4e95fde39536a1d83a02856c941a05%7C%7Ce2a7afc2a5ff9ba1f4364cb420322e6b%7C%7Cf719aaccc2331bd1a7ac8d50d766a6df%7C%7C36aef6a84d5f7a0d2b6912315a790718%7C%7C1629390669%7D
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8175:1a1c:b701:5da6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=503657638&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2FRTw3f&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABAAAAAC~&jid=1997695004&gjid=439645205&cid=634126422.1659701659&tid=UA-64397972-25&_gid=614400053.1659701659&_r=1&_slc=1&cd1=5771&z=1629977273
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64397972-25&cid=634126422.1659701659&jid=1997695004&gjid=439645205&_gid=614400053.1659701659&_u=aADAAUABAAAAAC~&z=445365999
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 05 Aug 2022 12:14:21 GMT
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dynamic
affiliate.klook.com/v3/affsrv/ads/widget/ Frame E377 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v3/affsrv/ads/widget/dynamic?adid=535741
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.0704f96d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.245.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.245.149.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
83638f3d537c41d3d6ff1f9be574543121ea6f136eb76b5aba5e63ab99218b57

Request headers

X-Klook-Request-Id
e2eb8124-1a42-4ea4-b8a9-2064019c1cca
accept-language
de-DE,de;q=0.9
X-Klook-Kepler-Id
6759fdfc-c7d5-46eb-b576-ec4b72c7ccb7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
X-Klook-Tint
[]

Response headers

date
Fri, 05 Aug 2022 12:14:22 GMT
content-encoding
gzip
x-klook-request-id
e2eb8124-1a42-4ea4-b8a9-2064019c1cca
server
uvicorn
x-cdn-cache
miss
x-kong-proxy-latency
1
vary
Accept-Encoding
content-type
application/json
via
1.1 google
x-kong-upstream-latency
277
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
web
log.klook.com/v2/frontlogsrv/log/ Frame E377 		62 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.klook.com/v2/frontlogsrv/log/web
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.7d24a73d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.170.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.170.111.34.bc.googleusercontent.com
Software
/
Resource Hash
168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer
https://affiliate.klook.com/
accept-language
de-DE,de;q=0.9
X-Platform
desktop
Content-Type
application/json

Response headers

date
Fri, 05 Aug 2022 12:14:23 GMT
currency
HKD
x-klook-request-id
89952d7
accept-language
en_US
x-klook-version
1
x-klook-service-id
01
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
via
1.1 google
x-klook-lang
en_US
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64397972-25&cid=634126422.1659701659&jid=1997695004&_u=aADAAUABAAAAAC~&z=764364378
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64397972-25&cid=634126422.1659701659&jid=1997695004&_u=aADAAUABAAAAAC~&z=764364378
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
log.klook.com/v2/frontlogsrv/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://log.klook.com/v2/frontlogsrv/log/web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.170.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.170.111.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-platform
Access-Control-Request-Method
POST
Origin
https://affiliate.klook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 05 Aug 2022 12:14:22 GMT
via
1.1 google
x-cdn-vendor
gcp
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=7a8bdb26-599d-c2ae-e98d-c7c6047acd39&tv=%7Bc:kpYpoJ,time:1303,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1303,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:143,wc:0.0.1600.1200,ac:8.8.1584.1200,am:a,cc:8.8.1584.1200,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1172~0%5D,as:%5B1172~1584.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:737,fm:tdDB1PQ+1*.931153%7C11%7C12,idMap:1*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: s.yam.com
URL: https://s.yam.com/RTw3f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8175:1a1c:b701:5da6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:22 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=503657638&t=event&_s=2&dl=https%3A%2F%2Fs.yam.com%2FRTw3f&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=time&ea=3DADPAGE&el=play&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=634126422.1659701659&tid=UA-16227618-1&_gid=614400053.1659701659&gtm=2ou830&z=1691492813
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 13:38:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81336
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=503657638&t=event&_s=3&dl=https%3A%2F%2Fs.yam.com%2FRTw3f&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E5%81%9C%E7%95%99%E6%99%82%E9%96%93&ea=3DADPAGE&el=5%E7%A7%92%E5%85%A7&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=634126422.1659701659&tid=UA-16227618-1&_gid=614400053.1659701659&gtm=2ou830&z=1724319874
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Aug 2022 13:38:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81336
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931153&asId=7a8bdb26-599d-c2ae-e98d-c7c6047acd39&tv=%7Bc:kpYpsq,time:1532,type:e,im:%7Bpci:%7Btdr:1363%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1532,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:143,wc:0.0.1600.1200,ac:8.8.1584.1200,am:a,cc:8.8.1584.1200,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1401~0%5D,as:%5B1401~1584.1200%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:174,fm:tdDB1PQ+1*.931153%7C11%7C12,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:8175:1a1c:b701:5da6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:22 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
analytics.js
www.google-analytics.com/ Frame E377 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4342
date
Fri, 05 Aug 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 05 Aug 2022 13:02:00 GMT
event
affiliate.klook.com/v3/affsrv/ads/ Frame E377 		70 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v3/affsrv/ads/event
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.0704f96d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.245.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.245.149.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id
d59fa7f3-2ccc-459c-8bb3-f38bc413ccf4
accept-language
de-DE,de;q=0.9
X-Klook-Kepler-Id
6759fdfc-c7d5-46eb-b576-ec4b72c7ccb7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json; charset=UTF-8
X-iframe-Data
{"type":4,"data":""}
Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&

Response headers

date
Fri, 05 Aug 2022 12:14:23 GMT
via
1.1 google
x-klook-request-id
d59fa7f3-2ccc-459c-8bb3-f38bc413ccf4
server
uvicorn
x-cdn-cache
uncacheable
access-control-allow-headers
Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
x-kong-proxy-latency
1
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-kong-upstream-latency
1
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
dtnpjnkl1zysamveodbn.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame E377 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/dtnpjnkl1zysamveodbn.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
869fd3d75ff33c70da2441cd5bde0ffa2d4b4dc20b318ca14c8c04f52b8afde8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:21:55 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3297148
x-cache
Hit from cloudfront
content-length
34569
last-modified
Tue, 28 Jun 2022 08:20:34 GMT
server
Cloudinary
etag
"fad6804107f76e5b5c0f911106d29c63"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IRAfq7xJJxPZwDByAzxcdh7wSN3gGFkByF5anpllTZ1pz9g8UmUMlg==
discount_tag.e0e3de40.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame E377 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag.e0e3de40.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 01:03:30 GMT
content-encoding
gzip
vary
Accept-Encoding
age
5137852
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
FTE7XN1JQYBCFVKS
x-amz-id-2
VKF2zT9YPNyQD0TQ5TAksdV+Sv48tum5yYfFJ9EOVsD9m6VNmfqP808RtBX56gawQiE1dvzC75Y=
last-modified
Thu, 02 Jun 2022 09:31:36 GMT
server
nginx
etag
W/"73fe4f4789c649448f50bd8cd7c33443"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
2UqyzjvN4NFFx2Tj_TSJkgt-8urFoURUdSxsRAbGPIACLfA7Wn5nhA==
expires
Wed, 07 Jun 2023 01:03:30 GMT
discount_tag_2.69d9dac9.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame E377 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag_2.69d9dac9.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 18 May 2022 01:42:26 GMT
content-encoding
gzip
vary
Accept-Encoding
age
6863516
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
NMFMCQQ1A7B5B98W
x-amz-id-2
wjq9x06JakmBx9GYYixXCSEACWt4swf3H+7rIcmJb3TvzMFB/2RfW360YwGR1iTFWfKQYCz+guw=
last-modified
Mon, 16 May 2022 06:42:06 GMT
server
nginx
etag
W/"0ecccb9ccb594c2f50986543a7b41596"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
GaJmL6Dk-7u_q9-pqGQ4BfsY7Vk0bh4pPKBL12ZR7OnPU2e2T8DCHA==
expires
Thu, 18 May 2023 01:42:26 GMT
score_horn.c3c4b90e.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame E377 		273 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/score_horn.c3c4b90e.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4c00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.9930d134.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 01:01:26 GMT
content-encoding
gzip
vary
Accept-Encoding
age
5569976
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
NPEPYW4AV9GRE3S7
x-amz-id-2
iYxzV/1Ys+F58UTVuNdFBpxrn1+nh/doQDYRxrn/SPxEQJYF10u2joY1BzJ6EDvQ3apG0XskOUQ=
last-modified
Tue, 31 May 2022 03:20:54 GMT
server
nginx
etag
W/"285c40b4f2b0100e2ac64ad32549ac8f"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
TF4ndLToflpRRpsVnyOgVEHpZR7DSP3QDeSNEtz6ifwVDbgz13BW0g==
expires
Fri, 02 Jun 2023 01:01:26 GMT
fqvwxnebsnwaeoohvhkh.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame E377 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/fqvwxnebsnwaeoohvhkh.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
a3f0a6c81653200ce91d9c40fb42af50a8734bb73671fb74a3a3979a6449d00f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 18:20:33 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
64430
x-cache
Hit from cloudfront
content-length
34216
last-modified
Sat, 27 Nov 2021 01:54:17 GMT
server
Cloudinary
etag
"b6cc2e4c5fdb22d92e0dea0a39dc58e9"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
GfAiIQy0YJXg8TYKPI69g9AfYCcFzocgMkoBGyzBSk6ag_mlZ2QCYg==
zhtt5hq0saychg9cnzdz.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame E377 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/zhtt5hq0saychg9cnzdz.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f200:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0f40bc4a3335707725668e9ec7a2ec9ca721392e0e6ebee3222fcedae1a4e9a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 05:47:52 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
282391
x-cache
Hit from cloudfront
content-length
36228
last-modified
Mon, 29 Nov 2021 14:46:32 GMT
server
Cloudinary
etag
"80b8a3aeb9574a8635292aa846d9b439"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mn5bTNUbHVJihmaypFSaguHhkZ8P-IpC5jAY2BvRSDPQQCc4fyxr0Q==
web
log.klook.com/v2/frontlogsrv/log/ Frame E377 		0
0
web
log.klook.com/v2/frontlogsrv/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://log.klook.com/v2/frontlogsrv/log/web
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.170.216 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
216.170.111.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-platform
Access-Control-Request-Method
POST
Origin
https://affiliate.klook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 05 Aug 2022 12:14:23 GMT
via
1.1 google
x-cdn-vendor
gcp
collect
www.google-analytics.com/j/ Frame E377 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=753995624&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fv1%2Faffnode%2Frender%3Fprod%3Ddynamic_widget%26adid%3D535741%26cid%3D59%26tid%3D-1%26amount%3D3%26&dr=https%3A%2F%2Fs.yam.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=1584x470&je=0&ec=Experimentation&ea=Affiliate%20Ad%20Impression&el=Dynamic%20Widget%20TTD&_u=YEBAAEABAAAAAC~&jid=94654187&gjid=525297772&cid=1143962813.1659701663&tid=UA-86696233-5&_gid=1553484842.1659701663&_r=1&gtm=2wg830WNBGXWM&cd4=6759fdfc-c7d5-46eb-b576-ec4b72c7ccb7&cd5=&cd6=535741&cd7=5116&cd11=59&cd12=Shanghai&cd13=59%2C59%2C59&cd14=Shanghai%2CShanghai%2CShanghai&cd19=3&cd20=2128%2C3947%2C2123&cd21=Ticket%20f%C3%BCr%20Shanghai%20Disneyland%2COriental%20Pearl%20Tower%20(Direkteintritt%20mit%20QR%20Code)%2CFlughafentransfers%20(SHA%2FPVG)%20in%20Shanghai%20(mehrere%20Fahrzeugmodelle)&cd1=1143962813.1659701663&z=1404850287
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://affiliate.klook.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Aug 2022 12:14:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://affiliate.klook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
log.klook.com/v2/frontlogsrv/log/ Frame 		0
0
web
log.klook.com/v2/frontlogsrv/log/ Frame E377 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
log.klook.com
URL
https://log.klook.com/v2/frontlogsrv/log/web
Domain
log.klook.com
URL
https://log.klook.com/v2/frontlogsrv/log/web
Domain
log.klook.com
URL
https://log.klook.com/v2/frontlogsrv/log/web

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| lang number| t number| st number| mv boolean| isStop function| showTime function| mover function| mout function| getRandom function| gev function| gtag object| dataLayer function| dable function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| KlookAffV5 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| dbljson1 function| dbljson2 function| __IntegralASDiagnosticCall object| __IntegralASConfig function| mainScriptAppender object| __IASScope boolean| isDomless object| __IASOmidVerificationClient object| __IntegralASExec

30 Cookies

Domain/Path Name / Value
smarturl.it/ Name: AWSALB
Value: 34W+PteQr9E7W/0EwfZvlRMxfTZ4Y1FPXwcf7XsEe+avsYuk13UJqf2CQcfQGTowI/EUKJlqFArB30vydmuyzT/wwK1hjlVLKq0FFRQfeyI9w+iAO69X112a4aaO
smarturl.it/ Name: requester_id
Value: 1555527612084764675
smarturl.it/ Name: last_click_44vs8g
Value: 1659701657683
02ip.ru/ Name: clhf03028ja
Value: 217.64.151.32
02ip.ru/ Name: 393297443644888864
Value: 3
.yam.com/ Name: _ga
Value: GA1.2.634126422.1659701659
.yam.com/ Name: _gid
Value: GA1.2.614400053.1659701659
.yam.com/ Name: _gat_gtag_UA_16227618_1
Value: 1
affiliate.klook.com/ Name: kepler_id
Value: 6759fdfc-c7d5-46eb-b576-ec4b72c7ccb7
.dable.io/ Name: uid
Value: 32084137.1659701660722
.dable.io/ Name: _skp
Value: 1
.dable.io/ Name: _gg_ck_match
Value: 1
.dable.io/ Name: _nas_ck_match
Value: 1
.dable.io/ Name: _nh_ck_match
Value: 1
.s.yam.com/ Name: dable_uid
Value: 32084137.1659701660722
.doubleclick.net/ Name: IDE
Value: AHWqTUkJaoXGXal4ZQApHEa1FI5C638tsDjZRQ0lWGLgYMRHW2Z60I76Sd3IHyMNcVc
.toast.com/ Name: BID
Value: ZP7DI5L72ZLV4809067R63QIY
.toast.com/ Name: txmed_1440080439
Value: 32084137.1659701660722_:_EXP_:_1662293661
.toast.com/ Name: txsync
Value: 1659701661
.yam.com/ Name: _gat_dable
Value: 1
.ad.daum.net/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220805%22%2C%22u%22%3A%2232084137.1659701660722%22%7D%7D
.ds.kakao.com/ Name: DSPR
Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220220805%22%2C%22u%22%3A%2232084137.1659701660722%22%7D%7D
.admixer.co.kr/ Name: __auid
Value: b9ca0c4d9fa0bf3d310b22ce06b20b9d
.admixer.co.kr/ Name: __puid_120
Value: 32084137.1659701660722
.admixer.co.kr/ Name: __id_utm
Value: 20220805
.admixer.co.kr/ Name: __id_inf_120
Value: 0_32084137.1659701660722
.yam.com/ Name: _ga_RE4LTMGVEF
Value: GS1.1.1659701659.1.0.1659701662.57
.klook.com/ Name: _ga
Value: GA1.2.1143962813.1659701663
.klook.com/ Name: _gid
Value: GA1.2.1553484842.1659701663
.klook.com/ Name: _gat_UA-86696233-5
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://hanalytics.eu/js/script.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02ip.ru
999.sh
act.ds.kakao.com
adx.dable.io
affiliate.klook.com
analytics.ad.daum.net
api.dable.io
cdn.jsdelivr.net
cdn.klook.com
cm-exchange.toast.com
cm.g.doubleclick.net
dt.adsafeprotected.com
googleads.g.doubleclick.net
hanalytics.eu
idsync.admixer.co.kr
img.yamedia.tw
log.klook.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
r-log.dable.io
region1.analytics.google.com
res.klook.com
s.yam.com
smarturl.it
static.adsafeprotected.com
static.dable.io
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
yamedia.yam.com
log.klook.com
103.243.202.190
104.128.237.63
13.76.85.56
142.250.186.98
148.251.234.93
183.110.238.136
2001:4860:4802:34::36
211.249.220.158
23.205.242.120
2600:1f13:800:7782:8175:1a1c:b701:5da6
2600:9000:2057:f200:e:aa0e:eb00:93a1
2600:9000:214f:4400:8:48e:53c0:93a1
2600:9000:214f:4c00:1b:29b:ed80:93a1
2606:4700:3030::ac43:d4a7
2606:4700::6810:5514
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9c
2a06:98c1:3120::3
3.36.27.221
3.38.21.4
34.111.170.216
34.149.245.231
52.48.14.237
52.78.181.17
54.217.123.201
91.216.107.43
05ac361d58b8f304b0f7eab73c64de2b8c9d8d32fb074d6740be3f1903559948
075484a797a22d8c56c5a590b3ac5c416ccc2d9757b92b36997291cf174c956b
0f40bc4a3335707725668e9ec7a2ec9ca721392e0e6ebee3222fcedae1a4e9a4
12b6f9e91912104bcbec90557e6bc66161694b48f2ac906fcdfaf109c536e432
14f074b6a6848d050f8d16e84d33b5c9d1aea78dd1c2cb514427fc2941b4af78
168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2c3b090f503ce79d6a5a7d7e2fb210f57f44638ffccb7079790a47b21c7b31b6
33c8de889b2ee1c98fab7f2225523a28e902cbf473cb2dd98ae0924060ec71da
3c12c9b279ecd44f29f7b8540df516aa83c8e9ddff0c962b2e7f6a2d63807e39
42d65c0f0035c85dc4083c681f7ac095455886c3cbd3b7fac51f1a0511de93a5
447e2dcaebbb0f6123fa29fc7b6df9d54abb67dfa3855fa5de462a940e767c5b
579ce3b7723d70e40dd04379ea15718e082e217560faefdf6706b15e86666040
5a22453885de02dd9f2c66686473d77ee78957dfbaec1aaf6ff702641b4d1174
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba6730883f30233e481bdddb17ad3a9c876231cad4c7d020554e46ad052269f
6e1d6e30710d7d76aef5955eaf80ffc5a1c9bbbb5ab2c8f952907e406fc9d59e
79ad41eea2c62c754f2992a80d80f1866c9943a42f3693c097600a21f0c22b14
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83638f3d537c41d3d6ff1f9be574543121ea6f136eb76b5aba5e63ab99218b57
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869fd3d75ff33c70da2441cd5bde0ffa2d4b4dc20b318ca14c8c04f52b8afde8
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
95aa09565cd2b57c0c3f6e17315c3cf4f0442d465d25e078b7493141c74e4b47
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3f0a6c81653200ce91d9c40fb42af50a8734bb73671fb74a3a3979a6449d00f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
c9ddada0acfcfe1a96a281232ead9f551f5815408ffec4060d0175c1b6cccbc0
ce2229595f6fbf0014da7323e7d50e37095f7ca8490ba01f625d9a85f683afd2
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2454476908ab8a04d981a2db03e9ee5c679d02c4b64257511d6d07cc03ed9a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6469b91f753c214ac43df094ad7bf2e5b3513fc99cc895caa8e9c0699c7b6f6
ec1e92360a6d94055900af28db943a53f734293370fbda7fbec89c097c616160
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d