www.pelago.co Open in urlscan Pro
18.173.187.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pelago.co/
Effective URL:
https://www.pelago.co/en/
Submission: On January 07 via api (January 7th 2024, 1:58:00 pm UTC) from US — Scanned from DE

Summary HTTP 163 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 29 domains to perform 163 HTTP transactions. The main IP is 18.173.187.81, located in United States and belongs to AMAZON-02, US. The main domain is www.pelago.co. The Cisco Umbrella rank of the primary domain is 887750.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 20th 2023. Valid for: a year.

This is the only time www.pelago.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.173.187.30 18.173.187.30	16509 (AMAZON-02) (AMAZON-02)
1 27	18.173.187.81 18.173.187.81	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	3.33.166.164 3.33.166.164	16509 (AMAZON-02) (AMAZON-02)
11	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:400c:c09::54	15169 (GOOGLE) (GOOGLE)
22	2606:4700::68... 2606:4700::6812:33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	23.45.239.144 23.45.239.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.239.83.6 18.239.83.6	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2.23.209.27 2.23.209.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223c:3200:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	107.178.244.119 107.178.244.119	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
19	2606:4700::68... 2606:4700::6812:769	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	23.53.233.62 23.53.233.62	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	52.221.69.34 52.221.69.34	16509 (AMAZON-02) (AMAZON-02)
1	2.19.244.177 2.19.244.177	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.198.52.31 34.198.52.31	14618 (AMAZON-AES) (AMAZON-AES)
2	35.227.225.220 35.227.225.220	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	44.233.104.20 44.233.104.20	16509 (AMAZON-02) (AMAZON-02)
163	41

1 18.173.187.30 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-30.muc50.r.cloudfront.net

www.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 18.173.187.81 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-81.muc50.r.cloudfront.net

www.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.33.166.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: ace343a40f543a26b.awsglobalaccelerator.com

traveller-core.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6812:33 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.yellowmessenger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.239.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-239-144.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-6.ams58.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

4645703.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.23.209.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-27.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3200:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6812:769 (United States)

ASN13335 (CLOUDFLARENET, US)

r0.cloud.yellow.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.233.62 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-233-62.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.221.69.34 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-69-34.ap-southeast-1.compute.amazonaws.com

ds.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.244.177 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-244-177.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.52.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-52-31.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.225.220 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.233.104.20 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-104-20.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	pelago.co 2 redirects www.pelago.co — Cisco Umbrella Rank: 887750 traveller-core.pelago.co ds.pelago.co	2 MB
22	yellowmessenger.com cdn.yellowmessenger.com — Cisco Umbrella Rank: 89726	454 KB
19	yellow.ai r0.cloud.yellow.ai — Cisco Umbrella Rank: 511090	3 KB
16	stripe.com js.stripe.com — Cisco Umbrella Rank: 2656 q.stripe.com — Cisco Umbrella Rank: 13887 r.stripe.com — Cisco Umbrella Rank: 6573 m.stripe.com — Cisco Umbrella Rank: 2365	476 KB
8	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 4645703.fls.doubleclick.net — Cisco Umbrella Rank: 218209 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 ad.doubleclick.net — Cisco Umbrella Rank: 199 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	5 KB
8	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 65 region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6 adservice.google.com — Cisco Umbrella Rank: 189 fcmatch.google.com — Cisco Umbrella Rank: 6478	83 KB
6	sojern.com static.sojern.com — Cisco Umbrella Rank: 17929 beacon.sojern.com — Cisco Umbrella Rank: 9870 pixel.sojern.com — Cisco Umbrella Rank: 11620	28 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 818	142 KB
5	gstatic.com fonts.gstatic.com	163 KB
4	teads.tv p.teads.tv — Cisco Umbrella Rank: 7757 cm.teads.tv — Cisco Umbrella Rank: 6650 t.teads.tv — Cisco Umbrella Rank: 3253	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 692	14 KB
3	customer.io assets.customer.io — Cisco Umbrella Rank: 34427 track.customer.io — Cisco Umbrella Rank: 23002	3 KB
3	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 19659 api.sprig.com — Cisco Umbrella Rank: 6842	105 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2891	16 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	217 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 1001	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4002	564 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 876	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	91 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 8509 browser.sentry-cdn.com — Cisco Umbrella Rank: 6245	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	183 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1624	655 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 594	150 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 356	574 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 6611	433 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2033	635 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 9143	16 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 7660	289 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 21582	21 KB
163	29

	Domain	Requested by
28	www.pelago.co	2 redirects www.pelago.co
22	cdn.yellowmessenger.com	www.pelago.co cdn.yellowmessenger.com
19	r0.cloud.yellow.ai	cdn.yellowmessenger.com
14	traveller-core.pelago.co	www.pelago.co
9	js.stripe.com	www.pelago.co js.stripe.com
5	analytics.tiktok.com	www.pelago.co analytics.tiktok.com
5	fonts.gstatic.com	www.pelago.co
4	q.stripe.com	www.pelago.co
3	ds.pelago.co	browser.sentry-cdn.com
3	bat.bing.com	www.pelago.co bat.bing.com
3	static.sojern.com	www.pelago.co static.sojern.com
3	accounts.google.com	www.pelago.co accounts.google.com browser.sentry-cdn.com
2	r.stripe.com	js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	track.customer.io
2	api.sprig.com	browser.sentry-cdn.com
2	www.facebook.com	www.pelago.co
2	c1.adform.net	2 redirects
2	pixel.sojern.com	static.sojern.com
2	cm.g.doubleclick.net	2 redirects
2	ad.doubleclick.net	2 redirects
2	t.teads.tv	browser.sentry-cdn.com www.pelago.co
2	adservice.google.com	4645703.fls.doubleclick.net static.sojern.com
2	www.google.de	www.pelago.co
2	s.yimg.com	www.pelago.co browser.sentry-cdn.com
2	connect.facebook.net	www.pelago.co connect.facebook.net
2	4645703.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.pelago.co www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	stags.bluekai.com	tags.bkrtx.com
1	match.adsrvr.org	static.sojern.com
1	ib.adnxs.com	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	sp.analytics.yahoo.com	www.pelago.co
1	beacon.sojern.com	static.sojern.com
1	cm.teads.tv	browser.sentry-cdn.com
1	www.google.com	www.pelago.co
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	assets.customer.io	www.pelago.co
1	p.teads.tv	www.googletagmanager.com
1	cdn.sprig.com	www.googletagmanager.com
1	tags.bkrtx.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	hexagon-analytics.com	www.pelago.co
1	cdn.sift.com	www.pelago.co
1	js.sentry-cdn.com	www.pelago.co
163	49

This site contains links to these domains. Also see Links.

Domain
pages.pelago.co
www.tiktok.com
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
pelago.co Amazon RSA 2048 M01	`2023-06-20` - `2024-07-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-02-10`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
yellowmessenger.com Cloudflare Inc ECC CA-3	`2023-08-20` - `2024-08-19`	a year	crt.sh
*.hexagon-analytics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-11-03`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
api.sprig.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.customer.io Amazon RSA 2048 M03	`2023-10-19` - `2024-11-15`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
yellow.ai Cloudflare Inc ECC CA-3	`2023-08-20` - `2024-08-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
istio-gateway.sprig.com Amazon RSA 2048 M01	`2023-05-23` - `2024-06-20`	a year	crt.sh
api.customer.io GTS CA 1D4	`2023-12-21` - `2024-03-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.pelago.co/en/
Frame ID: 611AE8FEA15577C3C5C8A8EC24DD5A0B
Requests: 91 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html
Frame ID: 6AD4A89038444A80EDC7B38726C553EE
Requests: 8 HTTP requests in this frame

Frame: https://4645703.fls.doubleclick.net/activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F
Frame ID: 70EDFDD447BA78D4A80EA48A4287DC3F
Requests: 2 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: 81BBE513DE914788E62C7B374AD19786
Requests: 10 HTTP requests in this frame

Frame: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Frame ID: 68ACC02571695F0812B84958F5E1A202
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2FF075470998219C1A9A7048379FF5B9
Requests: 4 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/90870?ret=html&phint=__bk_t%3DBook%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.pelago.co%2Fen%2F&phint=__bk_v%3D3.1.10&limit=4&r=87066530
Frame ID: FEC05030505C2945FB418C06459D5BD1
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B20CDEF2F2F04ED3803D765B12AF9EA1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Book activities, attraction tickets, and things to do - Pelago

Page URL History Show full URLs

http://www.pelago.co/ HTTP 301
https://www.pelago.co/ HTTP 302
https://www.pelago.co/en/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

163
Requests

96 %
HTTPS

42 %
IPv6

29
Domains

49
Subdomains

41
IPs

8
Countries

3481 kB
Transfer

9284 kB
Size

32
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://pages.pelago.co/en/promotions
Title: *T&Cs apply

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@discoverpelago

Search URL Search Domain Scan URL

URL: https://www.facebook.com/discoverpelago/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/discoverpelago/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/discoverpelago/about/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pelago.co/ HTTP 301
https://www.pelago.co/ HTTP 302
https://www.pelago.co/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://4645703.fls.doubleclick.net/activityi;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F HTTP 302
https://4645703.fls.doubleclick.net/activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F

Request Chain 91

https://ad.doubleclick.net/ddm/activity/src=12893172;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=T2GGpoAChN5t7RIgeD0-6w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD&sjrn_ula=7869894243 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD&sjrn_ula=7869894243&google_gid=CAESEBofGlzvx19uLd6gsfByEXg&google_cver=1

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_hm=T2GGpoAChN5t7RIgeD0-6w&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopMDPsRC7lydsyoZxW61izyk-5nBNEAYa9imXzXd7xjZdCZOMkKrDDbJ0N5cjlUsG3s8gpBywqv2YpxMP6s_O_6Ujf0Dduz-qW1CbtxFYH4vFp6wZw HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopMDPsRC7lydsyoZxW61izyk-5nBNEAYa9imXzXd7xjZdCZOMkKrDDbJ0N5cjlUsG3s8gpBywqv2YpxMP6s_O_6Ujf0Dduz-qW1CbtxFYH4vFp6wZw

Request Chain 96

https://c1.adform.net/serving/cookie/match?cid=4f6186a6-8002-84de-6ded-1220783d3eeb&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=4f6186a6-8002-84de-6ded-1220783d3eeb&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=7538630390920714082&cid=4f6186a6-8002-84de-6ded-1220783d3eeb

163 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pelago.co/en/
Redirect Chain

http://www.pelago.co/
https://www.pelago.co/
https://www.pelago.co/en/

487 KB
95 KB

1198ms
1197ms

Document
text/html

18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

CloudFront / Next.js

Resource Hash

35e961433fb0b7dd04127fb1baaab6f1083c0361209d63683d8eb0cc285589b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-4d4e3c825b59ac8354088a8b08893b16' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-4d4e3c825b59ac8354088a8b08893b16' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:52 GMT
etag: "79d97-ivfkhgH+BnjohMh/jKQip+6knEs"
referrer-policy: no-referrer-when-downgrade
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-amz-cf-id: G9Z9OO7qfDHsT6yfMYakcaMKuPv5WGBtOPgQjlmBWyzMrNZUr4pzDA==
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Sun, 07 Jan 2024 13:57:51 GMT
location: /en/
server: CloudFront
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-amz-cf-id: GyxIQQ-PDpWnkQ-KyIn-qqtUKNInv8nlqiqNA0ufJ_4GDv7sHAJOEg==
x-amz-cf-pop: MUC50-P4
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 200 97df19833d9fa701.css
www.pelago.co/_next/static/css/ 215 KB
26 KB 54ms
53ms Stylesheet
text/css 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/97df19833d9fa701.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

15715bad2234fa406887a83f10703b4b4bb49633bc6d1008f61023fac16a5acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:18:02 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23991
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:17 GMT
server: AmazonS3
etag: W/"f341ddce406e2effa12929c4f5962f02"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: KLKzA8hcBra5T6ROHYRwP2C-mA87taCBXyPPlP_2f_bTEaXd2fb1-w==

GET
H2 200 3af6a74f0e4aa32c.css
www.pelago.co/_next/static/css/ 157 KB
19 KB 46ms
46ms Stylesheet
text/css 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/3af6a74f0e4aa32c.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

349b1ab98a7343fdd33b354fe7758e8dda0827775ec48cdf27d429d319d1ff11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 08:26:04 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 19909
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:16 GMT
server: AmazonS3
etag: W/"0395ca6183c98cd79ae274c7b9b883be"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: 2BGEh5ZDsWZz7ZHbvk6rdFDYB2IUcxBH6rK01qJG2wzQ3Eo0G1fw_w==

GET
H2 200 webpack-515bac32b546e61b.js Show response
www.pelago.co/_next/static/chunks/ 74 KB
40 KB 61ms
60ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/webpack-515bac32b546e61b.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0320b344a98e34a0274ec808e181412c3108648520cf165a090926dce86cca2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 08:01:04 GMT
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 21409
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:16 GMT
server: AmazonS3
etag: W/"e9864f32ec958aa1cd035c05fe11deb8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: lFCQ2ZXwAWxeQVrbK_8zvM3a_C7_DipRYEUcX0F-2lkgw1vZO1a4Hw==

GET
H2 200 framework-cb56bbd89447d6f3.js Show response
www.pelago.co/_next/static/chunks/ 127 KB
40 KB 217ms
216ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/framework-cb56bbd89447d6f3.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d31c54eba5932384818bcab1ceeb0194618676fa9ce87e12da511cb6ccf0e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:29:26 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23307
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:13 GMT
server: AmazonS3
etag: W/"ac2acd5f4a8273ab4841c66e4c871488"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: y0ocvv3QCq5LbCf9_bvaqIeWG-Eug-hSpov8XwvP0I4pXUnU2bpeOQ==

GET
H2 200 main-8cc14c8525cea359.js Show response
www.pelago.co/_next/static/chunks/ 118 KB
31 KB 217ms
216ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/main-8cc14c8525cea359.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

529efab20f3260d4417d5f0d8928da34befbd0bf416fa72b23fc511a486e801e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 08:01:04 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 21409
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:13 GMT
server: AmazonS3
etag: W/"276199584f3bf4fbdc27e753ffe89416"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: 1NZw44jT9GJFpnnGVKz_7S9U1zIZEl6vdgFxMBcvKAdS6sOMK7u7uw==

GET
H2 200 _app-0ab29e0206d8f0f6.js Show response
www.pelago.co/_next/static/chunks/pages/ 797 KB
204 KB 202ms
201ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6de8303f281575fad2563229c48a4ed87fb44b9b9203554750eb7d87e576a0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:49:03 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 14930
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:13 GMT
server: AmazonS3
etag: W/"2c06f69dd34881655fef174100343170"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: Nrzb-VMs8MMGlZy9xc_9sX7YeQ8IGn4i3S2WIhhiOfBAOiPcwk18cQ==

GET
H2 200 13582-b2320cc781847b70.js Show response
www.pelago.co/_next/static/chunks/ 90 KB
24 KB 216ms
215ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/13582-b2320cc781847b70.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c168d916de50e0398ff86fad8ac112726434427b9bfcbc0f15eca6bf56647c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 08:02:50 GMT
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 21303
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:02:16 GMT
server: AmazonS3
etag: W/"906c1abed06bda6e6684756a44abf1b8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: EUYowXoQgWfytWhIUU-XLjUjA59wbD_YotoHUSVz-re9m4GxQMSUIg==

GET
H2 200 54392-9a391f6de2005abb.js Show response
www.pelago.co/_next/static/chunks/ 48 KB
14 KB 216ms
215ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/54392-9a391f6de2005abb.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3c07f231c779a17313f5aa65ffa1bdf3a0b6e3f68ab282ef320b45f1abdd8264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:15:29 GMT
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 27744
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:03:11 GMT
server: AmazonS3
etag: W/"4fe6ef979c39c9a83cfe2f50d3f8200a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: -_hTsSHuGlOZ0ys3YQEYSTa81Xri4-2ZxWxNxBMZ5wPNa7mU0NCotw==

GET
H2 200 85129-a52ec27cb8b12d2c.js Show response
www.pelago.co/_next/static/chunks/ 43 KB
15 KB 216ms
215ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/85129-a52ec27cb8b12d2c.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0dbb6f708ac85ec661443d9a72890fb582b2296bea8de84c4d1bd07f9f69ca70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:03:19 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 35674
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:03:51 GMT
server: AmazonS3
etag: W/"4d0a1f59c54586e66dcba8f7fae6ce62"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: zDruUKWvxP_wmxOGhofXqKdUdAtMCcA9mF8cN0q1KY7KaH3qL8n2Cw==

GET
H2 200 index-46196109cdf6e600.js Show response
www.pelago.co/_next/static/chunks/pages/ 98 KB
24 KB 217ms
216ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/pages/index-46196109cdf6e600.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9e9941847246f18fab3786cd9036f80c9484213c3ec1939509e77e0e16fcb09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 08:26:04 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 19909
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:15 GMT
server: AmazonS3
etag: W/"69964ee070754abd5bc9761f5930bc3f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: z1haPqrioUQk7eNKjk8jPxZggnJ3ubwRCm6yp9BhxGFIJSGz1CyAbA==

GET
H2 200 _buildManifest.js Show response
www.pelago.co/_next/static/aYctewt5pZGS2OY52m4HN/ 15 KB
3 KB 218ms
217ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/aYctewt5pZGS2OY52m4HN/_buildManifest.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

efd91cc6f9847569d0c14ae9c9d9f0a7ddaa6dcfb4ddc640dd1496c54710402e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:29:26 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23307
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:02:10 GMT
server: AmazonS3
etag: W/"a84ff31c5973372dcf227461d15a738a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: Iys1E01q4TkK-aZ54HVKvhNOeJKRxe43Q0NHWAjLzEp05lgWrwnevA==

GET
H2 200 _ssgManifest.js Show response
www.pelago.co/_next/static/aYctewt5pZGS2OY52m4HN/ 142 B
693 B 218ms
217ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/aYctewt5pZGS2OY52m4HN/_ssgManifest.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5de4b509121ea99acb680043614016f91fd514c4a8e9f930ec59b7b03f2dd1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:04:19 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 24814
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:02:10 GMT
server: AmazonS3
etag: "90e57f91d5c3ac6ed75c9bd07718202c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: zdTKl9CRgEdvPGd7OZWty4GXGMvmsHEC_1dJTeEpAkVCQiTKzxoDxA==

GET
H2 200 _middlewareManifest.js Show response
www.pelago.co/_next/static/aYctewt5pZGS2OY52m4HN/ 152 B
702 B 218ms
217ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/aYctewt5pZGS2OY52m4HN/_middlewareManifest.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0486f4b18b3dd326cc8c716a0568ad41de8dc36e168a711871034149a3676c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 03:32:43 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 37510
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 152
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:02:10 GMT
server: AmazonS3
etag: "1fe1b6eaf7e1409dc7eebe772bb5859e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: og-7ERQFdEFofUjKsxFtPIQPJPm1A_7-S0VSEAgk1G02eLoQyoMG3w==

GET
H2 200 first-fold-valley-xlarge.webp
www.pelago.co/img/home/ 880 KB
882 KB 93ms
93ms Image
binary/octet-stream 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/home/first-fold-valley-xlarge.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

37f9f9d006015d73f4ceac460a588fa35e2a6000479a3d2d31639e2b8e5a6381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:52 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 64454
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 901156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 17 Nov 2023 04:04:29 GMT
server: AmazonS3
etag: "6e9ec89450259e7399b14933e49d9c67"
vary: Accept-Encoding
x-frame-options: DENY
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: VBnrgYB5tnczvx_24YhfY4eZDQ70EP8DC220Ii1DeMYnPQUSMJkQDw==

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:27:16 GMT
x-content-type-options: nosniff
age: 221436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31040
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:15:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 00:27:16 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 197ms
120ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:58:35 GMT
x-content-type-options: nosniff
age: 449957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33148
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:58:35 GMT

GET
H2 200 pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilntw.woff
fonts.gstatic.com/s/nunitosans/v15/ 45 KB
45 KB 156ms
84ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilntw.woff

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9ba6d984d2808a3f17ff083ae0ad2b1c9bbe22974e1a23e33432b3a3fa1d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:36:18 GMT
x-content-type-options: nosniff
age: 519694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45884
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:25:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 13:36:18 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t6R-tQKr51pE8.woff2
fonts.gstatic.com/s/nunitosans/v15/ 10 KB
10 KB 186ms
115ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t6R-tQKr51pE8.woff2

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166048b1b494b546d686a6442bac330a2ffeaa0afaf5a58d7ed0116d602296d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:58:05 GMT
x-content-type-options: nosniff
age: 449987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10280
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:24:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:58:05 GMT

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 618ms
210ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 613ms
208ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 608ms
204ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 608ms
204ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 612ms
209ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 608ms
206ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 611ms
209ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 581 KB
162 KB 143ms
40ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f19bf900b1b6be9f741d3aafc50a04972a39fb02d657ec183b6f153967fb489e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:57:53 GMT
via: 1.1 varnish
age: 8
x-cache: HIT
content-length: 165140
x-request-id: ea8265c6-3e34-47e0-9768-5df9662db9c9
x-served-by: cache-fra-etou8220029-FRA
last-modified: Fri, 05 Jan 2024 21:52:43 GMT
server: Fastly
etag: "907d3e6f859e2ef915728c779ae0de56"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
H2 200 0b7590afe82207cc.css
www.pelago.co/_next/static/css/ 4 KB
1 KB 40ms
39ms Stylesheet
text/css 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/0b7590afe82207cc.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-515bac32b546e61b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9de0622588292a819a585fe4214453b3c285ce70f145874f065bd8f560d082e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:07:32 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 17422
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:16 GMT
server: AmazonS3
etag: W/"4acc2c2b0f4704740fa8e6342363d0e9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: it2Yid6B54MlWj4BiVvQKLOfFclzQ9dEet5TRE35rDrgI721EZXPHA==

GET
H2 200 3205.e4435be0b9c0d494.js Show response
www.pelago.co/_next/static/chunks/ 4 KB
2 KB 39ms
39ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/3205.e4435be0b9c0d494.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-515bac32b546e61b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c22d548d81553d44b569a214db91f0e467bdf6d5edf1deb92bfb338412b902c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:29:27 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23307
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:02:39 GMT
server: AmazonS3
etag: W/"4a468837d7b1364cfa747e9eae0e6173"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: gJa8PPz4Rkobd-kiQigLRkGqzIf1guNp3AwTHIhN9SOeCnAi6G39Ag==

GET
H2 200 8121-a832e02aed02b683.js Show response
www.pelago.co/_next/static/chunks/ 77 KB
22 KB 41ms
41ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/8121-a832e02aed02b683.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-515bac32b546e61b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f37799158a46d75a833b054b1819809dcb92b1140fbb17c1414ddd91cfc4d52d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 08:01:06 GMT
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 21408
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:03:45 GMT
server: AmazonS3
etag: W/"e757af0c146a8595eb52cb61c1933969"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: RMdyqYMddN8qBfnKtXZDoefVEck6XI5b4cvCaZQnvwybnnFsRBQzWQ==

GET
H2 200 ac778a26e63c2eec.css
www.pelago.co/_next/static/css/ 49 KB
6 KB 40ms
39ms Stylesheet
text/css 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/ac778a26e63c2eec.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-515bac32b546e61b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f5259b73e08ddae2172be725c422c5f128d05e0d0e7901a3e705cf378f2ee03a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:36:41 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 48073
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:04:17 GMT
server: AmazonS3
etag: W/"99a22df4bba2b222ef49ac644198e4ad"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: tDYH6AZjZ0MMwBxWh2hvNehDpsiMx92ldXDcFz2N211r_U6CBcukCw==

GET
H2 200 2979.a8683693470a011d.js Show response
www.pelago.co/_next/static/chunks/ 3 KB
2 KB 41ms
41ms Script
text/javascript 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/2979.a8683693470a011d.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-515bac32b546e61b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b59d9fa595ca82d47dc30ce80d462c2c8b00fe3a37f9dd7256bd5c571dd88c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 07:34:00 GMT
content-encoding: br
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23034
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 10:02:36 GMT
server: AmazonS3
etag: W/"f9c20405ec4ea82a63d582d476a36c19"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: 9RLUDKdzpbxFC06knHkZ92sgAI9tGFpwIBG4fUljgyGeoEPNP3_Pzw==

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 377 B
1 KB 363ms
362ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

ba4327f7c7bbe1c88230e7a1d26103cf39f3abefcb0fed2ef4f5ae1d47980444

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
x-permitted-cross-domain-policies: none
x-region: 00
content-length: 377
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 323 KB
98 KB 157ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05d3ee9444e8d1d6837c9aea8302264612d118b452de34f4e68989ca3b04b82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99849
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Jan 2024 13:57:53 GMT

GET
H2 200 266d7e06652349d3a77d6f3921924a65.min.js Show response
js.sentry-cdn.com/ 2 KB
2 KB 192ms
58ms Script
text/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/266d7e06652349d3a77d6f3921924a65.min.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/main-8cc14c8525cea359.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0b547193d6534da2846aa4911ae085d40edbad97fcf60105b30bd85a95b43f6

Security Headers

Name	Value
Content-Security-Policy	media-src ; font-src data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' .sentry.io; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline' ; default-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; img-src blob: data: *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=c65ccbf88ce0129004b5547552508bbb79cb0fba
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.co/en/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: media-src *; font-src * data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline' *; default-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; base-uri 'none'; img-src blob: data: *; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=c65ccbf88ce0129004b5547552508bbb79cb0fba
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 779
x-envoy-upstream-service-time: 21
content-length: 1216
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-6d5bfcb7cf-6d69c, cache-chi-kigq8000058-CHI, cache-sof1510031-SOF
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 s.js Show response
cdn.sift.com/ 62 KB
21 KB 174ms
40ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sift.com/s.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/main-8cc14c8525cea359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 19:32:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 152699
x-guploader-uploadid: ABPtcPoaJLfIyBZ-jsZ8UGmJ0vF9Td5MARWBUYHHMcG5Di0euVgskv-ho9AxKWkvZrDfuiCWdVc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
last-modified: Tue, 28 Feb 2023 22:39:30 GMT
server: UploadServer
etag: "476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation: 1677623970358201
x-goog-hash: crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20500
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Jan 2025 19:32:54 GMT

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 13 KB
2 KB 400ms
399ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

81d2a3103094bdc2b76a2530b77a61cd13b30bd2eb6b6faf0555a3396c4d00f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 5 KB
2 KB 241ms
239ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

0c42c5e20780b95357f72b724ecc2a15b31e55f74be10f1d3a82d3a399373308

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 7 KB
2 KB 217ms
215ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

b78c0ae95c242d1fc0bb302f0975254e0337a87a232a742476f16211bdc7e786

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 2 KB
3 KB 207ms
205ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

553b0da1ce02d5f77eb06fa77c35c818af82ea66b92002ef5ea5a0d350ae3d54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
x-permitted-cross-domain-policies: none
x-region: 00
content-length: 1722
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 3 KB
4 KB 496ms
496ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

65d58db9a5fe0a9ff8447e4c90e084e95e3a8944e6a7851945e87d4ab91e9512

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
x-permitted-cross-domain-policies: none
x-region: 00
content-length: 3501
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 93 B
956 B 293ms
292ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

698fdc1f2eb6e91904a2f19f8d03e848f1f87d4e66e2f7f0af710bdc3f6cadde

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: a43db031-dbca-4596-a39b-402768e52ef0
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
x-ds-user-id: 5975f701-6c4b-4aad-bddf-63be5a6b6938
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en/
x-geo-latitude: 51.2993
x-geo-longitude: 9.491

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
x-permitted-cross-domain-policies: none
x-region: 00
content-length: 93
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

GET
H2 200 client Show response
accounts.google.com/gsi/ 207 KB
80 KB 168ms
72ms Script
application/javascript 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-0ab29e0206d8f0f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1759dae8b5a6386ccf52c000efefe03e3b568dbeec6524f8d4801cbd4762bce

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dvzZBUX4HMZ2Fa4FnDdVMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:53 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dvzZBUX4HMZ2Fa4FnDdVMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 07 Jan 2024 13:57:53 GMT

GET
H2 200 main.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 253 KB
85 KB 146ms
54ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa09d38a8527c9ac83a09a220660d013fd241447a7da3da88039ff7c052f3f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: EndZCPPVwX6RI6QBl4LwnQ==
age: 7295
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8c06f9a7-e01e-0069-0e71-3d5bec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb660e9da9b22-FRA
expires: Sun, 07 Jan 2024 14:27:53 GMT

GET
H2 200 controller-38b7b969f27b07271934afd8e76645c0.html Show response
js.stripe.com/v3/ Frame 6AD4 325 B
726 B 46ms
45ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c105f56d03aa92f6bdf45256f3793e73ad67e3c092a1ac25e06839bb7aed635e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.co/en/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 20
cache-control: max-age=60
content-encoding: br
content-length: 188
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:53 GMT
etag: "38b7b969f27b07271934afd8e76645c0"
last-modified: Fri, 05 Jan 2024 21:06:25 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4
x-content-type-options: nosniff
x-request-id: c62b5bc8-bdb2-457c-b3c0-64665a092748
x-served-by: cache-fra-etou8220029-FRA

GET
H2 200 ym_base.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 21 KB
5 KB 55ms
50ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_base.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d475e3d13cc357f561e996d65830eb0cc7679d5cd2ef5a3ffa8670deeb93476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: qwriE7RoN+GyG5yO5QV2rw==
age: 7388
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 79012d0a-a01e-000f-6e71-3d3fde000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb661aa629b22-FRA
expires: Sun, 07 Jan 2024 14:27:53 GMT

GET
H2 200 animate.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 85 KB
7 KB 67ms
61ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/animate.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2bTvtNNuzKvw7yv3+oAYZQ==
age: 7214
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 57fb9a4e-f01e-0020-5f71-3d7e6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb661ba649b22-FRA
expires: Sun, 07 Jan 2024 14:27:53 GMT

GET
BLOB 200
OK 531e007a-781c-43f5-89c8-b5dd7f2283dd
https://www.pelago.co/ 66 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.pelago.co/531e007a-781c-43f5-89c8-b5dd7f2283dd
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb6fb55093df3f8539c0240c7928f0a89a09d8b146921466e6ab9f7853e425b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 66
Content-Type: application/javascript

GET
H2 200 shared-d5d594b04c843f4daaaf6510d4df5772.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6AD4 532 KB
130 KB 41ms
40ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d5d594b04c843f4daaaf6510d4df5772.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a0aab6a0506bd9004facc195fd3697938e392bf6f633bbbe6cc503f46a233d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:57:53 GMT
via: 1.1 varnish
age: 147041
x-cache: HIT
content-length: 132658
x-request-id: 2b2cd693-0049-4c42-b654-4ed308149f13
x-served-by: cache-fra-etou8220029-FRA
last-modified: Fri, 05 Jan 2024 21:06:39 GMT
server: Fastly
etag: "884d2e0c68e8e2ea3768e82cdfaf54a3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16388

GET
H2 200 controller-5bcd098058bc88e780b07fdc7a7c5c39.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6AD4 689 KB
177 KB 40ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-5bcd098058bc88e780b07fdc7a7c5c39.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c27cdeb77e481ed5473766596c1a98fd7174c671071e185253f7307053888924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:57:53 GMT
via: 1.1 varnish
age: 147042
x-cache: HIT
content-length: 181073
x-request-id: 296849fa-5c6f-47ff-9939-292373ffb994
x-served-by: cache-fra-etou8220029-FRA
last-modified: Fri, 05 Jan 2024 21:06:36 GMT
server: Fastly
etag: "e30e6de0345294c89c72f1a106cbf672"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21

GET
H2 200 457675.gif
hexagon-analytics.com/images/ 43 B
289 B 245ms
137ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/457675.gif?bk=624cef0805&tm=59&r=875456196&v=106&cs=UTF-8&h=www.pelago.co&l=en-US&S=5ac4fba1c128b54d9c2e43e384addb35&uu=8c11a7498fdc93e396c47582afa2567&t=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&u=https%3A%2F%2Fwww.pelago.co%2Fen%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=12cbadb82d688a3efa72109e23f43cfa&z=z

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:53 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.30.0/ 64 KB
20 KB 62ms
61ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.30.0/bundle.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/266d7e06652349d3a77d6f3921924a65.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pelago.co/en/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 13 Jan 2021 11:56:10 GMT
server: Fastly
age: 2008872
etag: "04b019bffe49eb67f99f006a2571cc0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20120
expires: Wed, 17 Jul 2024 06:44:56 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 6AD4 0
719 B 677ms
207ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704635874208432
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704635874207764
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a36f920f59f2aee0a9360430c9b42dea33c76fbf69d18fc55be57baf7315beef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86793
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jan 2024 13:57:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/331425177/ 3 KB
2 KB 188ms
84ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/331425177/?random=1704635873648&cv=11&fst=1704635873648&bg=ffffff&guid=ON&async=1&gtm=45He4130v833390310&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.co%2Fen%2F&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&auid=2024287533.1704635874&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f76b77de559582a4980a7c0295caf90e39af4e500cd908c9869035f62cafad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1275
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 159ms
55ms Script
application/javascript 23.45.239.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.239.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-239-144.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 07 Jan 2024 13:57:53 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Sun, 14 Jan 2024 13:57:53 GMT

GET
H2 200 shim.js Show response
cdn.sprig.com/ 326 KB
105 KB 148ms
44ms Script
application/javascript 18.239.83.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=uZwGPwBJqTWL
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-6.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f49039179f79e3b7285d92511a64557ae705ea16703fb7e3dc45f0dde798bd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vakNycJyRpTc4Rdl0tkrNo0383qR5zWQ
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 04:55:49 GMT
last-modified: Wed, 03 Jan 2024 21:13:56 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 57684
x-amz-server-side-encryption: AES256
etag: W/"c4cfd43593e87b1142f04fb06b736427"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: TIw2FoLhnXPBLcWW-rAWKZr-cTsB8ovXsRD2W9bFKiprMXMZK7wgqA==

GET
H2

200

activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;... Show response
4645703.fls.doubleclick.net/ Frame 70ED
Redirect Chain

https://4645703.fls.doubleclick.net/activityi;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab...
https://4645703.fls.doubleclick.net/activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1...

498 B
636 B

159ms
153ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4645703.fls.doubleclick.net/activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

cafe /

Resource Hash

facb3fb891888f53f19f69b6a4dc8bd15193ab267dd0a6b335f48a60fcf38937

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/en/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 13:57:53 GMT
expires: Sun, 07 Jan 2024 13:57:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 07 Jan 2024 13:57:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4645703.fls.doubleclick.net/activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 18 KB
6 KB 185ms
41ms Script
application/javascript 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6439428bd3a764c2d7d27cfe6a409fd87644155926b53fa5820afc9503da75d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 13:57:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Dec 2023 10:13:43 GMT
Server: AmazonS3
x-amz-request-id: Z3EMRW3FA94FWSHQ
ETag: "3c3cf4761ecaa8b3843e6c066953df3f"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=333
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5928
x-amz-id-2: CNOyr/sgPmAnLqMWcGKw2zEGqZJCITuPnUAvXhikYIjctk36Mwgqdu8iLTdraId4tX3ao9YKGwrte+DyKzuayg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 131ms
40ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 07 Jan 2024 13:57:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54372
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6j+sHpqSdLc/Qcp747NMP9wBM46mrNg9n6U4xCGpKl/CXl4HQ5rZXMC5gbN99RpDK2uqYtW0YprMCwSuNgrhOg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 283ms
162ms Script
application/javascript 2.23.209.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAP8FP3C77U56BB6BKP0&lib=ttq
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7f1b3e3c83302d46a26016bff87d693ea0d18c8e0368fd2223240251ad4f213d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: 70f9917a.ac077915
date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240107135753F6CF6C3867DD0849C1C1-51ECB01A36CD8396-00
x-cache: TCP_MISS from a23-62-213-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 106,23.62.213.91
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=11, inner; dur=3
content-length: 1427
pragma: no-cache
server: nginx
x-tt-logid: 20240107135753F6CF6C3867DD0849C1C1
x-cache-remote: TCP_MISS from a23-220-106-85.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.220.106.85
x-tt-trace-host: 017d0578f327b57d1558311a3c4228a5161e9cb23f4f7c3942e7d596130a811a89916c2678741bd33bbb7db82de4e1efaa48c0bd675643143ca3d33486ba9aaf322c0c9f34ad2a65a3aadce07b84a9eab41b0ebd1456d18f51ec66e991b159ff05e0c66f325d788f5131a5f41206a1426e
expires: Sun, 07 Jan 2024 13:57:53 GMT

GET
H2 200 track.js Show response
assets.customer.io/assets/ 7 KB
3 KB 162ms
41ms Script
application/javascript 2600:9000:223c:3200:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3200:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: YnPUbk.59KSLpiqsKMfvCCZt1qaij9rt
content-encoding: br
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 08:43:33 GMT
last-modified: Fri, 11 Aug 2023 18:01:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 18862
x-amz-server-side-encryption: AES256
etag: W/"92f4f643083ddfd3fc572a181243cb46"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9mqrQVgy5pLqC5UCx6cYmNRil1WWL4Nl8xUH4hzpobQTVKJgVGRnPw==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 139ms
40ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 07 Jan 2024 13:15:42 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: BM8WST8B4SBN35E0
age: 2532
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: +fACWDk99Z2Rp1EJBNXdMW6UXgehukN/XccAist/RycAJ5IHUuvLTaK8+Rz/hKdecnKoMyCn7XM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 68902.html Show response
static.sojern.com/cip/a/ Frame 81BB 3 KB
4 KB 145ms
41ms Document
text/html 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dc6658a0cd798fc6a50a1fee974fb6821cec8877c4763c47371afee9dc81df53

Request headers

Referer: https://www.pelago.co/en/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1155
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 3370
content-type: text/html
date: Sun, 07 Jan 2024 13:38:38 GMT
etag: "9f5ca46ddd98784a01a3cf573326e694"
expires: Sun, 07 Jan 2024 14:38:38 GMT
last-modified: Fri, 08 Sep 2023 05:33:33 GMT
server: UploadServer
x-goog-generation: 1694151213443616
x-goog-hash: crc32c=hcUusg== md5=n1ykbd2YeEoBo89XMybmlA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3370
x-guploader-uploadid: ABPtcPpdx7Y_QXNsAa0lWS_14l_Xu9s3biPA44Vh3qqK7YW7xLZkX3NhC1pnJF8veI0SwUi4zSiM8U15tA

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 174ms
67ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 07 Jan 2024 13:57:53 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B8F8836B4D24236BDB93F010D2427C1 Ref B: FRA31EDGE0214 Ref C: 2024-01-07T13:57:53Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H3 200 widget.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 648 KB
199 KB 61ms
61ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1d2fc29d8019e387b2ff6eaa96c46575bb00a4985c57b93ad47b5503bc64500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: yzS71DViD7v1SpoLQ8y0mw==
age: 7457
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3f14a8b7-901e-0011-1f71-3d4118000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb662aa2e3a85-FRA
expires: Sun, 07 Jan 2024 14:27:53 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 6AD4 474 B
373 B 121ms
41ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d5d594b04c843f4daaaf6510d4df5772.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1c34a241f9bfaf67a71ed575bd62b0d86e2a34d2d7cac0321ec4e2ee88830c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 39
x-cache: HIT
content-length: 298
x-request-id: 523096fe-4eb3-4e9f-9b65-393f6ae21abd
x-served-by: cache-fra-etou8220067-FRA
last-modified: Fri, 05 Jan 2024 21:52:43 GMT
server: Fastly
etag: "abbde0bf8d7eb82c52fa91cb8732f759"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 6AD4 474 B
615 B 110ms
40ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d5d594b04c843f4daaaf6510d4df5772.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1c34a241f9bfaf67a71ed575bd62b0d86e2a34d2d7cac0321ec4e2ee88830c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-38b7b969f27b07271934afd8e76645c0.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 07 Jan 2024 13:57:53 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 39
x-cache: HIT
content-length: 298
x-request-id: f8d475ce-15df-4b7f-bad9-004860284910
x-served-by: cache-fra-etou8220067-FRA
last-modified: Fri, 05 Jan 2024 21:52:43 GMT
server: Fastly
etag: "abbde0bf8d7eb82c52fa91cb8732f759"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 137ms
45ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TJ6G1HY8VL&gtm=45je4130v877721759z8833390310&_p=1704635873311&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1189796914.1704635874&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1704635873&sct=1&seg=0&dl=https%3A%2F%2Fwww.pelago.co%2Fen%2F&dt=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&en=page_view&_fv=1&_nsi=1&_ss=1&up.user_id_dimension=&up.customer_id=&tfd=2378
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pelago.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 311ms
49ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJ6G1HY8VL&cid=1189796914.1704635874&gtm=45je4130v877721759z8833390310&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pelago.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 184ms
91ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TJ6G1HY8VL&cid=1189796914.1704635874&gtm=45je4130v877721759z8833390310&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1346065859

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10193912.json Show response
s.yimg.com/wi/config/ 2 B
466 B 137ms
56ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10193912.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 07 Jan 2024 13:21:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: K1CHN7N6S7MMMHAC
age: 2181
content-length: 2
x-amz-id-2: vnKeB0psKNedGWGwcepbaftGhjzKFKqmStM0/o5pqiR8Le2HYIzlJdvLUzeSDB9kkTz8vphWFtU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 hasher.js Show response
static.sojern.com/cip/ Frame 81BB 18 KB
18 KB 45ms
39ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:43:20 GMT
age: 873
x-guploader-uploadid: ABPtcPoqIudkjvOMvQWI6Sy8zGVdJuxV7CC12sij_Lg0JXjdJO5v8h4mD85YlGkF_EaTWPlWXb4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Sun, 07 Jan 2024 14:43:20 GMT

GET
H2 200 create_params.js Show response
static.sojern.com/utils/ Frame 81BB 4 KB
4 KB 57ms
51ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:03:55 GMT
age: 3238
x-guploader-uploadid: ABPtcPoKmMeBxFAkRAMlQk36opHccSz23l-gQho94_lHaZo-neTzKYa3JvXZRihnx7gCqxTQKB8AtYdC-Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Sun, 07 Jan 2024 14:03:55 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/331425177/ 42 B
456 B 219ms
60ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/331425177/?random=1704635873648&cv=11&fst=1704632400000&bg=ffffff&guid=ON&async=1&gtm=45He4130v833390310&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.co%2Fen%2F&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vl8-1VeQZSVV1mH6sRlzOUq_LHwlig&random=4165267382&rmt_tld=0&ipr=y

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/331425177/ 42 B
456 B 137ms
90ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/331425177/?random=1704635873648&cv=11&fst=1704632400000&bg=ffffff&guid=ON&async=1&gtm=45He4130v833390310&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.co%2Fen%2F&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_vl8-1VeQZSVV1mH6sRlzOUq_LHwlig&random=4165267382&rmt_tld=1&ipr=y

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 132 B
570 B 202ms
76ms Fetch
application/json 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.pelago.co%2Fen%2F&buyer_pixel_id=10279
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ca8f178fe58aca73c02d87169795d653f508920e0d77c1e9d25eb7e999cea359

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 07 Jan 2024 13:57:54 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pelago.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 132
Expires: Sun, 07 Jan 2024 13:57:54 GMT

GET
H2 200 351794 Show response
beacon.sojern.com/pixel/p/ Frame 81BB 4 KB
1 KB 206ms
55ms Script
application/javascript 107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/351794?f_v=v6_js&p_v=1&f_v=v6_js&cid=&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&auto_out=email&s=%7Cauto_out_email&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 30150b2b6bc40bf9756e98980fba9f85c49a411817e77ae066779e0c7d558fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 829

GET
H2 200 954065941605939 Show response
connect.facebook.net/signals/config/ 140 KB
37 KB 176ms
174ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/954065941605939?v=2.9.139&r=stable&domain=www.pelago.co

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7b6fe4aeb195ba2fe54e983972a737e39f17d87cad99a92cd35bf090b40dd57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 07 Jan 2024 13:57:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: HbyZuCk/i89Ccqh9rLgvOiqOJBzdbz50UL1gWuiBre7/BVfrnRAWOZJKAFYncoD4IvhyKkML6QhTF19FC13KWg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ym_toast.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 2 KB
1 KB 52ms
51ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_toast.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb7b8e75aeed9f256b52399a58d93fa435271ebb9980d137f4cd13e8d5d9507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 3A2lA4CqeIs9tb7x4ABK2g==
age: 7456
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 334a28ae-f01e-0001-6e71-3dfe30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6642b653a85-FRA
expires: Sun, 07 Jan 2024 14:27:53 GMT

GET
H3 200 ym_skeleton.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 3 KB
1 KB 56ms
56ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_skeleton.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80516de91a75aa829e48e275af0f36146f861f6d801eb9f274527c2e0efd1216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: A05Tnclh8S4TRZiqxRyuAw==
age: 7456
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b50517ca-f01e-0001-1b71-3dfe30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6643b6c3a85-FRA
expires: Sun, 07 Jan 2024 14:27:53 GMT

GET
H2 204 343065587.js Show response
bat.bing.com/p/action/ 0
119 B 149ms
149ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343065587.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 07 Jan 2024 13:57:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F99A6B52BEA4066AE870D2A43661C08 Ref B: FRA31EDGE0214 Ref C: 2024-01-07T13:57:53Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
288 B 67ms
66ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343065587&Ver=2&mid=7d2c987a-49d1-41ab-9fe2-18ae66b6ae6d&sid=c0e7c6d0ad6411eea6f137c642d7467c&vid=c0e7f1d0ad6411ee8ee919df20150abe&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Book%20activities,%20attraction%20tickets,%20and%20things%20to%20do%20-%20Pelago&p=https%3A%2F%2Fwww.pelago.co%2Fen%2F&r=&lt=1929&evt=pageLoad&sv=1&rn=221979

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 07 Jan 2024 13:57:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21FF10459C4C497FA2BE802A00B5F020 Ref B: FRA31EDGE0214 Ref C: 2024-01-07T13:57:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK ab847cba-e163-4a31-8893-2619a1474f77
https://www.pelago.co/ Frame 68AC 66 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.pelago.co/ab847cba-e163-4a31-8893-2619a1474f77
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb6fb55093df3f8539c0240c7928f0a89a09d8b146921466e6ab9f7853e425b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 66
Content-Type: application/javascript

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
635 B 195ms
59ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2007%20Jan%202024%2013%3A57%3A53%20GMT&n=-1&b=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&.yp=10193912&f=https%3A%2F%2Fwww.pelago.co%2Fen%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 07 Jan 2024 13:57:54 GMT

GET
H2 200 main.MWZkNjY4MmI1MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 376 KB
101 KB 298ms
293ms Script
application/javascript 2.23.209.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAP8FP3C77U56BB6BKP0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: ac077c2d
date: Sun, 07 Jan 2024 13:57:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401041514450A0DBF258D67641FC31A
x-tt-trace-id: 00-2401041514450A0DBF258D67641FC31A-2DE3F50676394AA9-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-62-213-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01650e25ba6bfd16b726674010b33c6cd71afef808727ea5647c88dac7a70977ec8d21a02f85b9df8fdd22f2a97549332b94328d57fd1c1111157e052c8bb5217c9bf2c4ab99f8ee81e0a5f3e0a408ce682c39e52414a8f70a28db0e9e4a278625
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
content-length: 103177

GET
H3 200 widget-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 118 KB
20 KB 130ms
128ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a670e6c3524956b32df981610f54ba066c70ca7bf50b1a469597b016f1b8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: CuDguQrWOCWq25y0u24unQ==
age: 7457
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b50518ce-f01e-0001-0371-3dfe30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6651c333a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

POST
H2 200 bot-load-details Show response
r0.cloud.yellow.ai/api/plugin/ Frame 68AC 1 KB
731 B 200ms
200ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/bot-load-details?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6aa7b6fc67f8acc81ee8a40a96f693c44ad54bcef85e0679671d671596e4e72c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"5f8-B4PKB0etdxnRVqf5uFIitBfRyhc"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 841cb6682b6b9267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

OPTIONS
H2 200 bot-load-details
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 566ms
461ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/bot-load-details?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb665498b9267-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:54 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=*;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
adservice.google.com/ddm/fls/z/ Frame 70ED 42 B
402 B 432ms
77ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=*;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F

Requested by

Host: 4645703.fls.doubleclick.net
URL: https://4645703.fls.doubleclick.net/activityi;dc_pre=CIjK7L23y4MDFSpMkQUdWOsOng;src=4645703;type=siaco0;cat=phd_s0b1;ord=5946467828613;auiddc=2024287533.1704635874;gtm=45He4130v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4645703.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
0 272ms
94ms Fetch
image/gif 23.53.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-gtm&tag_version=6.17.4_cdc0d7a&provider=tag&buyer_pixel_id=10279&referer=https%3A%2F%2Fwww.pelago.co%2Fen%2F&user_session_id=cdc5b574-b371-4dba-87cd-08e711642c1c
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.233.62 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-233-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://www.pelago.co
date: Sun, 07 Jan 2024 13:57:54 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
135 B 287ms
110ms Image
image/gif 23.53.233.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.17.4_cdc0d7a&provider=tag&buyer_pixel_id=10279&referer=https%3A%2F%2Fwww.pelago.co%2Fen%2F&user_session_id=cdc5b574-b371-4dba-87cd-08e711642c1c
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.233.62 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-233-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Sun, 07 Jan 2024 13:57:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2

200

src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdp...
adservice.google.com/ddm/fls/z/ Frame 81BB
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12893172;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;np...
https://ad.doubleclick.net/ddm/activity/src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;ta...
https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag...

42 B
108 B

122ms
79ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=CKm9hL63y4MDFYPLOwIdl7gIUA;type=sales;cat=apacp000;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame 81BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=T2GGpoAChN5t7RIgeD0-6w&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvo...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD&sjrn_ula=7869894243&google_gid=CAESEBofGlzvx19uLd6gsfByEXg&google_cver=1

42 B
275 B

64ms
48ms

Image
image/gif

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD&sjrn_ula=7869894243&google_gid=CAESEBofGlzvx19uLd6gsfByEXg&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD&sjrn_ula=7869894243&google_gid=CAESEBofGlzvx19uLd6gsfByEXg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame 81BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=T2GGpoAChN5t7RIgeD0-6w&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopMDPsRC7lydsyoZxW61izyk-5nBNEAYa9imXzXd7xjZdCZOMkKrDDbJ0N5cjlUsG3s8gpBywqv2YpxMP6s_O_6Ujf0Dduz-qW1CbtxFYH4vFp6wZw
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopMDPsRC7lydsyoZxW61izyk-5nBNEAYa9imXzXd7xjZdCZOMkKrDDbJ0N5cjlUsG3s8gpBywqv2YpxMP6s_O_6Ujf0Dduz-qW1CbtxFYH4vFp6wZw

170 B
433 B

188ms
83ms

Image
image/png

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopMDPsRC7lydsyoZxW61izyk-5nBNEAYa9imXzXd7xjZdCZOMkKrDDbJ0N5cjlUsG3s8gpBywqv2YpxMP6s_O_6Ujf0Dduz-qW1CbtxFYH4vFp6wZw

Requested by

Protocol

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopMDPsRC7lydsyoZxW61izyk-5nBNEAYa9imXzXd7xjZdCZOMkKrDDbJ0N5cjlUsG3s8gpBywqv2YpxMP6s_O_6Ujf0Dduz-qW1CbtxFYH4vFp6wZw
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidnb
ib.adnxs.com/ Frame 81BB 43 B
574 B 146ms
45ms Image
image/gif 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
an-x-request-uuid: cbf1fc14-5ff3-40a5-af81-de68e362a25f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.105; 80.255.7.105; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 81BB 70 B
150 B 181ms
56ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=bwxB4ab9qOPFG79Y8eT_lLanHNTDth4JiHwPEsXV-xBu5eYjLvoSvgZwkT8Rt8XD&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame 81BB
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=4f6186a6-8002-84de-6ded-1220783d3eeb&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=4f6186a6-8002-84de-6ded-1220783d3eeb&party=1296
https://pixel.sojern.com/idsync/adf?adfid=7538630390920714082&cid=4f6186a6-8002-84de-6ded-1220783d3eeb

0
210 B

49ms
49ms

Image
text/plain

107.178.244.119
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=7538630390920714082&cid=4f6186a6-8002-84de-6ded-1220783d3eeb
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=undefined&pc=https%3A%2F%2Fwww.pelago.co%2Fen%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 07 Jan 2024 13:57:54 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=7538630390920714082&cid=4f6186a6-8002-84de-6ded-1220783d3eeb
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 119ms
39ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954065941605939&ev=PageView&dl=https%3A%2F%2Fwww.pelago.co%2Fen%2F&rl=&if=false&ts=1704635874116&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704635874112.161824208&hmd=83c60d8a31162204954b34e4&pl=https%3A%2F%2Fwww.pelago.co%2Fen%2F&ler=empty&it=1704635873915&coo=false&tm=1&rqm=GET

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 07 Jan 2024 13:57:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 119ms
39ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954065941605939&ev=Microdata&dl=https%3A%2F%2Fwww.pelago.co%2Fen%2F&rl=&if=false&ts=1704635874118&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago%22%2C%22meta%3Adescription%22%3A%22Discover%20and%20book%20a%20wide%20range%20of%20travel%20activities%2C%20attraction%20tickets%2C%20and%20tours%20with%20Pelago%20by%20Singapore%20Airlines.%20Find%20the%20best%20things%20to%20do%2C%20events%2C%20and%20sightseeing%20tours%20for%20your%20next%20adventure%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.pelago.co%2Fen%2F%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fwww.pelago.co%2Fen%2F%22%2C%22og%3Adescription%22%3A%22Discover%20and%20book%20a%20wide%20range%20of%20travel%20activities%2C%20attraction%20tickets%2C%20and%20tours%20with%20Pelago%20by%20Singapore%20Airlines.%20Find%20the%20best%20things%20to%20do%2C%20events%2C%20and%20sightseeing%20tours%20for%20your%20next%20adventure%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.pelago.co%2Fimg%2Fhome%2Ffirst-fold-valley-small.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Pelago%22%2C%22url%22%3A%22https%3A%2F%2Fwww.pelago.co%2F%22%7D%5D&sw=1600&sh=1200&v=2.9.139&r=stable&ec=1&o=4126&fbp=fb.1.1704635874112.161824208&hmd=83c60d8a31162204954b34e4&pl=https%3A%2F%2Fwww.pelago.co%2Fen%2F&ler=empty&it=1704635873915&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 07 Jan 2024 13:57:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 rating-stars-empty.svg
www.pelago.co/ 4 KB
4 KB 544ms
541ms Image
image/svg+xml 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/rating-stars-empty.svg

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/css/3af6a74f0e4aa32c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

f3601deda38558b1705e1e4506c4e116875714a890c35b38e4170ee8803175a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-aac39f7e-821d-4271-a7ff-cdee95356d95' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/_next/static/css/3af6a74f0e4aa32c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-aac39f7e-821d-4271-a7ff-cdee95356d95' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 09:52:58 GMT
server: CloudFront
etag: W/"ede-18c7c57cc90"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: Z02TmTA4q5KAScAcgY38AWaxrjkEEYeNQQUiUt1w8Tu4B8Ni-I9bfw==

GET
H2 200 rating-stars-filled.svg
www.pelago.co/ 3 KB
4 KB 546ms
543ms Image
image/svg+xml 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/rating-stars-filled.svg

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/css/3af6a74f0e4aa32c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

725406802328f7b86a22825fae66633afa06e6114bbdace1ea6c7f09b51cc3d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-aac39f7e-821d-4271-a7ff-cdee95356d95' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/_next/static/css/3af6a74f0e4aa32c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-aac39f7e-821d-4271-a7ff-cdee95356d95' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 18 Dec 2023 09:52:58 GMT
server: CloudFront
etag: W/"c14-18c7c57cc90"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: n5mRFA0RUpeW-yqUTgrIqaDPxVyTK5v55zLV6SBDZFSXfqIw_Hi82A==

GET
H2 200 pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GMS5ntw.woff
fonts.gstatic.com/s/nunitosans/v15/ 44 KB
45 KB 40ms
39ms Font
font/woff 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4GMS5ntw.woff

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a398c483d7936c762d6f63ede8cb861df3a6ae7df3f6e2ab4a34de8378f8b192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:17:37 GMT
x-content-type-options: nosniff
age: 524417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45468
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 12:17:37 GMT

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
289 B 679ms
245ms Fetch
application/json 52.221.69.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.221.69.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-69-34.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.co/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
x-amzn-trace-id: Root=1-659aade2-0f4f1ae04c01e9f76bed369a;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: c0e0d2ea-3496-422e-89ef-d9ab0dae94e1
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: RLAbfE0YSQ0EXZw=
content-length: 29

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
288 B 711ms
279ms Fetch
application/json 52.221.69.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.221.69.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-69-34.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.co/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
x-amzn-trace-id: Root=1-659aade2-02eed5ad083d430b15232678;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 7ce15fca-cbd4-4510-aefa-a3089e22408c
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: RLAbfEpDSQ0EXgQ=
content-length: 29

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
288 B 655ms
276ms Fetch
application/json 52.221.69.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.221.69.34 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-221-69-34.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.co/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
x-amzn-trace-id: Root=1-659aade2-0b9e44787534fe936e0c24a4;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 59fc9daf-6619-4188-ac63-1fc485146243
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: RLAbfEHASQ0EFLg=
content-length: 29

GET
H2 200 c9f91a57fa774473a9fe33a5519edc57_berlin-city-river-cruise-medium.webp
www.pelago.co/img/products/DE-Germany/berlin-city-river-cruise/ 47 KB
48 KB 44ms
42ms Image
image/webp 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/berlin-city-river-cruise/c9f91a57fa774473a9fe33a5519edc57_berlin-city-river-cruise-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5d256174a6f17db9669400ef0e93b56a1580172d27b98774a4d393b652401e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 09:05:48 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 103927
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 48566
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 14:07:40 GMT
server: AmazonS3
etag: "25956c666c9a76135826850ef579916a"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 6QPGmM_b8FnW8MkWvbixvIq0rjOE2WFIqJyqhEzh4nPgiVPoL0AFaQ==

GET
H2 200 e4d60030-b063-40a8-9768-277ef4da7c1a_jetsim-flight-simulator-experience-medium.webp
www.pelago.co/img/products/DE-Germany/jetsim-flight-simulator-experience/ 27 KB
27 KB 42ms
41ms Image
image/webp 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/jetsim-flight-simulator-experience/e4d60030-b063-40a8-9768-277ef4da7c1a_jetsim-flight-simulator-experience-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

815780a959adc438f017c6522e5aee430b37f63d297c68c673ca1da86309cc75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 16:53:22 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 248673
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27526
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 06:48:36 GMT
server: AmazonS3
etag: "2aadd06f8c9a32adcf6dbd19b7652b10"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: wFNLdh9xBb9yRSb62_JjJU_ApWwP44hGtrk74CyVFCeh4KIIjVPJsw==

GET
H2 200 174714f7-cf51-49dd-9ddf-945c0d2db3db_big-bus-berlin--hopon-hopoff-bus-tour-medium.webp
www.pelago.co/img/products/DE-Germany/big-bus-berlin/ 41 KB
42 KB 51ms
50ms Image
image/webp 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/big-bus-berlin/174714f7-cf51-49dd-9ddf-945c0d2db3db_big-bus-berlin--hopon-hopoff-bus-tour-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

55f9d4ac548d2fb6b528a557a8f0c42f69b3573e77a21c9d1894b53262d8718f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 13:23:56 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 261239
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 42382
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Nov 2023 14:06:26 GMT
server: AmazonS3
etag: "e5a3815bb8f777f9399edbbabc341352"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: G3PKbDvqhivb3Bd0K4BS_xEwfbW4Uzu9uJa2_YCrOmjYlDLz-3SOLA==

GET
H2 200 5941b2e9-82d9-4834-bb50-4eaaebc27b6b_berlin-dungeon-medium.webp
www.pelago.co/img/products/DE-Germany/berlin-dungeon/ 50 KB
51 KB 52ms
51ms Image
image/webp 18.173.187.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/berlin-dungeon/5941b2e9-82d9-4834-bb50-4eaaebc27b6b_berlin-dungeon-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-81.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0ab839e690d2a643686e467bb6bd4241a795d3dcd6ad3f7e4f951d1beae8884f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 04:39:19 GMT
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 33516
x-amz-cf-pop: MUC50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 51438
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Nov 2023 07:36:48 GMT
server: AmazonS3
etag: "7f5d2c1d737620e740405e79fe8cc7fd"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: qRNgf8FG_uaj_tKpWDWc1m9gqVyreEnPEIq9ihfADK-ZrWBpeA8XoA==

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 55ms
45ms Script
application/javascript 2.23.209.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-akamai-request-id: ac077d47
date: Sun, 07 Jan 2024 13:57:54 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024010415144693A9E2F1B237F560A551
x-tt-trace-id: 00-24010415144693A9E2F1B237F560A551-2C0365F8458224B9-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-62-213-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01650e25ba6bfd16b726674010b33c6cd71afef808727ea5647c88dac7a70977ec68266c95a694eb12e6c27edd171b5586860911307249676a88a9b1baa4d5fe1557e7fc85bb5d35ae961f0572dfa5a1e6437e4321d5f159bb0204dd1ffc52cc8a
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 37008

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
704 B 194ms
194ms Ping
text/plain 2.23.209.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.co/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ac077d65
date: Sun, 07 Jan 2024 13:57:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401071357545AF00F0CA0E86666023D-14B7654F344B9E22-00
x-cache: TCP_MISS from a23-62-213-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
server-timing: inner; dur=46, cdn-cache; desc=MISS, edge; dur=8, origin; dur=144
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401071357545AF00F0CA0E86666023D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 145,23.62.213.91
x-tt-trace-host: 017d0578f327b57d1558311a3c4228a5164e5d1b70c6ced29e519f3da7b9c91042679f139d64e610458cb7838a378c99efa715bb886aa88e85fce081884949e74ba638a7f6695c470de10dcf099c4c75ac80b8d5ff6fbb78d958c3c59f1aa8fbdf
access-control-allow-headers: Authorization,*
expires: Sun, 07 Jan 2024 13:57:54 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
846 B 353ms
353ms Ping
text/plain 2.23.209.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkNjY4MmI1MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.co/en/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a26f97aa.ac077ebb
date: Sun, 07 Jan 2024 13:57:54 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24010713575485A96DF99BB9F550463F-0A2EAE1626FE4C3D-00
x-cache: TCP_MISS from a23-62-213-91.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time: 303,23.62.213.91
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=219, inner; dur=213
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024010713575485A96DF99BB9F550463F
x-cache-remote: TCP_MISS from a23-220-106-73.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 219,23.220.106.73
x-tt-trace-host: 017d0578f327b57d1558311a3c4228a5161e9cb23f4f7c3942e7d596130a811a895fc55692ae4211072a8d5b747f1a5bb9bb59b5fd931466405d755313d814fbcfb88bc9ccf689eebc970f8ab02242df60d68865ac2f57456254a1270cb1a99b3a61628f24d8dca8bbe0a552be090b5c5b
access-control-allow-headers: Authorization,*
expires: Sun, 07 Jan 2024 13:57:54 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
610 B 62ms
60ms Stylesheet
text/css 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-vm6DlaHVPue7DA6-4S9Ngw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-vm6DlaHVPue7DA6-4S9Ngw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 07 Jan 2024 13:57:54 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
526 B 66ms
66ms XHR
application/json 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=705475193274-2tsh7qh08bvutpggv20lrkmnrpm9d190.apps.googleusercontent.com&as=GgfcrAdEm4lDn2%2BqtgCvOg

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4d92f538962f8ed5c9ef3011a9a6381efc68ad594e4f46479f0cc68af35a07f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EeHUd4fMgpeV_XR8DEL6fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-EeHUd4fMgpeV_XR8DEL6fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pelago.co
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 2FF0 200 B
958 B 39ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.co/en/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2792760
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:54 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 410806
x-content-type-options: nosniff
x-request-id: ddeb83b4-c1d2-4863-ad9e-aff404b9449b
x-served-by: cache-fra-etou8220029-FRA

GET
H2 200 90870 Show response
stags.bluekai.com/site/ Frame FEC0 71 B
655 B 312ms
193ms Document
text/html 2.19.244.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/90870?ret=html&phint=__bk_t%3DBook%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.pelago.co%2Fen%2F&phint=__bk_v%3D3.1.10&limit=4&r=87066530
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.244.177 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-244-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://www.pelago.co/en/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: 9f0f
content-length: 71
content-type: text/html
date: Sun, 07 Jan 2024 13:57:54 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/ 22 B
387 B 134ms
134ms Fetch
application/json 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/config
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 03d4757719046f4c10cf26a0a614f9db2b3292cabb9fdeec842ceca7bb72afa0

Request headers

x-ul-visitor-id: 4936102f-ddc5-4dc5-97da-0557b508eda9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-gtm
Referer: https://www.pelago.co/en/
x-ul-sdk-version: 2.25.1
x-ul-environment-id: uZwGPwBJqTWL
userleap-platform: web

Response headers

date: Sun, 07 Jan 2024 13:57:55 GMT
server: istio-envoy
etag: W/"16-HY6Nx7lnBwZDVIiGLTtYpyENHk4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 14
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
content-length: 22

OPTIONS
H/1.1 204
No Content config
api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/ Frame 0
0 494ms
123ms Preflight 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Sun, 07 Jan 2024 13:57:55 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 3

GET
H2 200 page.gif
track.customer.io/events/ 35 B
266 B 257ms
145ms Image
image/gif 35.227.225.220
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.pelago.co%2Fen%2F&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=2f1a2d8c-2c27-b480-d10c-38ba432a6792&site_id=97842d03f9edaf99a5ae&timestamp=1704635874701
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 page.gif
track.customer.io/events/ 35 B
90 B 258ms
146ms Image
image/gif 35.227.225.220
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.pelago.co%2Fen%2F&data%5BgeoCountryCode%5D=&data%5BgeoCity%5D=&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=2f1a2d8c-2c27-b480-d10c-38ba432a6792&site_id=97842d03f9edaf99a5ae&timestamp=1704635874702
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2FF0 526 B
473 B 39ms
39ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:57:54 GMT
via: 1.1 varnish
age: 2713780
x-cache: HIT
content-length: 315
x-request-id: 930de8a2-e8b3-485f-a331-2f8f6ce4de6e
x-served-by: cache-fra-etou8220029-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 393202

POST
H2 200 csp-report
q.stripe.com/ Frame 2FF0 0
718 B 212ms
212ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704635874846288
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704635874845687
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2FF0 0
718 B 208ms
208ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704635874846061
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1704635874845757
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

OPTIONS
H2 200 push-to-metrics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 189ms
188ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1689135807776&linkType=web&payload=[object%20Object]&source=yellowmessenger&subSource=null&_=1704635873924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ym-bot-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET,HEAD,POST
cf-cache-status: DYNAMIC
cf-ray: 841cb6699c789267-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:54 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 open-sans.min.css
cdn.yellowmessenger.com/ Frame 68AC 3 KB
1 KB 51ms
50ms Stylesheet
text/css 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans.min.css

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: cnI5v7BXL776bAJuh+msXA==
age: 3410
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:19:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e47862c4-601e-004b-4a14-1528d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6698fd53a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H2 200 push-to-metrics Show response
r0.cloud.yellow.ai/api/plugin/ Frame 68AC 46 B
163 B 453ms
452ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1689135807776&linkType=web&payload=[object%20Object]&source=yellowmessenger&subSource=null&_=1704635873924

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:55 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 46
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"2e-Gyi7Bl4WvG7CJ8s8OsTledI1y70"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 841cb66accfe9267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

GET
H3 200 strophe.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 84 KB
26 KB 55ms
55ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/strophe.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: G9n+eQa7CayAoVZa1q6AtA==
age: 3411
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ba474b30-f01e-0063-7c71-3d71ae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6699fe43a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 slick-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 6 KB
2 KB 53ms
53ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f0670aea7cb0b984e9ecc32d2242f42828af442112394ac87c1b6f9742db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: gmxiSxX77nFI2+n3wn7BmA==
age: 7457
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f802b764-701e-0004-4171-3deb91000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6699fe63a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 slick.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 42 KB
11 KB 57ms
57ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: fpfikI/QQZ66YV8VyA96kQ==
age: 7457
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2719b7a-a01e-002e-7371-3dbf82000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb6699fe83a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ Frame 68AC 2 KB
3 KB 53ms
53ms Image
image/png 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 11493
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 338d9243-701e-0041-6032-400292000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 841cb6699fe93a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 open-sans.min.css
cdn.yellowmessenger.com/ 3 KB
1 KB 54ms
54ms Stylesheet
text/css 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans.min.css

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: cnI5v7BXL776bAJuh+msXA==
age: 3410
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:19:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e47862c4-601e-004b-4a14-1528d0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb669aff63a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ 2 KB
3 KB 51ms
51ms Image
image/png 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 11493
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 338d9243-701e-0041-6032-400292000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 841cb669b8083a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 3EE9JwNTHh2U1695795804574.gif
cdn.yellowmessenger.com/ 25 KB
26 KB 52ms
52ms Image
image/gif 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/3EE9JwNTHh2U1695795804574.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da767abea34b57a95cc46a83a07e2d9324c11f836991bef28ba7372480d177f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: oFFbAMR0HoSHpPiLjNp0tw==
age: 11493
alt-svc: h3=":443"; ma=86400
content-length: 25635
x-ms-lease-status: unlocked
last-modified: Wed, 27 Sep 2023 06:23:24 GMT
server: cloudflare
etag: 0x8DBBF2241267FD8
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 0dc4367b-a01e-0028-28b0-135943000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 841cb669b80b3a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B20C 930 B
1 KB 48ms
39ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:54 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 133
x-content-type-options: nosniff
x-request-id: 19e2347a-82bb-4824-bef9-e26a791ece19
x-served-by: cache-fra-etou8220029-FRA
x-timer: S1704635875.850225,VS0,VE0

GET
H3 200 open-sans-latin-400-normal.woff2
cdn.yellowmessenger.com/ Frame 68AC 16 KB
17 KB 624ms
581ms Font
application/octet-stream 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans-latin-400-normal.woff2

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/open-sans.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.yellowmessenger.com/open-sans.min.css
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 1lETttp7pL0KWdvaWn4k1A==
alt-svc: h3=":443"; ma=86400
content-length: 16692
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:24:30 GMT
server: cloudflare
etag: 0x8DAEC926389A476
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 8cca537d-501e-0016-2639-1559d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 841cb66a2bcd9153-FRA
expires: Sun, 07 Jan 2024 14:27:55 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 6AD4 0
274 B 230ms
210ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d5d594b04c843f4daaaf6510d4df5772.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 07 Jan 2024 13:57:54 GMT
x-stripe-server-envoy-start-time-us: 1704635874978554
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1704635874978157
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 6AD4 0
274 B 305ms
284ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d5d594b04c843f4daaaf6510d4df5772.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 07 Jan 2024 13:57:55 GMT
x-stripe-server-envoy-start-time-us: 1704635875052056
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1704635875051830
access-control-allow-credentials: true
content-length: 0

GET
H3 200 remix.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 114 KB
15 KB 60ms
59ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/remix.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01c0e2985f2a64b75fd80a724dda0d0150e1df7b51c1f9f8b8e9c17a85062d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: zFDlxKW7X9gYcA5bhDblNQ==
age: 7453
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 754a42f0-e01e-002a-1a71-3d542e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb66a084a3a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 compact-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 2 KB
1 KB 52ms
51ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/compact-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72537cfe9af94c221b7dd97f3f0f6d6e29827b8e608ea95e0f3fdc44727e7574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: iEVN5GpEwpp3PPBv2nuPXQ==
age: 7453
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5fe9ed95-d01e-0015-6871-3daab4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb66a084b3a85-FRA
expires: Sun, 07 Jan 2024 14:27:54 GMT

GET
H3 200 open-sans-latin-400-normal.woff2
cdn.yellowmessenger.com/ 16 KB
17 KB 556ms
542ms Font
application/octet-stream 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans-latin-400-normal.woff2

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/open-sans.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.yellowmessenger.com/open-sans.min.css
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 1lETttp7pL0KWdvaWn4k1A==
alt-svc: h3=":443"; ma=86400
content-length: 16692
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:24:30 GMT
server: cloudflare
etag: 0x8DAEC926389A476
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 8cca537d-501e-0016-2639-1559d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 841cb66a2bcc9153-FRA
expires: Sun, 07 Jan 2024 14:27:55 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame B20C 0
492 B 276ms
276ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 07 Jan 2024 13:57:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704635875053222
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1704635875052595
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B20C 87 KB
15 KB 39ms
38ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 07 Jan 2024 13:57:54 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 32
x-cache: HIT
content-length: 15509
x-request-id: 731123e5-2ba4-4305-b21c-92b759bcad23
x-served-by: cache-fra-etou8220029-FRA
server: Fastly
x-timer: S1704635875.893434,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 31

POST
H2 200 6 Show response
m.stripe.com/ Frame B20C 156 B
670 B 636ms
207ms XHR
application/json 44.233.104.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.104.20 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-104-20.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

90d8658d1d876530d4359e4771068a55267290139b6ba0ea6e7041bfb710d0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 07 Jan 2024 13:57:55 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1704635875485410
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1704635875484973
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 ticket-details.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 8 KB
3 KB 50ms
49ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5fe8d27bbf4445b26c3bc0e80a33421a68ba4da6a82ea906162b8115c0f562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4icBD/UnAk+idC+9Yyjfcg==
age: 7458
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3213caef-101e-0012-4771-3db278000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb672bf823a85-FRA
expires: Sun, 07 Jan 2024 14:27:56 GMT

OPTIONS
H2 200 active-ticket-details
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 197ms
197ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/active-ticket-details?uid=38921586758165345918850971010&bot=x1689135807776&source=yellowmessenger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 841cb67319b69267-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:56 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 active-ticket-details Show response
r0.cloud.yellow.ai/api/plugin/ Frame 68AC 97 B
176 B 199ms
199ms Fetch
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/active-ticket-details?uid=38921586758165345918850971010&bot=x1689135807776&source=yellowmessenger

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f7768e13aaf8fad07e874e94019ca9cd37a896ca04455c7b375432d8a8a6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 13:57:56 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"61-bNw1M7CR/xgapEkxLrsjtkVpo2s"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 841cb6745a6e9267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ Frame 68AC 2 KB
3 KB 56ms
56ms Image
image/png 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 11495
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 338d9243-701e-0041-6032-400292000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 841cb675999c3a85-FRA
expires: Sun, 07 Jan 2024 14:27:56 GMT

OPTIONS
H2 200 receive
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 0
0 448ms
447ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id,x-ym-message-origin,x-ym-trace-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb6759b699267-FRA
content-encoding: br
content-security-policy: default-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 receive Show response
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 68AC 358 B
352 B 202ms
201ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb5ab2364fb8b93e1aa2ab7eb8956f49c6ce0df4e142bcac86fbe9d0ec1f0955

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
x-ym-message-origin: web-widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
x-ym-trace-id: 38921586758165345918850971010_MsaWpHLM1qDA7cqvzwU9J

Response headers

date: Sun, 07 Jan 2024 13:57:57 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"166-DnHMjLL8gqyaZV/31QYsJT112ho"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 841cb6786d819267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id

POST
H2 200 send-event Show response
r0.cloud.yellow.ai/integrations/analytics/ Frame 68AC 2 B
115 B 189ms
189ms XHR
text/plain 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/analytics/send-event?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 07 Jan 2024 13:57:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
feature-policy: geolocation 'self'
access-control-allow-credentials: true
cf-ray: 841cb6775cd89267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires: 0

OPTIONS
H2 200 send-event
r0.cloud.yellow.ai/integrations/analytics/ Frame 0
0 222ms
222ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/analytics/send-event?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb675fbe79267-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:56 GMT
expires: 0
feature-policy: geolocation 'self'
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 list-campaigns Show response
r0.cloud.yellow.ai/api/engagements/inbound/ Frame 68AC 46 B
182 B 458ms
457ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/engagements/inbound/list-campaigns?bot=x1689135807776&uid=38921586758165345918850971010&_=1704635873925

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:57:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 46
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"2e-r4PPgw/jRLNCglXgL/2LB7fi/Gg"
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
feature-policy: geolocation 'self'
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 841cb6768c439267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires: 0

OPTIONS
H2 200 update-user-info
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 191ms
190ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/update-user-info?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb679be819267-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 update-user-info Show response
r0.cloud.yellow.ai/api/plugin/ Frame 68AC 1 KB
675 B 220ms
219ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/update-user-info?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8c3d6b0e8ed47061c8d82b72b37dfe300ccb049664d8019708f0ce89089e0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 13:57:57 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"5a3-0wYoCTGIgmQFTDZJYGr33LCVqwA"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 841cb67aff3f9267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

OPTIONS
H2 200 receive
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 0
0 203ms
203ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id,x-ym-message-origin,x-ym-trace-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb67c58119267-FRA
content-encoding: br
content-security-policy: default-src 'self'
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 receive Show response
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 68AC 293 B
328 B 198ms
198ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d69d2f65fc360197867a4dc3909702a305e057e1f36a4e40565b00e9c6ab2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
x-ym-message-origin: web-widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
x-ym-trace-id: 38921586758165345918850971010_O5WKggt4u8TzLZjSDtUWH

Response headers

date: Sun, 07 Jan 2024 13:57:58 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"125-7lyDMP4Y3oOuQ6NUmUfIvvTu+yY"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 841cb67d98cf9267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id

OPTIONS
H2 200 analytics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 447ms
447ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/analytics?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb67c58149267-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 x1689135807776
r0.cloud.yellow.ai/api/status/message/ Frame 0
0 448ms
448ms Preflight 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/status/message/x1689135807776?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 841cb67d08779267-FRA
date: Sun, 07 Jan 2024 13:57:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

POST
H2 200 x1689135807776 Show response
r0.cloud.yellow.ai/api/status/message/ Frame 68AC 33 B
93 B 197ms
196ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/status/message/x1689135807776?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 13:57:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 841cb67fda419267-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-app-id
content-length: 33

GET
H3 200 process-quick-replies.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 68AC 19 KB
6 KB 50ms
50ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/process-quick-replies.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb8a715672444126ac26a82e58d8850da53eb905c6019650f3d375d735a0c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 07 Jan 2024 13:57:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: evHtpiCYIlqp7oomTpz/1Q==
age: 7454
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 02 Jan 2024 11:48:42 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8800ef8c-501e-0016-6071-3d59d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 841cb67d1fb73a85-FRA
expires: Sun, 07 Jan 2024 14:27:57 GMT

OPTIONS
H2 200 analytics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 195ms
194ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/analytics?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 841cb67d78aa9267-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Sun, 07 Jan 2024 13:57:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js Show response
js.stripe.com/v3/fingerprinted/js/ 176 B
448 B 44ms
43ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:57:59 GMT
via: 1.1 varnish
age: 1453331
x-cache: HIT
content-length: 127
x-request-id: efc2e4d4-45dc-42c1-a8c7-334bb226c63c
x-served-by: cache-fra-etou8220029-FRA
last-modified: Thu, 21 Dec 2023 18:13:43 GMT
server: Fastly
etag: "96f5b26d366f47393b3ff36fe7471474"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 66257

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pelago.co/	1970-01-21 02:16:11	Name: __pelago-currency__ Value: EUR
www.pelago.co/	1970-01-21 02:16:11	Name: dsUserId Value: 5975f701-6c4b-4aad-bddf-63be5a6b6938
www.pelago.co/	1970-01-20 18:13:47	Name: __last_click_from__ Value:
www.pelago.co/	1970-01-20 18:13:47	Name: __first_click_from__ Value: %20
www.pelago.co/	1970-01-20 17:30:37	Name: __pelago-ds-session-id__ Value: a43db031-dbca-4596-a39b-402768e52ef0
www.pelago.co/	1970-01-21 03:06:35	Name: __pelag_pdp_visit__ Value: false
.pelago.co/	1970-01-21 03:06:35	Name: __ssid Value: 8c11a7498fdc93e396c47582afa2567
.pelago.co/	1970-01-20 19:40:11	Name: _gcl_au Value: 1.1.2024287533.1704635874
.pelago.co/	1970-01-21 03:06:35	Name: _ga_TJ6G1HY8VL Value: GS1.1.1704635873.1.0.1704635873.60.0.0
.pelago.co/	1970-01-21 03:06:35	Name: _ga Value: GA1.1.1189796914.1704635874
.tiktok.com/	1970-01-21 02:52:11	Name: _ttp Value: 2ad5yzhDsqBqqyIQeAHh8GbJd5b
.pelago.co/	1970-01-20 17:32:02	Name: _uetsid Value: c0e7c6d0ad6411eea6f137c642d7467c
.pelago.co/	1970-01-21 02:52:11	Name: _uetvid Value: c0e7f1d0ad6411ee8ee919df20150abe
.doubleclick.net/	1970-01-21 02:52:11	Name: IDE Value: AHWqTUnGWCw86lnQiOldv2jaIf4ZbsvCqU84cz3wF0TqJrKy6p6WY9w5kwPmvYNzazw
.bing.com/	1970-01-21 02:52:11	Name: MUID Value: 3439A4953D7C643F3525B76A3CF76581
.pelago.co/	1970-01-20 17:30:37	Name: tfpsi Value: cdc5b574-b371-4dba-87cd-08e711642c1c
.pelago.co/	1970-01-20 19:40:11	Name: _fbp Value: fb.1.1704635874112.161824208
.yahoo.com/	1970-01-21 02:16:33	Name: A3 Value: d=AQABBOKtmmUCEJ90pO3y1-WkG-rw2H_jGZkFEgEBAQH_m2WkZeAJyiMA_eMAAA&S=AQAAAofsLHJY5IYHSqnqEZB694M
.adform.net/	1970-01-20 18:15:14	Name: C Value: 1
.adform.net/	1970-01-20 18:56:59	Name: uid Value: 7538630390920714082
.sojern.com/	1970-01-21 02:16:11	Name: gid Value: CAESEBofGlzvx19uLd6gsfByEXg
.sojern.com/	1970-01-21 02:16:11	Name: cid Value: 4f6186a6-8002-84de-6ded-1220783d3eeb#1704585600000
.sojern.com/	1970-01-21 02:16:11	Name: adfid Value: 7538630390920714082
.pelago.co/	1970-01-21 02:52:11	Name: _tt_enable_cookie Value: 1
.pelago.co/	1970-01-21 02:52:11	Name: _ttp Value: FuwY-D1Wliwm1xaWulgRJwYseBo
.pelago.co/	1970-01-21 02:16:11	Name: _cioanonid Value: 2f1a2d8c-2c27-b480-d10c-38ba432a6792
.bluekai.com/	1970-01-20 21:49:47	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:49:47	Name: bkpa Value: KJhBEN6nQp91deUNqqUSpV6wjKye7dzwhs7HRnPiedlfuyze/xZ8Yl5c6AYybPP5pr3tVJQKG6FZ7iSR3FG1aRHIwqy4Hvf3Ogxu09SHw01skLM8ixsGsupIkbZBan+6/ubKHhFcQ4++U5l84zq9sUFLsw49c/uIifpAtgjBpMI5qBi7+OhjfiDgufE1jvRuH0wOcJwaXW2az5n3YlTHuBx=
.bluekai.com/	1970-01-20 21:49:47	Name: bku Value: 2Z/O9mv+ZZVeW1Tg
m.stripe.com/	1970-01-21 03:06:35	Name: m Value: d2fe26b9-5968-4d5c-94bb-b1545782cc28953078
.www.pelago.co/	1970-01-21 02:16:11	Name: __stripe_mid Value: d50e7777-fbf1-49f8-85bb-267042a3428380371f
.www.pelago.co/	1970-01-20 17:30:37	Name: __stripe_sid Value: 2b78af11-0f22-45f8-957b-32a9038e5870c73f92

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-4d4e3c825b59ac8354088a8b08893b16' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4645703.fls.doubleclick.net
accounts.google.com
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.sprig.com
assets.customer.io
bat.bing.com
beacon.sojern.com
browser.sentry-cdn.com
c1.adform.net
cdn.sift.com
cdn.sprig.com
cdn.yellowmessenger.com
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
ds.pelago.co
fcmatch.google.com
fcmatch.youtube.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
ib.adnxs.com
js.sentry-cdn.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
p.teads.tv
pixel.sojern.com
q.stripe.com
r.stripe.com
r0.cloud.yellow.ai
region1.analytics.google.com
s.yimg.com
sp.analytics.yahoo.com
stags.bluekai.com
static.sojern.com
stats.g.doubleclick.net
t.teads.tv
tags.bkrtx.com
track.customer.io
traveller-core.pelago.co
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.pelago.co
107.178.244.119
142.250.185.98
151.101.128.176
172.217.16.198
172.217.23.102
18.173.187.30
18.173.187.81
18.239.83.6
185.89.210.122
2.19.244.177
2.23.209.27
2001:4860:4802:32::36
212.82.100.181
23.32.185.35
23.45.239.144
23.53.233.62
2600:9000:223c:3200:11:9cfd:9400:93a1
2606:4700::6812:33
2606:4700::6812:769
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:811::200e
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a00:1450:400c:c09::54
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:400::729
3.33.166.164
3.33.220.150
34.102.232.42
34.198.52.31
34.96.67.224
35.227.225.220
35.244.188.9
37.157.3.26
44.233.104.20
52.221.69.34
54.186.23.98
0320b344a98e34a0274ec808e181412c3108648520cf165a090926dce86cca2d
03d4757719046f4c10cf26a0a614f9db2b3292cabb9fdeec842ceca7bb72afa0
05d3ee9444e8d1d6837c9aea8302264612d118b452de34f4e68989ca3b04b82b
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
0ab839e690d2a643686e467bb6bd4241a795d3dcd6ad3f7e4f951d1beae8884f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c42c5e20780b95357f72b724ecc2a15b31e55f74be10f1d3a82d3a399373308
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
0dbb6f708ac85ec661443d9a72890fb582b2296bea8de84c4d1bd07f9f69ca70
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4
14f0670aea7cb0b984e9ecc32d2242f42828af442112394ac87c1b6f9742db7d
15715bad2234fa406887a83f10703b4b4bb49633bc6d1008f61023fac16a5acd
166048b1b494b546d686a6442bac330a2ffeaa0afaf5a58d7ed0116d602296d2
16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf
1c34a241f9bfaf67a71ed575bd62b0d86e2a34d2d7cac0321ec4e2ee88830c7a
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d31c54eba5932384818bcab1ceeb0194618676fa9ce87e12da511cb6ccf0e54
1d8c3d6b0e8ed47061c8d82b72b37dfe300ccb049664d8019708f0ce89089e0b
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
2aa7779577c8f4ff268d5bbd5b13b7d577930c1824b43b4b5442d4c92a695154
30150b2b6bc40bf9756e98980fba9f85c49a411817e77ae066779e0c7d558fbf
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
349b1ab98a7343fdd33b354fe7758e8dda0827775ec48cdf27d429d319d1ff11
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
35e961433fb0b7dd04127fb1baaab6f1083c0361209d63683d8eb0cc285589b5
36a670e6c3524956b32df981610f54ba066c70ca7bf50b1a469597b016f1b8a8
37f9f9d006015d73f4ceac460a588fa35e2a6000479a3d2d31639e2b8e5a6381
3c07f231c779a17313f5aa65ffa1bdf3a0b6e3f68ab282ef320b45f1abdd8264
419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb7b8e75aeed9f256b52399a58d93fa435271ebb9980d137f4cd13e8d5d9507
4d475e3d13cc357f561e996d65830eb0cc7679d5cd2ef5a3ffa8670deeb93476
529efab20f3260d4417d5f0d8928da34befbd0bf416fa72b23fc511a486e801e
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a
553b0da1ce02d5f77eb06fa77c35c818af82ea66b92002ef5ea5a0d350ae3d54
55f9d4ac548d2fb6b528a557a8f0c42f69b3573e77a21c9d1894b53262d8718f
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60
5d256174a6f17db9669400ef0e93b56a1580172d27b98774a4d393b652401e2b
5de4b509121ea99acb680043614016f91fd514c4a8e9f930ec59b7b03f2dd1df
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f49039179f79e3b7285d92511a64557ae705ea16703fb7e3dc45f0dde798bd1
6439428bd3a764c2d7d27cfe6a409fd87644155926b53fa5820afc9503da75d7
65d58db9a5fe0a9ff8447e4c90e084e95e3a8944e6a7851945e87d4ab91e9512
698fdc1f2eb6e91904a2f19f8d03e848f1f87d4e66e2f7f0af710bdc3f6cadde
6aa7b6fc67f8acc81ee8a40a96f693c44ad54bcef85e0679671d671596e4e72c
6d5fe8d27bbf4445b26c3bc0e80a33421a68ba4da6a82ea906162b8115c0f562
6de8303f281575fad2563229c48a4ed87fb44b9b9203554750eb7d87e576a0da
72537cfe9af94c221b7dd97f3f0f6d6e29827b8e608ea95e0f3fdc44727e7574
725406802328f7b86a22825fae66633afa06e6114bbdace1ea6c7f09b51cc3d5
7f1b3e3c83302d46a26016bff87d693ea0d18c8e0368fd2223240251ad4f213d
7f76b77de559582a4980a7c0295caf90e39af4e500cd908c9869035f62cafad2
80516de91a75aa829e48e275af0f36146f861f6d801eb9f274527c2e0efd1216
815780a959adc438f017c6522e5aee430b37f63d297c68c673ca1da86309cc75
81d2a3103094bdc2b76a2530b77a61cd13b30bd2eb6b6faf0555a3396c4d00f4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90d8658d1d876530d4359e4771068a55267290139b6ba0ea6e7041bfb710d0a0
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94d69d2f65fc360197867a4dc3909702a305e057e1f36a4e40565b00e9c6ab2e
9de0622588292a819a585fe4214453b3c285ce70f145874f065bd8f560d082e0
9e9941847246f18fab3786cd9036f80c9484213c3ec1939509e77e0e16fcb09a
9f9ba6d984d2808a3f17ff083ae0ad2b1c9bbe22974e1a23e33432b3a3fa1d57
9fb8a715672444126ac26a82e58d8850da53eb905c6019650f3d375d735a0c53
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aab6a0506bd9004facc195fd3697938e392bf6f633bbbe6cc503f46a233d3f
a36f920f59f2aee0a9360430c9b42dea33c76fbf69d18fc55be57baf7315beef
a398c483d7936c762d6f63ede8cb861df3a6ae7df3f6e2ab4a34de8378f8b192
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
afb6fb55093df3f8539c0240c7928f0a89a09d8b146921466e6ab9f7853e425b
b01c0e2985f2a64b75fd80a724dda0d0150e1df7b51c1f9f8b8e9c17a85062d0
b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b
b59d9fa595ca82d47dc30ce80d462c2c8b00fe3a37f9dd7256bd5c571dd88c5c
b78c0ae95c242d1fc0bb302f0975254e0337a87a232a742476f16211bdc7e786
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba4327f7c7bbe1c88230e7a1d26103cf39f3abefcb0fed2ef4f5ae1d47980444
bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6
bc1c05bdd3b01d9aa9d49cd9381d674cb1e061a55698f2fabf7813ea46036956
c105f56d03aa92f6bdf45256f3793e73ad67e3c092a1ac25e06839bb7aed635e
c168d916de50e0398ff86fad8ac112726434427b9bfcbc0f15eca6bf56647c9f
c22d548d81553d44b569a214db91f0e467bdf6d5edf1deb92bfb338412b902c7
c27cdeb77e481ed5473766596c1a98fd7174c671071e185253f7307053888924
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d
c7b6fe4aeb195ba2fe54e983972a737e39f17d87cad99a92cd35bf090b40dd57
ca8f178fe58aca73c02d87169795d653f508920e0d77c1e9d25eb7e999cea359
cb5ab2364fb8b93e1aa2ab7eb8956f49c6ce0df4e142bcac86fbe9d0ec1f0955
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d0486f4b18b3dd326cc8c716a0568ad41de8dc36e168a711871034149a3676c0
d4d92f538962f8ed5c9ef3011a9a6381efc68ad594e4f46479f0cc68af35a07f
da767abea34b57a95cc46a83a07e2d9324c11f836991bef28ba7372480d177f7
dc6658a0cd798fc6a50a1fee974fb6821cec8877c4763c47371afee9dc81df53
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8
eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd91cc6f9847569d0c14ae9c9d9f0a7ddaa6dcfb4ddc640dd1496c54710402e
f0b547193d6534da2846aa4911ae085d40edbad97fcf60105b30bd85a95b43f6
f1759dae8b5a6386ccf52c000efefe03e3b568dbeec6524f8d4801cbd4762bce
f19bf900b1b6be9f741d3aafc50a04972a39fb02d657ec183b6f153967fb489e
f1d2fc29d8019e387b2ff6eaa96c46575bb00a4985c57b93ad47b5503bc64500
f3601deda38558b1705e1e4506c4e116875714a890c35b38e4170ee8803175a6
f37799158a46d75a833b054b1819809dcb92b1140fbb17c1414ddd91cfc4d52d
f5259b73e08ddae2172be725c422c5f128d05e0d0e7901a3e705cf378f2ee03a
f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b
f9f7768e13aaf8fad07e874e94019ca9cd37a896ca04455c7b375432d8a8a6bb
fa09d38a8527c9ac83a09a220660d013fd241447a7da3da88039ff7c052f3f8c
facb3fb891888f53f19f69b6a4dc8bd15193ab267dd0a6b335f48a60fcf38937

www.pelago.co Open in urlscan Pro 18.173.187.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

96 %HTTPS

42 %IPv6

29 Domains

49 Subdomains

41 IPs

8 Countries

3481 kBTransfer

9284 kBSize

32 Cookies

10 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pelago.co Open in urlscan Pro
18.173.187.81 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

96 %
HTTPS

42 %
IPv6

29
Domains

49
Subdomains

41
IPs

8
Countries

3481 kB
Transfer

9284 kB
Size

32
Cookies

163 HTTP transactions
0 data transactions