urlscan.io logo urlscan.io
SecurityTrails logo

s.yam.com Open in urlscan Pro
52.187.123.178  Public Scan

Go To Rescan Add Verdict Report
URL: https://s.yam.com/r0mmv
Submission: On November 04 via api from AE — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 41 HTTP transactions. The main IP is 52.187.123.178, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is s.yam.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 5th 2023. Valid for: a year.
This is the only time s.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.187.123.178 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.yam.com
1    2404:6800:4003:c00::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700:3035::6815:3d44 (United States)

ASN13335 (CLOUDFLARENET, US)
img.yamedia.tw
3    2606:4700:21::681b:ce5c (United States)

ASN13335 (CLOUDFLARENET, US)
yamedia.yam.com
travelimg.yam.com
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2404:6800:4003:c01::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2600:9000:20c7:cc00:1b:29b:ed80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.klook.com
1    2404:6800:4003:c0f::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    34.149.108.21 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 21.108.149.34.bc.googleusercontent.com
affiliate.klook.com
6    2404:6800:4003:c1a::64 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2404:6800:4003:c02::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2404:6800:4003:c11::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com.vn
1    2404:6800:4003:c1a::93 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google.com
2    34.111.170.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.170.111.34.bc.googleusercontent.com
log.klook.com
3    2600:9000:200a:1e00:e:aa0e:eb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
res.klook.com
Apex Domain
Subdomains		 Transfer
17 klook.com
cdn.klook.com — Cisco Umbrella Rank: 98746
affiliate.klook.com — Cisco Umbrella Rank: 121985
log.klook.com — Cisco Umbrella Rank: 76563
res.klook.com — Cisco Umbrella Rank: 80986
261 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
4 yam.com
s.yam.com
yamedia.yam.com
travelimg.yam.com
59 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
703 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
224 KB
2 google.com.vn
www.google.com.vn — Cisco Umbrella Rank: 9624
515 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
32 KB
1 yamedia.tw
img.yamedia.tw
520 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
51 KB
0 hanalytics.eu Failed
hanalytics.eu Failed
41 11
Domain Requested by
8 cdn.klook.com s.yam.com
affiliate.klook.com
cdn.klook.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 affiliate.klook.com cdn.klook.com
3 res.klook.com
3 www.googletagmanager.com s.yam.com
affiliate.klook.com
www.googletagmanager.com
2 log.klook.com cdn.klook.com
2 www.google.com.vn s.yam.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 travelimg.yam.com s.yam.com
1 www.google.com s.yam.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 cdn.jsdelivr.net s.yam.com
1 yamedia.yam.com s.yam.com
1 img.yamedia.tw 1 redirects
1 pagead2.googlesyndication.com s.yam.com
1 s.yam.com
0 hanalytics.eu Failed s.yam.com
41 18

This site contains links to these domains. Also see Links.

Domain
travel.yam.com
dev-lernoxy.pantheonsite.io
Subject Issuer Validity Valid
*.yam.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-05 -
2024-07-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
yam.com
GTS CA 1P5		 2023-10-28 -
2024-01-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.klook.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-12 -
2024-03-14		 a year crt.sh
affiliate.klook.com
GTS CA 1D4		 2023-09-11 -
2023-12-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com.vn
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
log.klook.com
GTS CA 1D4		 2023-09-15 -
2023-12-14		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://s.yam.com/r0mmv
Frame ID: 6F0A8B9A1CCB09566770DD42C338A339
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: B10051760878A96E530CBCC41A3C2165
Requests: 1 HTTP requests in this frame

Frame: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Frame ID: FA258CD3DB3847AAC1AC8D1C1C4CD038
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

yamShare-縮網址服務

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

95 %
HTTPS

81 %
IPv6

11
Domains

18
Subdomains

16
IPs

2
Countries

675 kB
Transfer

1606 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://img.yamedia.tw/2021/share/logo.png HTTP 302
  • https://yamedia.yam.com/2021/share/logo.png

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request r0mmv
s.yam.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.yam.com/r0mmv
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5a594750703c4242e63082b7d4b2bed8ea53bb4bcfac10242e9bbd2176e1b976

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
4256
Content-Type
text/html; charset=utf-8
Date
Sat, 04 Nov 2023 21:31:38 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a1b814cce390f2d80b2a2ee600f725595a7f5455a3d373255ab200ff78b8c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51945
x-xss-protection
0
server
cafe
etag
16162698959178509093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 21:31:39 GMT
script.js
hanalytics.eu/js/ 		0
0
logo.png
yamedia.yam.com/2021/share/
Redirect Chain
  • https://img.yamedia.tw/2021/share/logo.png
  • https://yamedia.yam.com/2021/share/logo.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yamedia.yam.com/2021/share/logo.png
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f770cce2c2e7878a6044378b5a953c03be552ce26a5402704d5dece8e3069b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 21:31:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Y+1jEmgYjP8CiQLDg0WN9Q==
cf-polished
origSize=15099
content-length
14244
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Jan 2021 02:55:26 GMT
server
cloudflare
etag
"0x8D8C3382A364852"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZsVSgBbzve9T30mQ%2Fe5%2BBcIDc9YIS3AEZ71aSaFwF8UEVsHaMplnRO8S5bCW2BpAXhO%2FgwW2RSenOCd7PZZ3pqtYogxlH0Tr0Dww4b5D%2Ff0PogPsVDyyroA7HcVR1FJILvt%2BCUwtFHa2go8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-ms-request-id
d9a0d2f8-d01e-003d-0528-61f98f000000
cache-control
max-age=14400
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
820ff7157b75601d-SIN

Redirect headers

date
Sat, 04 Nov 2023 21:31:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDEHo4b7xyytBHaE26DtoBgoxO0%2FuS47ijKRM%2FnPwEIZ35ubiR6rFV2kWYvWOEZJTI7NCM3aQ7uU3R%2BmA4vMa9BO3lP4pkkGLWrSJcjiHTiMTxFxlq5SOmQoJhbQBKMilocYFXC0%2BRDrL%2By%2F6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://yamedia.yam.com/2021/share/logo.png
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
820ff7138dc53fc2-SIN
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
2020111217022617.PNG
travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2020111217022617.PNG
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
049409ae1f5609755051d9d8cd8ba8267730d625d22e362348f13e67fc2af812
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
15442
cf-resized
internal=ok/h q=0 n=12+0 c=12+26 v=2023.8.1 l=15442
last-modified
Thu, 12 Nov 2020 09:02:26 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf9a_yTgqwpCxmtkY3MCAPbNHj_h8U8Ar-qbnpfcXEDQ:7495b8bd2b8d61:0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKYjWHfcvMbpB20RQZKa4f8p5Dj9DNV7f%2FC%2BXzMGOZG7UBio1WtMNpVdtwYI30FtZiSgNv06lVrTLeOEfN3CvUUIDBHjcTpt7NUk%2F2FgDa3iQZxWERajqO3Z5Y7XIZx%2Fwn1O0A5zBo9r6AN%2B6OZo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
820ff711e83e601d-SIN
priority
u=1;i=?0,cf-chb=(259;u=3;i=?0 1772;u=5;i=?0 13514;u=6;i=?0)
2022082609183827.jpg
travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travelimg.yam.com/cdn-cgi/image/w=300,h=250,fit=cover/DATA/ARTICLE/2022082609183827.jpg
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::681b:ce5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46b27b83274ec04ae88b815c230bb55c686b393fed2eb5e5724a904364df941
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
24402
cf-resized
internal=ok/h q=0 n=17+0 c=10+39 v=2023.9.8 l=24402
last-modified
Fri, 26 Aug 2022 01:18:38 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf0i-AlQ8TRhW2Ulg7CkVRK6p8_h8U8Ar-qbnpfcXEDQ:e1522ac5e9b8d81:0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=082pd9595TW9NllSmfZTW2qTxeLFlUP6WWygLqMdks60LRq2B8N0dTFIvx80dbUpUpPEr%2BpSnHeq5Wy8pym%2BBH2n1td28h3gRaqqQADGadlPewql%2B5a%2FVhGeG%2B4u8fr6jxaX%2FPtUddNMONigd32o"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
820ff711f841601d-SIN
priority
u=1;i=?0,cf-chb=(261;u=3;i=?0 1864;u=5;i=?0 14170;u=6;i=?0)
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 04 Nov 2023 21:31:39 GMT
x-content-type-options
nosniff
content-encoding
br
age
20248315
x-jsd-version
3.5.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
32699
x-served-by
cache-fra-eddf8230128-FRA, cache-maa10226-MAA
x-jsd-version-type
version
etag
W/"15d84-yOHIs4bcW3qRhMdjyI0Zo0brM0I"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		131 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b25716ad759c36600804bb839ae3a3a964bff3073cbc1c54b55ce3c478ce509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51369
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 21:31:39 GMT
dynamic_widget_v1.js
cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
14f074b6a6848d050f8d16e84d33b5c9d1aea78dd1c2cb514427fc2941b4af78
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 20:50:19 GMT
content-encoding
gzip
via
1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
1ZFK1QT5103QSY4K
x-amz-cf-pop
SIN5-C1
age
8124080
x-cache
Hit from cloudfront
x-amz-id-2
o01EW4wQkj0AAaKTtJYXuanH81C+AuGCi1IOkZOMBNMwAPmHLtnmVBZbbckag11iIj1Sc62TMaI=
last-modified
Mon, 18 Oct 2021 02:44:10 GMT
server
nginx
etag
W/"ceb152ddf5390a749f9c157d20252351"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
O1PV-Fnm6K_kpTdbVG1Q1BXIrJ21Uuz6lTyW2VCMy0VaO2PxNgzFyg==
expires
Thu, 01 Aug 2024 20:50:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame B100 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.yam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

age
6877
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 19:37:02 GMT
etag
251720774729838433
expires
Sat, 18 Nov 2023 19:37:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
render
affiliate.klook.com/v1/affnode/ Frame FA25 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/s/dist/desktop/dynamic_widget_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
040c67370935351108e03bf1d4e93002ac9d2ce56a2a09b94dd6622f7d2a58cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s.yam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
774
content-type
text/html; charset=utf-8
date
Sat, 04 Nov 2023 21:31:39 GMT
server
ReplaceHeaderValue
server-timing
render-all;dur=0
vary
Accept-Encoding
via
1.1 google
x-cdn-cache
miss
x-cdn-vendor
gcp
x-content-type-options
nosniff
x-download-options
noopen
x-kong-proxy-latency
1
x-kong-upstream-latency
2
x-readtime
0
x-xss-protection
1; mode=block
chunk-vendors.4e7d914d.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame FA25 		345 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.4e7d914d.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2449a4c8476c8541fc2e09d7c08ad26fc9ca9d5e954fbcf698bbfc7f12980a2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 08:32:09 GMT
content-encoding
gzip
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
YH77NSS87C63WXQK
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
997170
x-cache
Hit from cloudfront
x-amz-id-2
sug7IATINVjShH75/TredtWiMS6cYKujbNasNRUtGzE6fPlFVkXQJW/ykUVLJqsV3dTgUnIMBbE=
last-modified
Tue, 24 Oct 2023 07:55:04 GMT
server
nginx
etag
W/"08347aaec41992d5f1753b1e56e6571c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
OvFYA0zQGICNSI6iV9OBdSN1WILeNjxvRHz_f1DLh98zllP4Pr68Ow==
expires
Wed, 23 Oct 2024 08:32:09 GMT
chunk-common.743fca44.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame FA25 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b8265f85dc657617d56d9de1c9762203d13e30646a40ee2f6e06b5e50068824e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 08:32:09 GMT
content-encoding
gzip
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
YH7CZP45E4RT122Y
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
997170
x-cache
Hit from cloudfront
x-amz-id-2
d2VNnKDv3T7pk/oDJf4w99lbEGh1o4bhtD4TLqrrK2rdAJERnSFSJZ5WedDZFHutpyEtDzQ+gYE=
last-modified
Tue, 24 Oct 2023 07:55:04 GMT
server
nginx
etag
W/"43e706b169d5afcf8f2e6b3f52af1942"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
HfOt_LoNACx1hPXI576oPd5FW1PPMIBnwIStZWIdsk_Cdm98PRGbTA==
expires
Wed, 23 Oct 2024 08:32:09 GMT
dynamic_widget.0c4fad03.js
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/ Frame FA25 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/dynamic_widget.0c4fad03.js
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
067aaa8a81722ba6535ff3c5378bbfd967fc86a5286d0db82cf8ede529b30d6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:28:41 GMT
content-encoding
gzip
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
5Z277XWFZ2GM4X36
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
298978
x-cache
Hit from cloudfront
x-amz-id-2
N+xZ4VT6jEI4NH7ICA5jmVFTBDl+qQ5h8aIVPLHFv80DP83cWXIsGkG/FYv4a4lmYTIuI0LAlCs=
last-modified
Wed, 01 Nov 2023 08:51:50 GMT
server
nginx
etag
W/"981793876647b0cec744604fd1bbb47d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
LuAXSqYbs0mndLesmqLgJdWKqYQOrmvejnIHDqEPGo-3xER_hYWoCQ==
expires
Thu, 31 Oct 2024 10:28:41 GMT
dynamic_widget.43f3d679.css
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/ Frame FA25 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fd73fe1fdcc25cf7bcb05ed5160f096d50160f227b5a85056010459755a4788e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

Referer
https://affiliate.klook.com/
Origin
https://affiliate.klook.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 10:28:41 GMT
content-encoding
gzip
via
1.1 4ac3d01dc034ade34c90e81091421c76.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
5Z2EYAFH1392J9NP
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
298978
x-cache
Hit from cloudfront
x-amz-id-2
xUCxGKyHfZvGPhohjLKZ+u6n51CybyqDECoeY/STYNpZk+w7avRXiNpcliBSRXOFiOqJMrrFw84=
last-modified
Wed, 01 Nov 2023 08:51:49 GMT
server
nginx
etag
W/"3bae0ca9cbb45c46e41f5840aa8f3e18"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
5voqLWhIqfICPkSl3qUfWPcIvyW1TY2z0SbZD6EHptdZwiE70HkS8Q==
expires
Thu, 31 Oct 2024 10:28:41 GMT
gtm.js
www.googletagmanager.com/ Frame FA25 		244 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM
Requested by
Host: affiliate.klook.com
URL: https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
610967d7670b7893ec497770f34ad70398136e158653008e55ea2f053f948e76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84687
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 Nov 2023 21:31:39 GMT
experiments
affiliate.klook.com/v2/usrcsrv/hit/ Frame FA25 		35 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v2/usrcsrv/hit/experiments
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
43681bb301017bbd2d066cabbe5d2425b016cd37d43223b7865afaa8d2338734

Request headers

Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
X-Klook-Request-Id
86e172ff-9ece-4e85-b28b-5243e98dbd9c
accept-language
zh-SG,zh;q=0.9
X-Klook-Kepler-Id
df6feead-9e7e-4bfa-bb8e-84fcb9de75cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-encoding
gzip
via
1.1 google
x-klook-request-id
86e172ff-9ece-4e85-b28b-5243e98dbd9c
x-cdn-cache
miss
accept-language
zh_TW
x-kong-proxy-latency
0
x-klook-service-id
01
x-kong-upstream-latency
3
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
currency
HKD
server
ReplaceHeaderValue
x-klook-version
1
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
x-klook-lang
zh_TW
js
www.googletagmanager.com/gtag/ 		272 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa50f1f5cf363f6b97fea720152a5c337c8caa59929bedd31ee10c221c0718f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 21:31:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92722
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 21:31:39 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 21:06:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1531
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 04 Nov 2023 23:06:08 GMT
collect
www.google-analytics.com/j/ 		2 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=348372200&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2Fr0mmv&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2028357486&gjid=375180789&cid=856605252.1699133500&tid=UA-16227618-1&_gid=1407538941.1699133500&_r=1&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=626693662
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=45je3b11v874613512&_p=1699133499803&_gaz=1&gcd=11l1l1l1l1&cid=856605252.1699133500&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699133499&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2Fr0mmv&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=page_view&_fv=1&_ss=1&tfd=913
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RE4LTMGVEF&cid=856605252.1699133500&gtm=45je3b11v874613512&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.vn/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.vn/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=856605252.1699133500&gtm=45je3b11v874613512&aip=1&z=1042732333
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		8 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16227618-1&cid=856605252.1699133500&jid=2028357486&gjid=375180789&_gid=1407538941.1699133500&_u=YEBAAUAAAAAAACAAI~&z=695420559
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2473f6b5de25a42c847542470abe476663bd1bc2a323f26cfc62ad8113344901
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s.yam.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 04 Nov 2023 21:31:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
expires
Fri, 01 Jan 1990 00:00:00 GMT
dynamic
affiliate.klook.com/v1/affadsrv/widget/ Frame FA25 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v1/affadsrv/widget/dynamic?adid=535741
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
76668ea2909bcc5b06a68b4febd1244fee946d03c9f85fa107cb2a54c23f537d

Request headers

X-Klook-Request-Id
91857273-f6a8-4b11-8abd-e703b5505007
accept-language
zh-SG,zh;q=0.9
X-Klook-Kepler-Id
df6feead-9e7e-4bfa-bb8e-84fcb9de75cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=utf-8
Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&
X-Klook-Tint
[]

Response headers

date
Sat, 04 Nov 2023 21:31:40 GMT
content-encoding
gzip
via
1.1 google
x-klook-request-id
91857273-f6a8-4b11-8abd-e703b5505007
server
ReplaceHeaderValue
x-cdn-cache
miss
x-kong-proxy-latency
0
vary
Accept-Encoding
content-type
application/json
x-kong-upstream-latency
24
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16227618-1&cid=856605252.1699133500&jid=2028357486&_u=YEBAAUAAAAAAACAAI~&z=1672298168
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::93 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.vn/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.vn/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16227618-1&cid=856605252.1699133500&jid=2028357486&_u=YEBAAUAAAAAAACAAI~&z=1672298168
Requested by
Host: s.yam.com
URL: https://s.yam.com/r0mmv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=45je3b11v874613512&_p=1699133499803&gcd=11l1l1l1l1&cid=856605252.1699133500&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAI&_s=2&sid=1699133499&sct=1&seg=0&dl=https%3A%2F%2Fs.yam.com%2Fr0mmv&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&en=scroll&epn.percent_scrolled=90&_et=20&tfd=991
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=348372200&t=event&_s=2&dl=https%3A%2F%2Fs.yam.com%2Fr0mmv&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=time&ea=3DADPAGE&el=play&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=856605252.1699133500&tid=UA-16227618-1&_gid=1407538941.1699133500&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=1977981016
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1a::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 14:57:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23621
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=348372200&t=event&_s=3&dl=https%3A%2F%2Fs.yam.com%2Fr0mmv&ul=en-us&de=UTF-8&dt=yamShare-%E7%B8%AE%E7%B6%B2%E5%9D%80%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E5%81%9C%E7%95%99%E6%99%82%E9%96%93&ea=3DADPAGE&el=5%E7%A7%92%E5%85%A7&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=856605252.1699133500&tid=UA-16227618-1&_gid=1407538941.1699133500&gtm=457e3b11&gcd=11l1l1l1l1&jsscut=1&z=199631721
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1a::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://s.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 14:57:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23621
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
web
log.klook.com/v2/frontlogsrv/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://log.klook.com/v2/frontlogsrv/log/web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.170.111.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-deviceid,x-platform
Access-Control-Request-Method
POST
Origin
https://affiliate.klook.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-klook-host, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Currency, Authorization, Token, version, X-Platform, _pt, Accept-Language, Accept, Accept-Encoding, X-Klook-Request-Id, X-Klook-Kepler-Id, X-Klook-Tint, X-DeviceID
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 04 Nov 2023 21:31:40 GMT
via
1.1 google
x-cdn-vendor
gcp
web
log.klook.com/v2/frontlogsrv/log/ Frame FA25 		62 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.klook.com/v2/frontlogsrv/log/web
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-vendors.4e7d914d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.170.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
216.170.111.34.bc.googleusercontent.com
Software
/
Resource Hash
168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2

Request headers

X-DeviceId
df6feead-9e7e-4bfa-bb8e-84fcb9de75cd
Referer
https://affiliate.klook.com/
accept-language
zh-SG,zh;q=0.9
X-Platform
desktop
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sat, 04 Nov 2023 21:31:40 GMT
currency
HKD
via
1.1 google
x-klook-request-id
5b0d806
accept-language
zh_TW
x-klook-version
1
x-klook-service-id
01
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-cdn-vendor
gcp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-klook-lang
zh_TW
analytics.js
www.google-analytics.com/ Frame FA25 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNBGXWM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1a::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 21:06:08 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1532
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 04 Nov 2023 23:06:08 GMT
event
affiliate.klook.com/v3/affsrv/ads/ Frame FA25 		70 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://affiliate.klook.com/v3/affsrv/ads/event
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/js/chunk-common.743fca44.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.108.21 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.108.149.34.bc.googleusercontent.com
Software
ReplaceHeaderValue /
Resource Hash
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29

Request headers

X-Klook-Request-Id
b9444dfd-3850-4778-b26b-a99a6e7e0988
accept-language
zh-SG,zh;q=0.9
X-Klook-Kepler-Id
df6feead-9e7e-4bfa-bb8e-84fcb9de75cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
application/json; charset=UTF-8
X-iframe-Data
{"type":4,"data":""}
Accept
application/json, text/javascript
Referer
https://affiliate.klook.com/v1/affnode/render?prod=dynamic_widget&adid=535741&cid=59&tid=-1&amount=3&

Response headers

date
Sat, 04 Nov 2023 21:31:40 GMT
via
1.1 google
x-klook-request-id
b9444dfd-3850-4778-b26b-a99a6e7e0988
server
ReplaceHeaderValue
x-cdn-cache
uncacheable
x-kong-proxy-latency
0
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-kong-upstream-latency
1
x-cdn-vendor
gcp
access-control-allow-headers
Content-Type, Content-Length, Authorization, Accept, X-Requested-With, X-Klook-Request-Id, X-Iframe-Data
content-length
70
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zhtt5hq0saychg9cnzdz.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame FA25 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/zhtt5hq0saychg9cnzdz.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:1e00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0f40bc4a3335707725668e9ec7a2ec9ca721392e0e6ebee3222fcedae1a4e9a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Wed, 24 May 2023 10:33:39 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 db75d9999621c662b2eccf4f496b12aa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
14209081
x-cache
Hit from cloudfront
content-length
36228
last-modified
Mon, 29 Nov 2021 14:46:32 GMT
server
Cloudinary
etag
"80b8a3aeb9574a8635292aa846d9b439"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vLigQ1edBMMtLm1mFOvtC_fffiJDh8GC1si-xJnCwWHaD9IAm4ZDnQ==
score_horn.c3c4b90e.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame FA25 		273 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/score_horn.c3c4b90e.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 18:50:28 GMT
content-encoding
gzip
via
1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
2Z19Y24F5CKMF3Q7
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
4070472
x-cache
Hit from cloudfront
x-amz-id-2
pLuinIhK6IIuhGqf4NLuUkXf0yQINeWDVtmjGgPItWVQ5wyTt0XCZhOw8eg9Gv5v5sOiyTnml0g=
last-modified
Mon, 18 Sep 2023 07:12:46 GMT
server
nginx
etag
W/"285c40b4f2b0100e2ac64ad32549ac8f"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
qYDEOM0DA8jceUdohrfYTzWDK2XbKoevqZSdsJlUSEUBManxrP0Nzw==
expires
Tue, 17 Sep 2024 18:50:28 GMT
mdhrbsteztsjyzjs8zy4.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame FA25 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/mdhrbsteztsjyzjs8zy4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:1e00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
1b1d12f827f2c9b2d5f26dea3c869a60c3a8dd8fe52b243e6e959cf1330d46b0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 14 May 2023 13:43:58 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 db75d9999621c662b2eccf4f496b12aa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
15061662
x-cache
Hit from cloudfront
content-length
25503
last-modified
Wed, 19 Apr 2023 03:46:09 GMT
server
Cloudinary
etag
"f87ef95ea161ca827b9aa2a8021f09f1"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EUp_KzodQD96fBpDIl7c19m4Jc8mcDeTNtfcz3O71OiVET1zqyIyVw==
a5ssxgcgzsqftjdbzcmu.jpg
res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/ Frame FA25 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.klook.com/image/upload/fl_lossy.progressive,q_60,f_auto/c_fill,w_650,h_420/activities/a5ssxgcgzsqftjdbzcmu.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:1e00:e:aa0e:eb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6bdc47952795bf639271086fa36de38d55dfac0818adb78aa8df6f936ba55f16
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://affiliate.klook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 14:00:41 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 db75d9999621c662b2eccf4f496b12aa.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
17479859
x-cache
Hit from cloudfront
content-length
35753
last-modified
Wed, 29 Dec 2021 23:34:02 GMT
server
Cloudinary
etag
"5e9706be7f3cad4347159b504f01a7b0"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
gaAwllSRV6B9U3a9SR1KIlBOamBEx6XN7SPmDiD6YywiP-3Zm4Z_lw==
discount_tag.e0e3de40.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame FA25 		951 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag.e0e3de40.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 18:00:32 GMT
content-encoding
gzip
via
1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
7VNK26V0FS707CRE
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
5542268
x-cache
Hit from cloudfront
x-amz-id-2
OWv8PWEzIZAPygIW/vXiJ0g5P088LxYOtU41fRtS98SSt0a6EA8v8Xvr73xU4TbfEKMStlTlqZk=
last-modified
Fri, 01 Sep 2023 04:03:26 GMT
server
nginx
etag
W/"73fe4f4789c649448f50bd8cd7c33443"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
r6aIxL_tvqHKuZg3LDlSc_EKVTnd-TOQfS7nGZIypx6Zx_Kc5JR7xg==
expires
Sat, 31 Aug 2024 18:00:32 GMT
discount_tag_2.69d9dac9.svg
cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/ Frame FA25 		945 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/img/discount_tag_2.69d9dac9.svg
Requested by
Host: cdn.klook.com
URL: https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c7:cc00:1b:29b:ed80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://cdn.klook.com/s/dist_web/klook-affiliate-front/static/widget/css/dynamic_widget.43f3d679.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 19:52:39 GMT
content-encoding
gzip
via
1.1 34a84b82ff144b427f99aaae61510d20.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubdomains
x-amz-request-id
CPZRD8NA51MCGMG8
x-amz-cf-pop
SIN5-C1
x-amz-server-side-encryption
AES256
age
9769141
x-cache
Hit from cloudfront
x-amz-id-2
lSyTfiHzsBXZFa2mxFSwVE8M3/mSjtm7AD5rsV8c9fQecodVo39yS/EOueoy0/ACBCT3LGJlpcQ=
last-modified
Fri, 14 Jul 2023 11:41:17 GMT
server
nginx
etag
W/"0ecccb9ccb594c2f50986543a7b41596"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
gUnQBAg97T5diJ5vHyUzjaNz18wE_mg03Jb6B5pZERPRvZfhdeQYTQ==
expires
Sat, 13 Jul 2024 19:52:39 GMT
collect
www.google-analytics.com/j/ Frame FA25 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=903971498&t=event&ni=0&_s=1&dl=https%3A%2F%2Faffiliate.klook.com%2Fv1%2Faffnode%2Frender%3Fprod%3Ddynamic_widget%26adid%3D535741%26cid%3D59%26tid%3D-1%26amount%3D3%26&dr=https%3A%2F%2Fs.yam.com%2F&ul=en-us&de=UTF-8&dt=Klook.com%20Affiliate%20Activity&sd=24-bit&sr=1600x1200&vp=1584x470&je=0&ec=My%20Ads&ea=Affiliate%20Ad%20Impression&el=Dynamic%20Widget%20TTD&_u=YEBAAEABAAAAACAEKC~&jid=2084005271&gjid=1893054577&cid=1798502110.1699133500&tid=UA-86696233-5&_gid=199485888.1699133500&_r=1&_slc=1&gtm=45He3b11n81WNBGXWMv76068607&cd4=df6feead-9e7e-4bfa-bb8e-84fcb9de75cd&cd5=&cd6=535741&cd7=5116&gcd=11l1l1l1l1&cd1=1798502110.1699133500&z=1002065438
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c1a::64 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://affiliate.klook.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 21:31:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://affiliate.klook.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hanalytics.eu
URL
https://hanalytics.eu/js/script.js

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| KlookAffV5 function| $ function| jQuery string| lang number| t number| st number| mv boolean| isStop function| showTime function| mover function| mout function| getRandom function| gev function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| googletag function| onYouTubeIframeAPIReady

8 Cookies

Domain/Path Name / Value
affiliate.klook.com/ Name: kepler_id
Value: df6feead-9e7e-4bfa-bb8e-84fcb9de75cd
.yam.com/ Name: _gid
Value: GA1.2.1407538941.1699133500
.yam.com/ Name: _gat_gtag_UA_16227618_1
Value: 1
.yam.com/ Name: _ga
Value: GA1.1.856605252.1699133500
.yam.com/ Name: _ga_RE4LTMGVEF
Value: GS1.1.1699133499.1.0.1699133500.59.0.0
.klook.com/ Name: _ga
Value: GA1.2.1798502110.1699133500
.klook.com/ Name: _gid
Value: GA1.2.199485888.1699133500
.klook.com/ Name: _gat_UA-86696233-5
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://hanalytics.eu/js/script.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affiliate.klook.com
analytics.google.com
cdn.jsdelivr.net
cdn.klook.com
googleads.g.doubleclick.net
hanalytics.eu
img.yamedia.tw
log.klook.com
pagead2.googlesyndication.com
res.klook.com
s.yam.com
stats.g.doubleclick.net
travelimg.yam.com
www.google-analytics.com
www.google.com
www.google.com.vn
www.googletagmanager.com
yamedia.yam.com
hanalytics.eu
2001:4860:4802:32::181
2404:6800:4003:c00::9a
2404:6800:4003:c01::61
2404:6800:4003:c02::9b
2404:6800:4003:c0f::9b
2404:6800:4003:c11::5e
2404:6800:4003:c1a::64
2404:6800:4003:c1a::93
2600:9000:200a:1e00:e:aa0e:eb00:93a1
2600:9000:20c7:cc00:1b:29b:ed80:93a1
2606:4700:21::681b:ce5c
2606:4700:3035::6815:3d44
2a04:4e42::485
34.111.170.216
34.149.108.21
52.187.123.178
040c67370935351108e03bf1d4e93002ac9d2ce56a2a09b94dd6622f7d2a58cb
049409ae1f5609755051d9d8cd8ba8267730d625d22e362348f13e67fc2af812
067aaa8a81722ba6535ff3c5378bbfd967fc86a5286d0db82cf8ede529b30d6c
0a1b814cce390f2d80b2a2ee600f725595a7f5455a3d373255ab200ff78b8c4b
0f40bc4a3335707725668e9ec7a2ec9ca721392e0e6ebee3222fcedae1a4e9a4
14f074b6a6848d050f8d16e84d33b5c9d1aea78dd1c2cb514427fc2941b4af78
168fcfeaac95e2af3954dd8a63ebf8b9c61e79842597dcb1cd6f88b748071dc2
1b1d12f827f2c9b2d5f26dea3c869a60c3a8dd8fe52b243e6e959cf1330d46b0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2449a4c8476c8541fc2e09d7c08ad26fc9ca9d5e954fbcf698bbfc7f12980a2b
2473f6b5de25a42c847542470abe476663bd1bc2a323f26cfc62ad8113344901
43681bb301017bbd2d066cabbe5d2425b016cd37d43223b7865afaa8d2338734
5a594750703c4242e63082b7d4b2bed8ea53bb4bcfac10242e9bbd2176e1b976
610967d7670b7893ec497770f34ad70398136e158653008e55ea2f053f948e76
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
6bdc47952795bf639271086fa36de38d55dfac0818adb78aa8df6f936ba55f16
76668ea2909bcc5b06a68b4febd1244fee946d03c9f85fa107cb2a54c23f537d
7b25716ad759c36600804bb839ae3a3a964bff3073cbc1c54b55ce3c478ce509
7bb80a0072f9aedad72f1b11c9533179e302ed61c0c4b1ee01aa98c3c9df9f2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac5aa09edda1b5e32093f4dbc5642466021ed4bd3ee152c2afd5b8ef0298f9f
b46b27b83274ec04ae88b815c230bb55c686b393fed2eb5e5724a904364df941
b8265f85dc657617d56d9de1c9762203d13e30646a40ee2f6e06b5e50068824e
b9a515a3130450228eb2ea26b4303869b8fb51affa01315e4557a025da5172b0
dccd6a122ce536145b86aef2681be92ebab2fbb2fe44ffa52a8ddc0e86db4d29
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7f770cce2c2e7878a6044378b5a953c03be552ce26a5402704d5dece8e3069b
fa50f1f5cf363f6b97fea720152a5c337c8caa59929bedd31ee10c221c0718f1
fd73fe1fdcc25cf7bcb05ed5160f096d50160f227b5a85056010459755a4788e