www.pelago.co Open in urlscan Pro
143.204.98.88 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hooks.stripe.com/3d_secure_2/hosted?merchant=acct_1FiuuYGxacKVip5s&payment_intent=pi_3NMLhJGxacKVip5s072Mc6Ik&pay...
Effective URL:
https://www.pelago.co/en-MY/
Submission Tags: falconsandbox
Submission: On December 01 via api (December 1st 2023, 2:04:53 pm UTC) from US — Scanned from DE

Summary HTTP 154 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 42 IPs in 7 countries across 29 domains to perform 154 HTTP transactions. The main IP is 143.204.98.88, located in United States and belongs to AMAZON-02, US. The main domain is www.pelago.co. The Cisco Umbrella rank of the primary domain is 758400.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 20th 2023. Valid for: a year.

This is the only time www.pelago.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.34.78.115 176.34.78.115	16509 (AMAZON-02) (AMAZON-02)
1 28	143.204.98.88 143.204.98.88	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
14	3.33.166.164 3.33.166.164	16509 (AMAZON-02) (AMAZON-02)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
22	2606:4700::68... 2606:4700::6812:33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	23.212.204.55 23.212.204.55	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.27.12 13.32.27.12	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	23.37.226.187 23.37.226.187	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:223... 2600:9000:223c:4e00:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
3	54.169.93.153 54.169.93.153	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700::68... 2606:4700::6812:669	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
4	52.86.181.185 52.86.181.185	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.225.220 35.227.225.220	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:3400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.213.255.230 34.213.255.230	16509 (AMAZON-02) (AMAZON-02)
154	42

1 176.34.78.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-78-115.eu-west-1.compute.amazonaws.com

hooks.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 143.204.98.88 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-88.fra50.r.cloudfront.net

www.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.33.166.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: ace343a40f543a26b.awsglobalaccelerator.com

traveller-core.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6812:33 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.yellowmessenger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.204.55 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-204-55.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-12.fra56.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

4645703.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.226.187 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-37-226-187.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4e00:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.169.93.153 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-93-153.ap-southeast-1.compute.amazonaws.com

ds.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700::6812:669 (United States)

ASN13335 (CLOUDFLARENET, US)

r0.cloud.yellow.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.86.181.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-181-185.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.225.220 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:3400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.255.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-255-230.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	pelago.co 1 redirects www.pelago.co — Cisco Umbrella Rank: 758400 traveller-core.pelago.co ds.pelago.co	2 MB
22	yellowmessenger.com cdn.yellowmessenger.com — Cisco Umbrella Rank: 77265	450 KB
18	yellow.ai r0.cloud.yellow.ai — Cisco Umbrella Rank: 822245	3 KB
8	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 4645703.fls.doubleclick.net — Cisco Umbrella Rank: 147979 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	5 KB
8	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 23 region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93 fcmatch.google.com — Cisco Umbrella Rank: 3300	82 KB
8	stripe.com 1 redirects hooks.stripe.com — Cisco Umbrella Rank: 86489 js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 m.stripe.com — Cisco Umbrella Rank: 1245	159 KB
6	sojern.com static.sojern.com — Cisco Umbrella Rank: 14090 beacon.sojern.com — Cisco Umbrella Rank: 5541 pixel.sojern.com — Cisco Umbrella Rank: 8452	28 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	146 KB
5	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 7470 api.sprig.com — Cisco Umbrella Rank: 4342	98 KB
4	gstatic.com fonts.gstatic.com	118 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	customer.io assets.customer.io — Cisco Umbrella Rank: 16209 track.customer.io — Cisco Umbrella Rank: 12094	3 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 4973 cm.teads.tv — Cisco Umbrella Rank: 4406 t.teads.tv — Cisco Umbrella Rank: 2635	7 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	18 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	google.de www.google.de — Cisco Umbrella Rank: 6765	562 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 630	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	92 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 6063 browser.sentry-cdn.com — Cisco Umbrella Rank: 3972	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	181 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	660 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	573 B
1	youtube.com fcmatch.youtube.com — Cisco Umbrella Rank: 3289	432 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1308	632 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 5121	16 KB
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 5079	288 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 13373	21 KB
154	29

	Domain	Requested by
28	www.pelago.co	1 redirects www.pelago.co
22	cdn.yellowmessenger.com	www.pelago.co cdn.yellowmessenger.com
18	r0.cloud.yellow.ai	cdn.yellowmessenger.com
14	traveller-core.pelago.co	www.pelago.co
5	analytics.tiktok.com	www.pelago.co analytics.tiktok.com
4	api.sprig.com	browser.sentry-cdn.com
4	fonts.gstatic.com	www.pelago.co
3	q.stripe.com	www.pelago.co
3	ds.pelago.co	browser.sentry-cdn.com
3	bat.bing.com	www.pelago.co bat.bing.com
3	static.sojern.com	www.pelago.co static.sojern.com
3	accounts.google.com	www.pelago.co accounts.google.com browser.sentry-cdn.com
3	js.stripe.com	www.pelago.co js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	track.customer.io
2	c1.adform.net	2 redirects
2	pixel.sojern.com	static.sojern.com
2	cm.g.doubleclick.net	2 redirects
2	ad.doubleclick.net	2 redirects
2	www.facebook.com	www.pelago.co
2	adservice.google.com	4645703.fls.doubleclick.net static.sojern.com
2	www.google.de	www.pelago.co
2	s.yimg.com	www.pelago.co browser.sentry-cdn.com
2	connect.facebook.net	www.pelago.co connect.facebook.net
2	4645703.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.pelago.co www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	stags.bluekai.com	tags.bkrtx.com
1	match.adsrvr.org	static.sojern.com
1	ib.adnxs.com	static.sojern.com
1	fcmatch.youtube.com	static.sojern.com
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	static.sojern.com
1	t.teads.tv	www.pelago.co
1	sp.analytics.yahoo.com	www.pelago.co
1	cm.teads.tv	browser.sentry-cdn.com
1	www.google.com	www.pelago.co
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	assets.customer.io	www.pelago.co
1	p.teads.tv	www.googletagmanager.com
1	cdn.sprig.com	www.googletagmanager.com
1	tags.bkrtx.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	hexagon-analytics.com	www.pelago.co
1	cdn.sift.com	www.pelago.co
1	js.sentry-cdn.com	www.pelago.co
1	hooks.stripe.com	1 redirects
154	49

This site contains links to these domains. Also see Links.

Domain
pages.pelago.co
www.tiktok.com
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
pelago.co Amazon RSA 2048 M01	`2023-06-20` - `2024-07-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.sift.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-10` - `2024-02-10`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
yellowmessenger.com Cloudflare Inc ECC CA-3	`2023-08-20` - `2024-08-19`	a year	crt.sh
*.hexagon-analytics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-11-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-17`	a year	crt.sh
api.sprig.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.customer.io Amazon RSA 2048 M03	`2023-10-19` - `2024-11-15`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2023-12-27`	2 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
yellow.ai Cloudflare Inc ECC CA-3	`2023-08-20` - `2024-08-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
istio-gateway.sprig.com Amazon RSA 2048 M01	`2023-05-23` - `2024-06-20`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
api.customer.io GTS CA 1D4	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.pelago.co/en-MY/
Frame ID: 81BEE777BBA5B2A3DF2F08B15A0177D8
Requests: 90 HTTP requests in this frame

Frame: https://4645703.fls.doubleclick.net/activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F
Frame ID: 9F6CB3D7DEEAA491D77452E79E859718
Requests: 2 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: F9022F3FA9466A956B493A48EFB05101
Requests: 10 HTTP requests in this frame

Frame: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Frame ID: A05643604A52EA6C805598B837B2B456
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 1125D631D77E5B8EE7F8A4C5DCB2B146
Requests: 4 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/90870?ret=html&phint=__bk_t%3DBook%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&phint=__bk_v%3D3.1.10&limit=4&r=49094870
Frame ID: 8381E65495A520798C8B132E3CFA01C0
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 98EA8E97E63B8961B4B3AE2E29309430
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Book activities, attraction tickets, and things to do - Pelago

Page URL History Show full URLs

https://hooks.stripe.com/3d_secure_2/hosted?merchant=acct_1FiuuYGxacKVip5s&payment_intent=pi_3NMLhJGx... HTTP 302
https://www.pelago.co/en-MY/booking/status/PG39966937/?payment_intent=pi_3NMLhJGxacKVip5s072Mc6Ik&... HTTP 307
https://www.pelago.co/en-MY/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

154
Requests

96 %
HTTPS

43 %
IPv6

29
Domains

49
Subdomains

42
IPs

7
Countries

3256 kB
Transfer

8211 kB
Size

30
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://pages.pelago.co/en/promotions
Title: *T&Cs apply

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@discoverpelago

Search URL Search Domain Scan URL

URL: https://www.facebook.com/discoverpelago/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/discoverpelago/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/discoverpelago/about/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hooks.stripe.com/3d_secure_2/hosted?merchant=acct_1FiuuYGxacKVip5s&payment_intent=pi_3NMLhJGxacKVip5s072Mc6Ik&pay... HTTP 302
https://www.pelago.co/en-MY/booking/status/PG39966937/?payment_intent=pi_3NMLhJGxacKVip5s072Mc6Ik&payment_intent_client_secret&source_type=card HTTP 307
https://www.pelago.co/en-MY/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://4645703.fls.doubleclick.net/activityi;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F HTTP 302
https://4645703.fls.doubleclick.net/activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F

Request Chain 99

https://ad.doubleclick.net/ddm/activity/src=12893172;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=hbq069JkMzJfv-I5i01yhA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et&sjrn_ula=7904292892 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et&sjrn_ula=7904292892&google_gid=CAESEGnWrljIO9uHr3aW9ffpibo&google_cver=1

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_hm=hbq069JkMzJfv-I5i01yhA&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDooOaEoHXNud2euDR_CB64PFNXPurZQkEBG7DLzTdaogbEZDvhY6LE2FpKZUcFhmKYqt22bFotgiwJXirV3E0BNGczIKgTEe7ZPzGHwNhkCEP-VVo8U HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOaEoHXNud2euDR_CB64PFNXPurZQkEBG7DLzTdaogbEZDvhY6LE2FpKZUcFhmKYqt22bFotgiwJXirV3E0BNGczIKgTEe7ZPzGHwNhkCEP-VVo8U

Request Chain 104

https://c1.adform.net/serving/cookie/match?cid=85bab4eb-d264-3332-5fbf-e2398b4d7284&party=1296 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&cid=85bab4eb-d264-3332-5fbf-e2398b4d7284&party=1296 HTTP 302
https://pixel.sojern.com/idsync/adf?adfid=5692606333844727900&cid=85bab4eb-d264-3332-5fbf-e2398b4d7284

154 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pelago.co/en-MY/
Redirect Chain

https://hooks.stripe.com/3d_secure_2/hosted?merchant=acct_1FiuuYGxacKVip5s&payment_intent=pi_3NMLhJGxacKVip5s072Mc6Ik&pay...
https://www.pelago.co/en-MY/booking/status/PG39966937/?payment_intent=pi_3NMLhJGxacKVip5s072Mc6Ik&payment_intent_client_secret&source_type=card
https://www.pelago.co/en-MY/

485 KB
95 KB

1024ms
1024ms

Document
text/html

143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

CloudFront / Next.js

Resource Hash

c291c35d8d662efd64ac4e9b2db9b92e1b1a5a6c2a48c7c1789450c58c311752

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-4875a39161a80488817e0e66add0acff' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-4875a39161a80488817e0e66add0acff' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:43 GMT
etag: "794a3-HcXJdxnyf+XMl9+BCew36X5q9Ts"
referrer-policy: no-referrer-when-downgrade
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-id: -FPZ3qNdRPKD7WwleJlNg_qYbPBMaNfB0xOzMqz-J9IlsjkKPZUuLw==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-b8ebcbe7-31ef-4e31-8ba3-74aca1b9e380' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
date: Fri, 01 Dec 2023 14:04:42 GMT
location: /en-MY/
referrer-policy: no-referrer-when-downgrade
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-id: 9lxtSTfCKX14At9Wy7J4UWQq2xY46u11eabS4EO76UpIEhF8GpCj3w==
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-nonce: 5a7e65151bffaddc3609547f454e8b09
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 97df19833d9fa701.css
www.pelago.co/_next/static/css/ 215 KB
26 KB 57ms
56ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/97df19833d9fa701.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

15715bad2234fa406887a83f10703b4b4bb49633bc6d1008f61023fac16a5acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:52:37 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 33127
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Nov 2023 06:38:22 GMT
server: AmazonS3
etag: W/"f341ddce406e2effa12929c4f5962f02"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: 6_szPIzv1n7VhJ1siFli64SRy82tEyhyW5u2Z0ecQ1gmUUDf4ODKyg==

GET
H2 200 8ef90621f6ebc8f5.css
www.pelago.co/_next/static/css/ 114 KB
14 KB 60ms
59ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/8ef90621f6ebc8f5.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9f7186216f86e63ac1358d3ede4ef20c0336dc7f0509e87ce3a2b3f9c353292e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:33:05 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23499
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:31:43 GMT
server: AmazonS3
etag: W/"914a2ed4e85c1999d5b402f5e03566ed"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: QXcJ7GnO4cC26BuzNqWoT8Kjl7PwdGeeS9jeVHdv4YLvbHtbMwNzog==

GET
H2 200 3489010307ea7f8d.css
www.pelago.co/_next/static/css/ 44 KB
7 KB 63ms
63ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/3489010307ea7f8d.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

611e64714abfca66fe42e8ad0d30f4c0e7a2e52280a99db331a4e6b87bb494a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:35:49 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23335
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:31:42 GMT
server: AmazonS3
etag: W/"710c1e2c3e98a1d28a52ba53179ee9a3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: wYkahq2mvqn5k1ngQ4MGwa5OlDWv206qJfJ0Nxvzl3Il1AZgyp5U1g==

GET
H2 200 webpack-747449a7f72c0fca.js Show response
www.pelago.co/_next/static/chunks/ 74 KB
38 KB 226ms
221ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/webpack-747449a7f72c0fca.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0bd10c306c8ccf0dc185ec973dcc7f25a4cbdfdd7521bfa529c92c3d7f42a35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:32:02 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23562
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:31:42 GMT
server: AmazonS3
etag: W/"b1a109f5cecfeceedd64b1eed6abd59b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: EfcSyT1FJ4XFHcLaGhut5v2mFXRrmi5F3WeunRtP3XpWIDMsPZi7BA==

GET
H2 200 framework-cb56bbd89447d6f3.js Show response
www.pelago.co/_next/static/chunks/ 127 KB
42 KB 223ms
220ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/framework-cb56bbd89447d6f3.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d31c54eba5932384818bcab1ceeb0194618676fa9ce87e12da511cb6ccf0e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:17:13 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 71350
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:42:24 GMT
server: AmazonS3
etag: W/"ac2acd5f4a8273ab4841c66e4c871488"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: 7kka_LxSWziZBWO_HeUBZQ_w6nzV1I69ifZYCYpGKZqyL493HpNmmg==

GET
H2 200 main-8cc14c8525cea359.js Show response
www.pelago.co/_next/static/chunks/ 118 KB
31 KB 224ms
220ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/main-8cc14c8525cea359.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

529efab20f3260d4417d5f0d8928da34befbd0bf416fa72b23fc511a486e801e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:02:32 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 18132
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:42:24 GMT
server: AmazonS3
etag: W/"276199584f3bf4fbdc27e753ffe89416"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: qXRm6t8rhD-YmCzX7On7JxbsZdgXKMf_0jRaJK4dhs3wMZwlcSyhCQ==

GET
H2 200 _app-fb839964026f0863.js Show response
www.pelago.co/_next/static/chunks/pages/ 806 KB
207 KB 224ms
220ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3a661aa8638d8a55f7024f307d71949b0df0dd65cf731a8f1b1e3d08b04dcc88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:32:02 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23562
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:31:39 GMT
server: AmazonS3
etag: W/"91ea4c29f588cf74f9a13772bfbf5b17"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: VPzWoLiSVRR_eBR_NI6Qif2XDbna2x6GgDSHbol0-yx5yHgsZKvxsg==

GET
H2 200 90326-3c0a1749d2f4650d.js Show response
www.pelago.co/_next/static/chunks/ 83 KB
22 KB 224ms
221ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/90326-3c0a1749d2f4650d.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c22264de3f3185afd9db19573b2795d2b5169e7684c04aea00ef087ad6d16647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:04:03 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 25241
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Nov 2023 10:34:45 GMT
server: AmazonS3
etag: W/"b22a58a4b15b147819f1a1fdd6f1a355"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: Rkc-6i_uSmHuCq-Ji6eDmAJT0H6bXooPpDs4jClThIe8fD9iaFIicQ==

GET
H2 200 56213-445f2827d44222e2.js Show response
www.pelago.co/_next/static/chunks/ 20 KB
7 KB 224ms
221ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/56213-445f2827d44222e2.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e94ae0913859d83769af1323a9bedc8a5b1dad100e40920ac5d816bffe62d509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:16 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23608
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:30:40 GMT
server: AmazonS3
etag: W/"2dd16708b3ece3b525f325ec1ecf098e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: eudKPTGRwj1xQJhUkzcJX_m3cYJPcpn1sUsA_JeY7bpqNB_Q-WxoQA==

GET
H2 200 48983-48cc7801d5757e50.js Show response
www.pelago.co/_next/static/chunks/ 80 KB
22 KB 224ms
222ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/48983-48cc7801d5757e50.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0fdb4fa7d305ed5df48f2be96e7d053787b2280207622e1a7b963ed1f2cbe6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:16 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23608
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:30:29 GMT
server: AmazonS3
etag: W/"9a7e31917e82858ab795d356f082c32a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: 4yYU42P-MN2LIDT5wrR4dRcdosrOGo2xHsxoqPwZD4lvHQlR9GPHiQ==

GET
H2 200 index-857233fccc4d8a30.js Show response
www.pelago.co/_next/static/chunks/pages/ 95 KB
23 KB 224ms
222ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/pages/index-857233fccc4d8a30.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

785e455a998e6fab32ea68155089996ef809d2ec0522e81516aa913dac041c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:35:49 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23335
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:31:41 GMT
server: AmazonS3
etag: W/"bece7d27e016601d2477aeeaedb9ea08"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: TJW6s3OVaxJIJU1IlhLdKg_G2QdfW0E83AMOaz0ocxcFGvNBO3UjJA==

GET
H2 200 _buildManifest.js Show response
www.pelago.co/_next/static/I8DvTon72DDsxqy5fKv1j/ 12 KB
3 KB 224ms
222ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/I8DvTon72DDsxqy5fKv1j/_buildManifest.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

11eb97ce83999814f95b9226576f2efbb2293b6b861f55e3637c70400ec8c5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:31:16 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 23608
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:29:39 GMT
server: AmazonS3
etag: W/"5ff9ba901b2706020498ede1f52e3cd6"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: IpGS9ZK402rKtbxv-7pFmFqoExIeIWfqo0FS2e956H_3FlSkJr-PmQ==

GET
H2 200 _ssgManifest.js Show response
www.pelago.co/_next/static/I8DvTon72DDsxqy5fKv1j/ 142 B
675 B 225ms
223ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/I8DvTon72DDsxqy5fKv1j/_ssgManifest.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5de4b509121ea99acb680043614016f91fd514c4a8e9f930ec59b7b03f2dd1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:55:48 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 14936
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 142
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:29:38 GMT
server: AmazonS3
etag: "90e57f91d5c3ac6ed75c9bd07718202c"
x-frame-options: DENY
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: TDtLWjoDlj2nAhmUcBZm_XNyQwzIeUGyJizLpLA0V_sTu8IQkdTSww==

GET
H2 200 _middlewareManifest.js Show response
www.pelago.co/_next/static/I8DvTon72DDsxqy5fKv1j/ 152 B
684 B 224ms
223ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/I8DvTon72DDsxqy5fKv1j/_middlewareManifest.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0486f4b18b3dd326cc8c716a0568ad41de8dc36e168a711871034149a3676c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:55:48 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 14936
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 152
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:29:39 GMT
server: AmazonS3
etag: "1fe1b6eaf7e1409dc7eebe772bb5859e"
x-frame-options: DENY
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: HBZ667uQOgY-g8ChsMedPyr6FmVue5KU_pLfSpCCHrPEsBNidvlOcg==

GET
H2 200 first-fold-desert-xlarge.webp
www.pelago.co/img/home/ 936 KB
938 KB 85ms
85ms Image
binary/octet-stream 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/home/first-fold-desert-xlarge.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

58a0a25af7bf3fbec8e039709d5e840c6b578a04904669ee22d33e51660201e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 16:26:45 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 77878
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 958940
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 Oct 2023 10:22:01 GMT
server: AmazonS3
etag: "9db151e9ae962ac61736baf916398068"
vary: Accept-Encoding
x-frame-options: DENY
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: KEePSCdblalge6x-r4gHlRM7nQaTVvoYZGe8aOA9jI0a_5QRSKdDTQ==

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
31 KB 155ms
51ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:44:03 GMT
x-content-type-options: nosniff
age: 508840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31040
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:15:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:44:03 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 219ms
136ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:49 GMT
x-content-type-options: nosniff
age: 94134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33148
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:55:49 GMT

GET
H2 200 pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilntw.woff
fonts.gstatic.com/s/nunitosans/v15/ 45 KB
45 KB 179ms
105ms Font
font/woff 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilntw.woff

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9ba6d984d2808a3f17ff083ae0ad2b1c9bbe22974e1a23e33432b3a3fa1d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:05 GMT
x-content-type-options: nosniff
age: 94958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45884
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:25:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 11:42:05 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t6R-tQKr51pE8.woff2
fonts.gstatic.com/s/nunitosans/v15/ 10 KB
10 KB 165ms
97ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t6R-tQKr51pE8.woff2

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166048b1b494b546d686a6442bac330a2ffeaa0afaf5a58d7ed0116d602296d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:33:01 GMT
x-content-type-options: nosniff
age: 585102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10280
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:24:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 19:33:01 GMT

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 590ms
201ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 584ms
200ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 583ms
200ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 579ms
200ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 576ms
199ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 578ms
201ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 576ms
201ms Preflight
text/html 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.co
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:44 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-country-code: DE
x-country-code3: DEU
x-country-name: Germany
x-frame-options: deny
x-latitude: 51.2993
x-longtitude: 9.4909
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 560 KB
155 KB 141ms
53ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

aa5b7d455b609e53a68508609259a6d20342b2ce20f47f4abee38e513060eefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 14:04:44 GMT
via: 1.1 varnish
age: 15
x-cache: HIT
content-length: 158212
x-request-id: 238c89f4-0483-4ec0-aa02-de3e0e5ebb99
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Thu, 30 Nov 2023 22:48:03 GMT
server: Fastly
etag: "50e37c0acb791e8dd5bd945768f58f27"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 0b7590afe82207cc.css
www.pelago.co/_next/static/css/ 4 KB
1 KB 41ms
41ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/0b7590afe82207cc.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-747449a7f72c0fca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9de0622588292a819a585fe4214453b3c285ce70f145874f065bd8f560d082e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:59:35 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 54367
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:42:27 GMT
server: AmazonS3
etag: W/"4acc2c2b0f4704740fa8e6342363d0e9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: lLLgBj1bRbtfys4K2XCdGpUtJJesaenlna2EJzHCmKDkY-E7XJXqkg==

GET
H2 200 3205.e4435be0b9c0d494.js Show response
www.pelago.co/_next/static/chunks/ 4 KB
2 KB 42ms
42ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/3205.e4435be0b9c0d494.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-747449a7f72c0fca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c22d548d81553d44b569a214db91f0e467bdf6d5edf1deb92bfb338412b902c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 07:27:43 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 27587
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:40:52 GMT
server: AmazonS3
etag: W/"4a468837d7b1364cfa747e9eae0e6173"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: oxEnuQIZaScU6ViolMI5OGVypV4dhUQhVROoiQAtBqpuy7h86ASvKA==

GET
H2 200 8121-3ce2125e2e82dfca.js Show response
www.pelago.co/_next/static/chunks/ 76 KB
21 KB 44ms
43ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/8121-3ce2125e2e82dfca.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-747449a7f72c0fca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

11e205470edb14c2047f28dfeb5f97f5592e3cddd31344057af385c26e245594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 13:04:33 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 4037
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:41:56 GMT
server: AmazonS3
etag: W/"54242ed7640249ecf13a6b8e76b15fb5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: RYl10AdqW46KIADqAcX5ubwDhnqZFT6AfhT1uQ_QDX6m-IuZ_R2onA==

GET
H2 200 ac778a26e63c2eec.css
www.pelago.co/_next/static/css/ 49 KB
6 KB 42ms
41ms Stylesheet
text/css 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/css/ac778a26e63c2eec.css

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-747449a7f72c0fca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f5259b73e08ddae2172be725c422c5f128d05e0d0e7901a3e705cf378f2ee03a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 05:32:52 GMT
content-encoding: br
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 31309
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:42:28 GMT
server: AmazonS3
etag: W/"99a22df4bba2b222ef49ac644198e4ad"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: KxTrcQ_JHXiPkqkGDkvwQn7S980AvGSEaRhzVsL89_9hCRJKPhXKlQ==

GET
H2 200 2979.a8683693470a011d.js Show response
www.pelago.co/_next/static/chunks/ 3 KB
2 KB 44ms
43ms Script
text/javascript 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.co/_next/static/chunks/2979.a8683693470a011d.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/webpack-747449a7f72c0fca.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b59d9fa595ca82d47dc30ce80d462c2c8b00fe3a37f9dd7256bd5c571dd88c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:30:34 GMT
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 27587
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Nov 2023 08:40:48 GMT
server: AmazonS3
etag: W/"f9c20405ec4ea82a63d582d476a36c19"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: pjCFsdp2c781rPbmfhBAlplpWelSHxtZweprOfHsnGaQGc6JqnKEww==

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 377 B
1 KB 206ms
203ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

4a0c4edb7f10add38d24ba7f4554b0ecae169ae8c57ebc1386cd34941edb3cb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
x-permitted-cross-domain-policies: none
x-region: 00
content-length: 377
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
97 KB 163ms
75ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d969d7b7718eaa80ac55794c1668bc7b3fce47a81bee531323d9289f7d2262db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98711
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Dec 2023 14:04:44 GMT

GET
H2 200 266d7e06652349d3a77d6f3921924a65.min.js Show response
js.sentry-cdn.com/ 2 KB
2 KB 178ms
58ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/266d7e06652349d3a77d6f3921924a65.min.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/main-8cc14c8525cea359.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0b547193d6534da2846aa4911ae085d40edbad97fcf60105b30bd85a95b43f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .sentry.io; style-src 'unsafe-inline' ; object-src 'self'; media-src ; frame-src js.stripe.com sentry.io app.pendo.io; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; font-src data:; img-src blob: data: *; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=f8f210669be3d8aa24a3edaec1db724e25ba1d7c
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.co/en-MY/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.sentry.io; style-src 'unsafe-inline' *; object-src 'self'; media-src *; frame-src js.stripe.com sentry.io app.pendo.io; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; font-src * data:; img-src blob: data: *; base-uri 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=f8f210669be3d8aa24a3edaec1db724e25ba1d7c
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 14:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 441
x-envoy-upstream-service-time: 18
content-length: 1216
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-7c6b79b85d-wncld, cache-chi-kigq8000058-CHI, cache-sof1510034-SOF
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 s.js Show response
cdn.sift.com/ 62 KB
21 KB 136ms
40ms Script
application/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sift.com/s.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/main-8cc14c8525cea359.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 15:57:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 166064
x-guploader-uploadid: ABPtcProSy-l40aU7MVKTPcoUCdazA7k4U-Yz99T_KUxyA_bUv7iZ3ap2BDvALH-vgmvZnlkooYMNgTHVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20500
last-modified: Tue, 28 Feb 2023 22:39:30 GMT
server: UploadServer
etag: "476f50cbc514dd2a147e8856d7d6a2eb"
x-goog-generation: 1677623970358201
x-goog-hash: crc32c=v7KhDA==, md5=R29Qy8UU3SoUfohW19ai6w==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20500
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 28 Nov 2024 15:57:00 GMT

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 21 KB
3 KB 336ms
332ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

0cb1c95cf9b0326b053cbcdffa448c2adc60675559ff00ab10a1ecfb1503115a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 29 KB
4 KB 307ms
304ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

e7c7037b98b3529a486cc0ea34f9e13ea4c997cc196c8649c7eff2a9f18f7605

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 7 KB
2 KB 222ms
217ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

e431f3c32102b73a2d03b731bd9d3bb8db101c82fd615c7a979543d5e5476ead

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 3 KB
3 KB 212ms
207ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

fd8b7d4177953458266aef394a4a23d5d9029583bc164454bc8e782cb5339213

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
x-permitted-cross-domain-policies: none
x-region: 00
content-length: 2645
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 23 KB
3 KB 578ms
576ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

b1410573aef92e8cffdef33a29b7b5cc80f428267222d2e63461d05fe555a3b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 22 KB
3 KB 442ms
439ms Fetch
application/json 3.33.166.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.166.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

65c50ca447ab9b7546430413659b39f109973e98600a791122c6fc5bd25bd12b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-MY
x-ds-session-id: 7543e7a9-7612-4e37-b47f-d2543a812b08
accept-language: de-DE,de;q=0.9
x-geo-country-code: DE
x-currency-id: EUR
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
x-ds-user-id: ed03b5c5-c588-4084-9b40-cbcc859fe320
content-type: application/json
accept: */*
Referer: https://www.pelago.co/en-MY/
x-geo-latitude: 52.5203
x-geo-longitude: 13.3849

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-region: 00
x-xss-protection: 1; mode=block
x-country-name: Germany
referrer-policy: no-referrer-when-downgrade
x-country-code3: DEU
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.co
x-latitude: 51.2993
access-control-allow-credentials: true
x-longtitude: 9.4909
x-country-code: DE

GET
H2 200 client Show response
accounts.google.com/gsi/ 205 KB
79 KB 179ms
86ms Script
application/javascript 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/chunks/pages/_app-fb839964026f0863.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1da78f9ed9515ff6089572e6a16cba60a7a2e8c33671b9e7d9680c38e5661384

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qdHHrPnlmtZmJihp5J87SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-qdHHrPnlmtZmJihp5J87SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 01 Dec 2023 14:04:44 GMT

GET
H2 200 main.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 250 KB
84 KB 161ms
54ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387220e5ea3cf0699385ae55b1499cf13b85ab36e38f4eac828642b60b26d4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pEXwkCZUUTdKulvZn0CRuA==
age: 11332
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: afcaaf87-501e-0031-5490-223f49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe189da106ae1-FRA
expires: Fri, 01 Dec 2023 14:34:44 GMT

GET
H2 200 321494.gif
hexagon-analytics.com/images/ 43 B
288 B 237ms
132ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/321494.gif?bk=624cef0805&tm=39&r=791661788&v=106&cs=UTF-8&h=www.pelago.co&l=en-US&S=4b7f25282ddd44da0463437cee7d61fa&uu=8cb0d16e94b2a0427e390f2f93e8cbf&t=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&u=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&nm=4&mh=fe407dda3b01b3e3c72476fe7bf9f870&np=3&ph=596d9e73a4a75c4ceee60ad7b54864b3&sh=1200&sw=1600&cd=24&p=Win32&to=-60&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=4&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=64d58bfddb44af6942e7931de5174ca7&z=z

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:44 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.30.0/ 64 KB
20 KB 58ms
57ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.30.0/bundle.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/266d7e06652349d3a77d6f3921924a65.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pelago.co/en-MY/
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 13 Jan 2021 11:56:10 GMT
server: Fastly
age: 2015942
etag: "04b019bffe49eb67f99f006a2571cc0e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20120
expires: Wed, 17 Jul 2024 06:44:56 GMT

GET
H2 200 ym_base.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 21 KB
5 KB 57ms
55ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_base.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0b9ce42fd95b0a97adf836e9a28dfe66eb339000e163066c546e23e6a29d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: YWfULId6snMZSR1Q6o0Lqg==
age: 11324
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0692175c-101e-0057-7f90-225b7b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe18abb2c6ae1-FRA
expires: Fri, 01 Dec 2023 14:34:44 GMT

GET
H2 200 animate.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 85 KB
7 KB 55ms
54ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/animate.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2bTvtNNuzKvw7yv3+oAYZQ==
age: 12146
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ee32aa66-101e-0012-4458-23b278000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe18abb2f6ae1-FRA
expires: Fri, 01 Dec 2023 14:34:44 GMT

GET
BLOB 200
OK c8ee0e2f-3d1c-4216-8cd5-ccb45006526a
https://www.pelago.co/ 66 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.pelago.co/c8ee0e2f-3d1c-4216-8cd5-ccb45006526a
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en-MY/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb6fb55093df3f8539c0240c7928f0a89a09d8b146921466e6ab9f7853e425b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 66
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
84 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8891559ce4daa6a3f73eef54008246af3fe4758e2aeb20a1f6cbdf35d0226963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 14:04:44 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/331425177/ 3 KB
2 KB 140ms
52ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/331425177/?random=1701439484711&cv=11&fst=1701439484711&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v833390310&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&auid=1478998456.1701439485&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

147d6b7575d25b4f6a0006238f3a4a0872015c0c6e373fc59f4de842b7ffd753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1273
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 234ms
107ms Script
application/javascript 23.212.204.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.204.55 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-204-55.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 01 Dec 2023 14:04:44 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 08 Dec 2023 14:04:44 GMT

GET
H2 200 shim.js Show response
cdn.sprig.com/ 320 KB
97 KB 140ms
39ms Script
application/javascript 13.32.27.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=uZwGPwBJqTWL
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22fd6b8e9d9417522898862517654fef8ab1c1a4322d3b410f52cb2e38fbdd49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 21:17:59 GMT
x-amz-version-id: Cb1GRiO580oijUjW_jsJa25.YTLlPQdw
content-encoding: br
last-modified: Tue, 21 Nov 2023 21:01:08 GMT
server: AmazonS3
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"79f9ab8c6e539e62818359749761803d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 60406
cross-origin-resource-policy: cross-origin
x-amz-cf-id: IqTBlQ3vgcMacLQ7WlMHURtBqsaWUoCMzEbBL-zUW126oTIaDFUobw==

GET
H2

200

activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;... Show response
4645703.fls.doubleclick.net/ Frame 9F6C
Redirect Chain

https://4645703.fls.doubleclick.net/activityi;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab...
https://4645703.fls.doubleclick.net/activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1...

501 B
636 B

112ms
97ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4645703.fls.doubleclick.net/activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

398efdf7010a818046ca13a413b21eb5f3007ee5502e8f57dc2ef604a4145b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.co/en-MY/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 298
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 14:04:45 GMT
expires: Fri, 01 Dec 2023 14:04:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 14:04:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4645703.fls.doubleclick.net/activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 19 KB
7 KB 177ms
40ms Script
application/javascript 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36ace6e4c38fc4c8a5904f8acd8359f20b14394d5f6177bde16607d10e0c1f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 14:04:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 11:06:08 GMT
Server: AmazonS3
x-amz-request-id: 5APSVJK4ESKKAWVZ
ETag: "defce75bc9a27c30948c8dc044bb8873"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=125
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6208
x-amz-id-2: J7rLBnESYulS/DLz/H/cDFTGWUu+mw9vpwLlLimFhVZbfqkWhXZbDsSEkhEcECnJ79QkyYoeE3o=

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 124ms
42ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 14:04:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: fzMoiO3e6TfzoQQmYsPWXvKzRw4MR5Nzxo+Hg3lYdBFRt8CAc6fNT36sS776LP8G37oRZAKCDaZkdoRSuZ6vTA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 264ms
142ms Script
application/javascript 23.37.226.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAP8FP3C77U56BB6BKP0&lib=ttq
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en-MY/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 71d12a87cf335477a81b90bcfd05525bc4900a342f4a2aeff0eba366656b5131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 98f2dd41.a3ff701
date: Fri, 01 Dec 2023 14:04:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-183.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 96,23.37.226.183
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=8, inner; dur=3
content-length: 1336
pragma: no-cache
server: nginx
x-tt-logid: 2023120114044411708903A15F5BA4630E
x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.48.100.71
x-tt-trace-host: 01b5611c10e67fd7b62b972475fb95eb1e5119983893d613c926665460178b7241daab716272ee1decbdd1a91abff0f99a005a9e0be86ee5b840d50e4f0f94296fd7d45810ba6e59c0afe2437f3a04960ea51c8559c8793a8a305facfbd816b2e7d7cfb978ed63ed74e296f60b1340fc6a
expires: Fri, 01 Dec 2023 14:04:44 GMT

GET
H2 200 track.js Show response
assets.customer.io/assets/ 7 KB
3 KB 156ms
41ms Script
application/javascript 2600:9000:223c:4e00:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en-MY/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4e00:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: YnPUbk.59KSLpiqsKMfvCCZt1qaij9rt
content-encoding: br
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 01:12:51 GMT
last-modified: Fri, 11 Aug 2023 18:01:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 46342
x-amz-server-side-encryption: AES256
etag: W/"92f4f643083ddfd3fc572a181243cb46"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zK4Z1JiHSjDvbzXOCb1nhWaDhgFOvj4X8GwuiAPj1nQm1mk9uyExLA==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 154ms
44ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:38 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: WFP4CGFJ2PC3KKAR
age: 7
x-amz-server-side-encryption: AES256
x-amz-id-2: pwh3rK97bihQNxrwX+ntWjiA3+HnmGfyDtC1XVIRy5mh364bI4PGbDG0Znqz8CaJgN/liM/L5Rg=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 68902.html Show response
static.sojern.com/cip/a/ Frame F902 3 KB
4 KB 298ms
195ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en-MY/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: dc6658a0cd798fc6a50a1fee974fb6821cec8877c4763c47371afee9dc81df53

Request headers

Referer: https://www.pelago.co/en-MY/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 3370
content-type: text/html
date: Fri, 01 Dec 2023 14:04:44 GMT
etag: "9f5ca46ddd98784a01a3cf573326e694"
expires: Fri, 01 Dec 2023 15:04:44 GMT
last-modified: Fri, 08 Sep 2023 05:33:33 GMT
server: UploadServer
x-goog-generation: 1694151213443616
x-goog-hash: crc32c=hcUusg== md5=n1ykbd2YeEoBo89XMybmlA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3370
x-guploader-uploadid: ABPtcPoykqRf-byM_EKo5umNw1uZJ7JdOyFJNC7rSVW_eIiLyKTsGqvSAmngD9QY5_UmRlIg1sg

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 176ms
69ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 01 Dec 2023 14:04:44 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B4BD471E3C44B82AB9EE37B06813CA6 Ref B: FRA31EDGE0616 Ref C: 2023-12-01T14:04:44Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13187

GET
H3 200 widget.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 641 KB
195 KB 63ms
63ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d8fa786e9b66b6dac1fa2739e7db40ba1a9401da0e11c6f26cf8e659c187001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: +wH/2hWX6zYz2g7RinQIkg==
age: 11398
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 29329e38-901e-0011-7390-224118000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe18c1d9d6927-FRA
expires: Fri, 01 Dec 2023 14:34:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 280ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-TJ6G1HY8VL&gtm=45je3bt0v877721759z8833390310&_p=1701439484320&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2136693410.1701439485&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1701439484&sct=1&seg=0&dl=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&dt=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&en=page_view&_fv=1&_nsi=1&_ss=1&up.user_id_dimension=&up.customer_id=&tfd=3400
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pelago.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 281ms
48ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJ6G1HY8VL&cid=2136693410.1701439485&gtm=45je3bt0v877721759z8833390310&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pelago.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 271ms
64ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TJ6G1HY8VL&cid=2136693410.1701439485&gtm=45je3bt0v877721759z8833390310&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1229850260

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/331425177/ 42 B
455 B 240ms
52ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/331425177/?random=1701439484711&cv=11&fst=1701439200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v833390310&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&fmt=3&is_vtc=1&cid=CAQSGwDICaaND3x5m13n2_xqE6ljK1eAI__xt9H1Ug&random=3097915122&rmt_tld=0&ipr=y

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/331425177/ 42 B
455 B 236ms
53ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/331425177/?random=1701439484711&cv=11&fst=1701439200000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v833390310&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&fmt=3&is_vtc=1&cid=CAQSGwDICaaND3x5m13n2_xqE6ljK1eAI__xt9H1Ug&random=3097915122&rmt_tld=1&ipr=y

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 132 B
570 B 274ms
90ms Fetch
application/json 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&buyer_pixel_id=10279
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 497276ccb1ba5b1b33a14f7a4b3b3ab3de1ed0595dc28ad219547d3c660c7254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Dec 2023 14:04:45 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pelago.co
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 132
Expires: Fri, 01 Dec 2023 14:04:45 GMT

GET
H2 204 343065587.js Show response
bat.bing.com/p/action/ 0
117 B 65ms
65ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343065587.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 01 Dec 2023 14:04:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AEEAE6B22704485290415A2928956F0C Ref B: FRA31EDGE0616 Ref C: 2023-12-01T14:04:44Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 141ms
141ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343065587&Ver=2&mid=4dd6b101-219a-47db-84b5-28859a7a664f&sid=9490ab10905211ee8ec74102559ad42e&vid=9490ba20905211eeb10423ab02a38162&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Book%20activities,%20attraction%20tickets,%20and%20things%20to%20do%20-%20Pelago&p=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&r=&lt=2884&evt=pageLoad&sv=1&rn=140120

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 01 Dec 2023 14:04:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 912DACA8EB0744CEB60C71666670A15D Ref B: FRA31EDGE0616 Ref C: 2023-12-01T14:04:44Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10193912.json Show response
s.yimg.com/wi/config/ 2 B
450 B 123ms
44ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10193912.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 13:57:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TPDTH3PX3QH0CZ3Q
age: 415
content-length: 2
x-amz-id-2: EMbobi/T4MxZHpvyz56eb4ylrOHbzG70MaJGxby3zxpKN8PGzz2nOAjvWoPllFZrLxBuGIti0zA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 954065941605939 Show response
connect.facebook.net/signals/config/ 142 KB
37 KB 44ms
43ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/954065941605939?v=2.9.138&r=stable&domain=www.pelago.co

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

829d528271a0c1ed89551351a0abd2c9945815c9312d7e7147139ca259ef5f65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 14:04:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37531
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ZAroKhHbrS9MQvCpJ0/JGPs/D6V6K6JmHgOf1epvKwOwzKZ3QXwkx+uQyK3qSiyRKA8oGOSAi9a81NVxoz932Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
107 KB 45ms
45ms Script
application/javascript 23.37.226.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAP8FP3C77U56BB6BKP0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: a3ff7cc
date: Fri, 01 Dec 2023 14:04:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073129780A3F3683F2E9FD5670
vary: Accept-Encoding
x-cache: TCP_HIT from a23-37-226-183.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011e6820de766e7e9cca50b97b86c5a7ca07b1092ea92c51e70015cc8dc7412fa9a886a5eb65803256f03b544450304ee56cb21fd40eb5919db9f59370358ff40e8b13e69219cb1c6acbd095f1feda57123c9f3923ca2c408ed73575df62a2dad5
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=17
content-length: 108589

GET
H3 200 ym_toast.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 2 KB
1 KB 57ms
55ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_toast.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb7b8e75aeed9f256b52399a58d93fa435271ebb9980d137f4cd13e8d5d9507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 3A2lA4CqeIs9tb7x4ABK2g==
age: 11399
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0cb35e8c-a01e-0009-3790-22d91f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe18dfffd6927-FRA
expires: Fri, 01 Dec 2023 14:34:45 GMT

GET
H3 200 ym_skeleton.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 3 KB
1 KB 54ms
54ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_skeleton.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80516de91a75aa829e48e275af0f36146f861f6d801eb9f274527c2e0efd1216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: A05Tnclh8S4TRZiqxRyuAw==
age: 11399
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c193730b-a01e-006b-1690-225681000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe18e080e6927-FRA
expires: Fri, 01 Dec 2023 14:34:45 GMT

GET
H2 200 hasher.js Show response
static.sojern.com/cip/ Frame F902 18 KB
18 KB 41ms
40ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/hasher.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 13:22:27 GMT
age: 2538
x-guploader-uploadid: ABPtcPqNXWzqoLjQaXvCuuzmk-qe47WFtwuRKMmSaf6jC7ubDff-SqFXoAXSC_ZTbiNd_eG6kl_-N035xQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18469
last-modified: Tue, 07 Dec 2021 16:23:19 GMT
server: UploadServer
etag: "676881567863e15eb1b6aa81b384455c"
x-goog-generation: 1638894199335821
x-goog-hash: crc32c=T9fXIw==, md5=Z2iBVnhj4V6xtqqBs4RFXA==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 18469
accept-ranges: bytes
expires: Fri, 01 Dec 2023 14:22:27 GMT

GET
H2 200 create_params.js Show response
static.sojern.com/utils/ Frame F902 4 KB
4 KB 55ms
54ms Script
text/javascript 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/create_params.js
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 13:34:32 GMT
age: 1813
x-guploader-uploadid: ABPtcPokazr5wvwjQ5d2xrUetN-bySG5I6IxDIwg-tabfP32nIp8ZA8EE0OrEgsjkf5f11CGBeU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
last-modified: Mon, 06 Nov 2023 11:24:16 GMT
server: UploadServer
etag: "2b163d716f1c21a97c6c0251b281d84b"
x-goog-generation: 1699269856296451
x-goog-hash: crc32c=/7KU3A==, md5=KxY9cW8cIal8bAJRsoHYSw==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4169
accept-ranges: bytes
expires: Fri, 01 Dec 2023 14:34:32 GMT

GET
BLOB 200
OK b3c08362-e979-400a-8ecc-4223d5fbdb09
https://www.pelago.co/ Frame A056 66 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.pelago.co/b3c08362-e979-400a-8ecc-4223d5fbdb09
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en-MY/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afb6fb55093df3f8539c0240c7928f0a89a09d8b146921466e6ab9f7853e425b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 66
Content-Type: application/javascript

GET
H2 200 dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=*;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;...
adservice.google.com/ddm/fls/z/ Frame 9F6C 42 B
401 B 164ms
76ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=*;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F

Requested by

Host: 4645703.fls.doubleclick.net
URL: https://4645703.fls.doubleclick.net/activityi;dc_pre=CLTK6oC07oIDFQwOogMdpwsLBA;src=4645703;type=siaco0;cat=phd_s0b1;ord=7360615533053;auiddc=1478998456.1701439485;gtm=45He3bt0v833390310;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4645703.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 202ms
63ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2001%20Dec%202023%2014%3A04%3A45%20GMT&n=-1&b=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&.yp=10193912&f=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 01 Dec 2023 14:04:45 GMT

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
289 B 1287ms
440ms Fetch
application/json 54.169.93.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.93.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-93-153.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.co/en-MY/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
x-amzn-trace-id: Root=1-6569e7fe-12d606ed2dc3cecb42b75ed9;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 75c3dfa2-7c20-47a6-aeef-c04d39ba76d9
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PREvyHC9yQ0EQqg=
content-length: 29

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
288 B 1382ms
536ms Fetch
application/json 54.169.93.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.93.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-93-153.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.co/en-MY/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
x-amzn-trace-id: Root=1-6569e7fe-0bd371b36d1306e2646118ee;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: d540de05-c374-4544-9637-09880e8c5258
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PREvyE3SyQ0EbKA=
content-length: 29

GET
H2 200 rating-stars-empty.svg
www.pelago.co/ 4 KB
4 KB 544ms
543ms Image
image/svg+xml 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/rating-stars-empty.svg

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/css/8ef90621f6ebc8f5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

CloudFront /

Resource Hash

f3601deda38558b1705e1e4506c4e116875714a890c35b38e4170ee8803175a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-b8ebcbe7-31ef-4e31-8ba3-74aca1b9e380' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/_next/static/css/8ef90621f6ebc8f5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-b8ebcbe7-31ef-4e31-8ba3-74aca1b9e380' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:20:20 GMT
server: CloudFront
etag: W/"ede-18c243ff320"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: FKUXGkEO1ZJKeu0hClNXU7i9w4rdqkSg_naWXmTy6BsCGmbshzWjyQ==

GET
H2 200 rating-stars-filled.svg
www.pelago.co/ 3 KB
4 KB 523ms
522ms Image
image/svg+xml 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/rating-stars-filled.svg

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/_next/static/css/8ef90621f6ebc8f5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

CloudFront /

Resource Hash

725406802328f7b86a22825fae66633afa06e6114bbdace1ea6c7f09b51cc3d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-b8ebcbe7-31ef-4e31-8ba3-74aca1b9e380' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/_next/static/css/8ef90621f6ebc8f5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
content-security-policy: default-src 'self'; script-src 'self' *.pelago.co *.zopim.com 'strict-dynamic' *.stripe.com 'unsafe-eval' 'nonce-b8ebcbe7-31ef-4e31-8ba3-74aca1b9e380' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com *.yellowmessenger.com; connect-src 'self' about: *.teads.tv s.yimg.com *.pelago.co *.zopim.com *.yellow.ai pelago.pxf.io bat.bing.com *.sprig.com www.facebook.com ekr.zdassets.com *.ingest.sentry.io *.doubleclick.net analytics.tiktok.com pixel.quantcount.com *.google-analytics.com *.googletagmanager.com *.analytics.google.com *.zendesk.com translate.googleapis.com messaging.messagebird.com *.googlesyndication.com wss://*.cloud.yellow.ai wss://*.zopim.com wss://*.zendesk.com livechat-metrics.messagebird.com *.google.com *.google.com.au *.google.com.sg fonts.googleapis.com *.csftr.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; frame-src 'self' about: *.pelago.co *.teads.tv js.stripe.com hooks.stripe.com *.google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com *.doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com *.yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 01 Dec 2023 07:20:20 GMT
server: CloudFront
etag: W/"c14-18c243ff320"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: mXkALjCWNtfDl_ZgBGK6bYeI7SN766rwEJC7jzSRl9N9NpFVLf83dg==

GET
H3 200 widget-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 118 KB
20 KB 62ms
61ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

446252d5c737f291e338263fa01b35c50a72679375f61ab8cf68a2a95c5d2382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: OQ7erwGGJ21zaPweBk31dA==
age: 11398
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8a44e8ac-d01e-0015-1f90-22aab4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe18f193c6927-FRA
expires: Fri, 01 Dec 2023 14:34:45 GMT

POST
H2 200 bot-load-details Show response
r0.cloud.yellow.ai/api/plugin/ Frame A056 1 KB
736 B 455ms
454ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/bot-load-details?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

274cefe3b194d4513bc0a8f8d56eaef37295c69c37862646119260a2d76f67e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"584-aWHze3E9RJ1OfAGgAG4zYNhJda4"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82ebe1928c9e1e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

OPTIONS
H2 200 bot-load-details
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 553ms
448ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/bot-load-details?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe18fb9161e32-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:45 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 track
t.teads.tv/ 23 B
134 B 207ms
72ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.15.2_12a9676&provider=tag&buyer_pixel_id=10279&referer=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&user_session_id=f722c825-b01d-4d23-9550-3cc457159d06
Requested by: Host: www.pelago.co
URL: https://www.pelago.co/en-MY/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 01 Dec 2023 14:04:45 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 122ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954065941605939&ev=PageView&dl=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&rl=&if=false&ts=1701439485314&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701439485308.1946033640&hmd=8439d081918720491cd38e25&pl=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&ler=empty&it=1701439485001&coo=false&tm=1&rqm=GET

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 14:04:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 123ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954065941605939&ev=Microdata&dl=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&rl=&if=false&ts=1701439485317&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago%22%2C%22meta%3Adescription%22%3A%22Discover%20and%20book%20a%20wide%20range%20of%20travel%20activities%2C%20attraction%20tickets%2C%20and%20tours%20with%20Pelago%20by%20Singapore%20Airlines.%20Find%20the%20best%20things%20to%20do%2C%20events%2C%20and%20sightseeing%20tours%20for%20your%20next%20adventure%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F%22%2C%22og%3Adescription%22%3A%22Discover%20and%20book%20a%20wide%20range%20of%20travel%20activities%2C%20attraction%20tickets%2C%20and%20tours%20with%20Pelago%20by%20Singapore%20Airlines.%20Find%20the%20best%20things%20to%20do%2C%20events%2C%20and%20sightseeing%20tours%20for%20your%20next%20adventure%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.pelago.co%2Fimg%2Fhome%2Ffirst-fold-valley-small.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Pelago%22%2C%22url%22%3A%22https%3A%2F%2Fwww.pelago.co%2F%22%7D%5D&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1701439485308.1946033640&hmd=8439d081918720491cd38e25&pl=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&ler=empty&it=1701439485001&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 14:04:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 45ms
45ms Script
application/javascript 23.37.226.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: a3ffa19
date: Fri, 01 Dec 2023 14:04:45 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073131A1D180BE412304DCC044
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-37-226-183.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 012587b4bf928d5f1414ef23132750851ec18c1120c0b0084770817d3e57d2942779cc41a1a367d96dfc45833deb7c2dcb7678e988fba8f304bd661ffeac74d700ff8824919da9ef77be3cc0998f63adda057ee8776251547f1f3af1e57a005179
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 36238

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
791 B 179ms
178ms Ping
text/plain 23.37.226.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.co/en-MY/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c4638b04.a3ffa78
date: Fri, 01 Dec 2023 14:04:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-183.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 125,23.37.226.183
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=36, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231201140445E065F9C649DA1B2FC9AB
x-cache-remote: TCP_MISS from a23-48-100-80.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 36,23.48.100.80
x-tt-trace-host: 01b5611c10e67fd7b62b972475fb95eb1e5119983893d613c926665460178b7241d3158810e5a2df9659cfd54ed99f85dc1ad163c33245a55b0f6eb9c615c3d73b8d281eb785a6282a7251b883bebea223cbd3604aa7c28130a3dc114c4e90e3bc895d9d51292532e314a720a04a99144e
access-control-allow-headers: Authorization,*
expires: Fri, 01 Dec 2023 14:04:45 GMT

GET
H2 200 351792 Show response
beacon.sojern.com/pixel/p/ Frame F902 4 KB
1 KB 150ms
50ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/351792?f_v=v6_js&p_v=1&f_v=v6_js&cid=&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&auto_out=email&s=%7Cauto_out_email&et=hc
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: d3b25e4380c18a877394bfc685ad681c92703873f5a2ac2f5918d2ebacc490bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 830

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
289 B 1056ms
447ms Fetch
application/json 54.169.93.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.93.153 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-93-153.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.co/en-MY/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
x-amzn-trace-id: Root=1-6569e7fe-3b766d493b66af8a19c2d2af;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 40f6a1f4-fb22-46e7-83c3-c98f862601fc
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PREvyHF7SQ0ESZg=
content-length: 29

GET
H2 200 93227b1a60a1474fa61b5bfb1992ad2f_rothenburg--harburg-day-tour-from-munich-medium.webp
www.pelago.co/img/products/DE-Germany/rothenburg--harburg-day-tour-from-munich/ 78 KB
78 KB 45ms
43ms Image
image/webp 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/rothenburg--harburg-day-tour-from-munich/93227b1a60a1474fa61b5bfb1992ad2f_rothenburg--harburg-day-tour-from-munich-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

55fd000d4bcfe520e20f539b8f0c021503a949e73dd06037360237f90996c4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:17:22 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 521244
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 79596
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Nov 2023 14:09:03 GMT
server: AmazonS3
etag: "b04403ac3d02421b14d2e147de1d1ba9"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 89QiuzxQ1Sh1MPhA3-DEGImlMmqB0CjiGDwIgZsHx-l3DgBhu0l8OA==

GET
H2 200 084959fdedc84171b23839df48506439_nuremberg-day-tour-from-munich-medium.webp
www.pelago.co/img/products/DE-Germany/nuremberg-day-tour-from-munich/ 110 KB
110 KB 45ms
44ms Image
image/webp 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/nuremberg-day-tour-from-munich/084959fdedc84171b23839df48506439_nuremberg-day-tour-from-munich-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

964a52b00bde63b00753b22c7e8417a007b41a9cf8c4626da6c23b110812bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:17:22 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 521244
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 112314
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Nov 2023 14:00:22 GMT
server: AmazonS3
etag: "85391b594a283280592839e896fd1599"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: m3oyqOqxqsc0vtdbVstMq_OqC3wCTqDm9x6xSYmLLi0WE4gK8INSKQ==

GET
H2 200 0457ff5e1abf4a8f940d6831fd1a33c0_automuseum-prototyp-medium.webp
www.pelago.co/img/products/DE-Germany/automuseum-prototyp/ 25 KB
26 KB 52ms
51ms Image
image/webp 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/automuseum-prototyp/0457ff5e1abf4a8f940d6831fd1a33c0_automuseum-prototyp-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a782cb0589abdfcbc37858f2e02fd814fcad191326a23b4cc819c8db3e8ff653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 18:49:41 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 242105
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25542
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Nov 2023 14:06:15 GMT
server: AmazonS3
etag: "f3bc522c4282a1a3d8ecf3d4bffd3fb0"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: EonT_wZmwbxQmhtN-xdQ_KZjgPGiSsH19ZEq68yfULvS_FJhOhb0-A==

GET
H2 200 a1f73914-515d-4f05-9cc5-27090b5c7681_neues-museum-medium.webp
www.pelago.co/img/products/DE-Germany/neues-museum-skip-the-line/ 34 KB
35 KB 51ms
50ms Image
image/webp 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.co/img/products/DE-Germany/neues-museum-skip-the-line/a1f73914-515d-4f05-9cc5-27090b5c7681_neues-museum-medium.webp

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8a182aab448ae31402b5f341dea36abe6836cbd0bb5038b155b0c2ccd173cbbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:22:19 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 70947
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35056
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Nov 2023 14:03:58 GMT
server: AmazonS3
etag: "4a5d50b52dfb296cb6d3b38c77b34ab8"
x-frame-options: DENY
content-type: image/webp
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: ytXvsybgR5lZxE_b0spsfqpduF0hGaj0tIASXcOiOAfhHNxYOPjQlg==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
790 B 170ms
170ms Ping
text/plain 23.37.226.187
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.226.187 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-37-226-187.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.co/en-MY/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 98f2fdaf.a3ffbe0
date: Fri, 01 Dec 2023 14:04:45 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-37-226-183.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 119,23.37.226.183
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=31, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231201140445A3463B9DDD17B49430D4
x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.48.100.71
x-tt-trace-host: 01b5611c10e67fd7b62b972475fb95eb1e5119983893d613c926665460178b7241daab716272ee1decbdd1a91abff0f99aa22e003504e2052695076c4fa0686ef91f2f504bf0efe4db25369b742e5bf1258e5e1414fcc56ecae5f05db5cda94f5e231d0a9e786a46e5afc42da3035a70a8
access-control-allow-headers: Authorization,*
expires: Fri, 01 Dec 2023 14:04:45 GMT

GET
H2

200

src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gd...
adservice.google.com/ddm/fls/z/ Frame F902
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=12893172;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;n...
https://ad.doubleclick.net/ddm/activity/src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;t...
https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;ta...

42 B
107 B

79ms
78ms

Image
image/gif

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]

Requested by

Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=

Protocol

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=12893172;dc_pre=COqbn4G07oIDFcMIogMdySECjw;type=sales;cat=apacp0;qty=1;cost=0;u1=;u16=https%253A%252F%252Fwww.pelago.co%252Fen-MY%252F;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=[OrderID]
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/ Frame F902
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=hbq069JkMzJfv-I5i01yhA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJq...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et&sjrn_ula=7904292892&google_gid=CAESEGnWrljIO9uHr3aW9ffpibo&google_cver=1

42 B
284 B

59ms
50ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et&sjrn_ula=7904292892&google_gid=CAESEGnWrljIO9uHr3aW9ffpibo&google_cver=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et&sjrn_ula=7904292892&google_gid=CAESEGnWrljIO9uHr3aW9ffpibo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame F902
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=hbq069JkMzJfv-I5i01yhA&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDooOaEoHXNud2euDR_CB64PFNXPurZQkEBG7DLzTdaogbEZDvhY6LE2FpKZUcFhmKYqt22bFotgiwJXirV3E0BNGczIKgTEe7ZPzGHwNhkCEP-VVo8U
https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOaEoHXNud2euDR_CB64PFNXPurZQkEBG7DLzTdaogbEZDvhY6LE2FpKZUcFhmKYqt22bFotgiwJXirV3E0BNGczIKgTEe7ZPzGHwNhkCEP-VVo8U

170 B
432 B

230ms
103ms

Image
image/png

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOaEoHXNud2euDR_CB64PFNXPurZQkEBG7DLzTdaogbEZDvhY6LE2FpKZUcFhmKYqt22bFotgiwJXirV3E0BNGczIKgTEe7ZPzGHwNhkCEP-VVo8U

Requested by

Protocol

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:46 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDooOaEoHXNud2euDR_CB64PFNXPurZQkEBG7DLzTdaogbEZDvhY6LE2FpKZUcFhmKYqt22bFotgiwJXirV3E0BNGczIKgTEe7ZPzGHwNhkCEP-VVo8U
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidnb
ib.adnxs.com/ Frame F902 43 B
573 B 140ms
44ms Image
image/gif 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
an-x-request-uuid: 84398c09-0d64-4a6a-8d56-8591cb2051d5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.107; 80.255.7.107; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F902 70 B
149 B 174ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=yGNw-4z2HZkqZwMNa28Py2p2fFdLLcT9IV5psifU1nU3c1FzcJqwux3MZ6bvT7et&ttd_tpi=1
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:45 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

202

adf
pixel.sojern.com/idsync/ Frame F902
Redirect Chain

https://c1.adform.net/serving/cookie/match?cid=85bab4eb-d264-3332-5fbf-e2398b4d7284&party=1296
https://c1.adform.net/serving/cookie/match?CC=1&cid=85bab4eb-d264-3332-5fbf-e2398b4d7284&party=1296
https://pixel.sojern.com/idsync/adf?adfid=5692606333844727900&cid=85bab4eb-d264-3332-5fbf-e2398b4d7284

0
210 B

49ms
48ms

Image
text/plain

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=5692606333844727900&cid=85bab4eb-d264-3332-5fbf-e2398b4d7284
Requested by: Host: static.sojern.com
URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=MY&pc=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Protocol: H2
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.sojern.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 01 Dec 2023 14:04:45 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept-Encoding

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 14:04:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://pixel.sojern.com/idsync/adf?adfid=5692606333844727900&cid=85bab4eb-d264-3332-5fbf-e2398b4d7284
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 95ms
94ms Stylesheet
text/css 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--8MAq355TOJ6HW-kLFIksA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
content-security-policy: script-src 'report-sample' 'nonce--8MAq355TOJ6HW-kLFIksA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 01 Dec 2023 14:04:46 GMT

GET
H2 200 status Show response
accounts.google.com/gsi/ 40 B
525 B 130ms
129ms XHR
application/json 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=705475193274-2tsh7qh08bvutpggv20lrkmnrpm9d190.apps.googleusercontent.com&as=1ixbadPZqiCKEbk5rn6YpQ

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4970d1cfa128428c015cc17b09e1238995e3edfc506bb824db8267d58693f2c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FMb7FMem9MNuidhI_dhszA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
content-security-policy: script-src 'report-sample' 'nonce-FMb7FMem9MNuidhI_dhszA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pelago.co
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 1125 200 B
840 B 70ms
70ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.co/en-MY/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 7231207
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:46 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1050132
x-content-type-options: nosniff
x-request-id: 998cdb71-0a2c-4b32-9462-05ca467aa4be
x-served-by: cache-fra-eddf8230041-FRA

OPTIONS
H/1.1 204
No Content config
api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/ Frame 0
0 504ms
127ms Preflight 52.86.181.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.181.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-181-185.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 01 Dec 2023 14:04:46 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 8

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/ 375 B
741 B 125ms
124ms Fetch
application/json 52.86.181.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/config
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.181.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-181-185.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4770624e53f3b85bdf2416f4b3ae82e0e62a3f7b02b37c3bdaf86b836f21c1dc

Request headers

x-ul-visitor-id: 26b6db67-2760-451d-8c23-da891a8bc128
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-gtm
Referer: https://www.pelago.co/en-MY/
x-ul-sdk-version: 2.24.11
x-ul-environment-id: uZwGPwBJqTWL
userleap-platform: web

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
server: istio-envoy
etag: W/"177-SRAb1dT8Uv4nRELYUl2LvAa+LXk"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 5
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
content-length: 375

GET
H2 200 90870 Show response
stags.bluekai.com/site/ Frame 8381 71 B
660 B 314ms
203ms Document
text/html 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/90870?ret=html&phint=__bk_t%3DBook%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&phint=__bk_v%3D3.1.10&limit=4&r=49094870
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://www.pelago.co/en-MY/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

bk-server: b514
content-length: 71
content-type: text/html
date: Fri, 01 Dec 2023 14:04:46 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 page.gif
track.customer.io/events/ 35 B
89 B 257ms
145ms Image
image/gif 35.227.225.220
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=9b0ccfdb-8284-14a0-0dd7-aa086df599dd&site_id=97842d03f9edaf99a5ae&timestamp=1701439486258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 page.gif
track.customer.io/events/ 35 B
265 B 254ms
143ms Image
image/gif 35.227.225.220
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.pelago.co%2Fen-MY%2F&data%5BgeoCountryCode%5D=&data%5BgeoCity%5D=&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=9b0ccfdb-8284-14a0-0dd7-aa086df599dd&site_id=97842d03f9edaf99a5ae&timestamp=1701439486259
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

OPTIONS
H2 200 push-to-metrics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 442ms
439ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1689135807776&linkType=web&payload=[object%20Object]&source=yellowmessenger&subSource=null&_=1701439485041

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ym-bot-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET,HEAD,POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe195b8771e32-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:46 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 open-sans.min.css
cdn.yellowmessenger.com/ Frame A056 3 KB
1 KB 55ms
54ms Stylesheet
text/css 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans.min.css

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: cnI5v7BXL776bAJuh+msXA==
age: 9023
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:19:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2c294a2d-f01e-0042-0848-0df1f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe19588316927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H2 200 push-to-metrics Show response
r0.cloud.yellow.ai/api/plugin/ Frame A056 46 B
139 B 191ms
191ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1689135807776&linkType=web&payload=[object%20Object]&source=yellowmessenger&subSource=null&_=1701439485041

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 46
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"2e-Gyi7Bl4WvG7CJ8s8OsTledI1y70"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82ebe1987c161e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

GET
H3 200 strophe.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 84 KB
26 KB 58ms
57ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/strophe.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: G9n+eQa7CayAoVZa1q6AtA==
age: 9121
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2a479341-201e-0068-3c07-24a5e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe195b8626927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 slick-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 6 KB
2 KB 60ms
59ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14f0670aea7cb0b984e9ecc32d2242f42828af442112394ac87c1b6f9742db7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: gmxiSxX77nFI2+n3wn7BmA==
age: 11399
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be622e63-201e-004f-7390-22c37c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe195b8636927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 slick.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 42 KB
11 KB 53ms
52ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: fpfikI/QQZ66YV8VyA96kQ==
age: 11331
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: dd0efc4d-801e-003a-4c90-22eb06000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe195b8666927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ Frame A056 2 KB
3 KB 566ms
565ms Image
image/png 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: kWZ0gFofCickfaHjzqfi5g==
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b2dbdc21-901e-0075-4b88-0c2847000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ebe195b8676927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 open-sans.min.css
cdn.yellowmessenger.com/ 3 KB
1 KB 51ms
51ms Stylesheet
text/css 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans.min.css

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: cnI5v7BXL776bAJuh+msXA==
age: 9023
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:19:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 2c294a2d-f01e-0042-0848-0df1f2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe195c8706927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ 2 KB
3 KB 559ms
558ms Image
image/png 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: kWZ0gFofCickfaHjzqfi5g==
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b2dbdc21-901e-0075-4b88-0c2847000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ebe195f89d6927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 3EE9JwNTHh2U1695795804574.gif
cdn.yellowmessenger.com/ 25 KB
26 KB 54ms
53ms Image
image/gif 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/3EE9JwNTHh2U1695795804574.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da767abea34b57a95cc46a83a07e2d9324c11f836991bef28ba7372480d177f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pelago.co/en-MY/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: oFFbAMR0HoSHpPiLjNp0tw==
age: 7012
alt-svc: h3=":443"; ma=86400
content-length: 25635
x-ms-lease-status: unlocked
last-modified: Wed, 27 Sep 2023 06:23:24 GMT
server: cloudflare
etag: 0x8DBBF2241267FD8
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: 99b43ae8-301e-0000-1122-24003d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ebe195f8a06927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1125 631 B
533 B 39ms
39ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 14:04:46 GMT
via: 1.1 varnish
age: 2706383
x-cache: HIT
content-length: 399
x-request-id: 04c8bcc6-1143-4154-9794-dbfc1dd9db44
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1001439

POST
H2 200 csp-report
q.stripe.com/ Frame 1125 0
718 B 641ms
208ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701439486935096
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701439486934555
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1125 0
717 B 642ms
210ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701439486935150
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701439486934564
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 open-sans-latin-400-normal.woff2
cdn.yellowmessenger.com/ Frame A056 16 KB
17 KB 617ms
570ms Font
application/octet-stream 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans-latin-400-normal.woff2

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/open-sans.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.yellowmessenger.com/open-sans.min.css
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 1lETttp7pL0KWdvaWn4k1A==
alt-svc: h3=":443"; ma=86400
content-length: 16692
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:24:30 GMT
server: cloudflare
etag: 0x8DAEC926389A476
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 11d19d3a-301e-0000-7c2e-14003d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ebe196b82f1e18-FRA
expires: Fri, 01 Dec 2023 14:34:47 GMT

GET
H3 200 open-sans-latin-400-normal.woff2
cdn.yellowmessenger.com/ 16 KB
17 KB 643ms
610ms Font
application/octet-stream 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans-latin-400-normal.woff2

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/open-sans.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.yellowmessenger.com/open-sans.min.css
Origin: https://www.pelago.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 1lETttp7pL0KWdvaWn4k1A==
alt-svc: h3=":443"; ma=86400
content-length: 16692
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:24:30 GMT
server: cloudflare
etag: 0x8DAEC926389A476
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 11d19d3a-301e-0000-7c2e-14003d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ebe196b8301e18-FRA
expires: Fri, 01 Dec 2023 14:34:47 GMT

GET
H3 200 remix.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 114 KB
15 KB 62ms
62ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/remix.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b01c0e2985f2a64b75fd80a724dda0d0150e1df7b51c1f9f8b8e9c17a85062d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: zFDlxKW7X9gYcA5bhDblNQ==
age: 3147
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f4c98bb1-e01e-0069-7914-245bec000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe196891b6927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H3 200 compact-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 2 KB
1 KB 54ms
53ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/compact-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72537cfe9af94c221b7dd97f3f0f6d6e29827b8e608ea95e0f3fdc44727e7574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: iEVN5GpEwpp3PPBv2nuPXQ==
age: 11399
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6e12bf78-601e-0029-1090-22a74e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe196891d6927-FRA
expires: Fri, 01 Dec 2023 14:34:46 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 98EA 930 B
2 KB 250ms
42ms Document
text/html 2600:9000:2057:3400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 129
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:02:38 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id: EXxqlZYNhUI-eo_gyyj-AwiyMXbPwfAjI8cBQKWmJkcJwAv0VEcgYA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 98EA 0
491 B 305ms
214ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.pelago.co
URL: https://www.pelago.co/en-MY/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 01 Dec 2023 14:04:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701439486935673
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1701439486934614
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 98EA 87 KB
16 KB 49ms
49ms Script
text/javascript 2600:9000:2057:3400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:3400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:33 GMT
content-encoding: gzip
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 14
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: mvjHAw2E0fjaYVwkl9BHCUNmX6aluwkuLSsLwoxFRxGbqxQgeLG1Wg==

POST
H2 200 6 Show response
m.stripe.com/ Frame 98EA 156 B
670 B 634ms
209ms XHR
application/json 34.213.255.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.255.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-255-230.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b612a8d71d0ea2b84cc3329c6db49191a66bfa037c90c997835eb9c9066a729d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 01 Dec 2023 14:04:47 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701439487389045
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1701439487388602
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H/1.1 204
No Content 26b6db67-2760-451d-8c23-da891a8bc128
api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/visitors/ Frame 0
0 128ms
128ms Preflight 52.86.181.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/visitors/26b6db67-2760-451d-8c23-da891a8bc128
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.181.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-181-185.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 01 Dec 2023 14:04:46 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 8

PUT
H/1.1 204
No Content 26b6db67-2760-451d-8c23-da891a8bc128 Show response
api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/visitors/ 0
701 B 176ms
176ms Fetch 52.86.181.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/uZwGPwBJqTWL/visitors/26b6db67-2760-451d-8c23-da891a8bc128
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.30.0/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.181.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-181-185.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-visitor-id: 26b6db67-2760-451d-8c23-da891a8bc128
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-gtm
Referer: https://www.pelago.co/en-MY/
x-ul-sdk-version: 2.24.11
x-ul-environment-id: uZwGPwBJqTWL
userleap-platform: web

Response headers

date: Fri, 01 Dec 2023 14:04:47 GMT
server: istio-envoy
x-ul-visitor-id: 26b6db67-2760-451d-8c23-da891a8bc128
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6InVad0dQd0JKcVRXTCIsInZpZCI6IjI2YjZkYjY3LTI3NjAtNDUxZC04YzIzLWRhODkxYThiYzEyOCIsImlhdCI6MTcwMTQzOTQ4NywiZXhwIjoxNzAxNjEyMjg3fQ.5YhacDk1rQzCtOxKFl4hahmJvYEg3efSzbFIvjcoa94QQa2TvXG2-HuPLsGAmjRRhWYm62Ws41GV95ey3tPC2A
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 55
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H2 200 receive
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 0
0 438ms
437ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id,x-ym-message-origin,x-ym-trace-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe19f1d361e32-FRA
content-encoding: br
content-security-policy: default-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:48 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 analytics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 203ms
202ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/analytics?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe19f2d371e32-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:48 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ticket-details.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 8 KB
3 KB 51ms
51ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5fe8d27bbf4445b26c3bc0e80a33421a68ba4da6a82ea906162b8115c0f562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 4icBD/UnAk+idC+9Yyjfcg==
age: 11330
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b0eccbc8-801e-001d-6d90-228d9b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe19f19536927-FRA
expires: Fri, 01 Dec 2023 14:34:47 GMT

POST
H2 200 receive Show response
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame A056 294 B
304 B 202ms
200ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

343103e6ac7682f3438053535fd32cf6ba590fd5ef61a9c2d377f50c28c57774

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
x-ym-message-origin: web-widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
x-ym-trace-id: 465369285209438192212526801412_bV1SmCAmxMeOW38PFiWoz

Response headers

date: Fri, 01 Dec 2023 14:04:48 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"126-n49lWe9nNZ6c4KvajRdnBNoZ7b8"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 82ebe1a1e8d81e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id

OPTIONS
H2 200 active-ticket-details
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 218ms
217ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/active-ticket-details?uid=465369285209438192212526801412&bot=x1689135807776&source=yellowmessenger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 82ebe19f7d8e1e32-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:48 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 active-ticket-details Show response
r0.cloud.yellow.ai/api/plugin/ Frame A056 97 B
175 B 478ms
478ms Fetch
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/active-ticket-details?uid=465369285209438192212526801412&bot=x1689135807776&source=yellowmessenger

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f7768e13aaf8fad07e874e94019ca9cd37a896ca04455c7b375432d8a8a6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 14:04:48 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"61-bNw1M7CR/xgapEkxLrsjtkVpo2s"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82ebe1a0cf521e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

GET
H2 200 list-campaigns Show response
r0.cloud.yellow.ai/api/engagements/inbound/ Frame A056 46 B
181 B 450ms
450ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/engagements/inbound/list-campaigns?bot=x1689135807776&uid=465369285209438192212526801412&_=1701439485042

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-length: 46
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"2e-r4PPgw/jRLNCglXgL/2LB7fi/Gg"
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
feature-policy: geolocation 'self'
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 82ebe1a30a891e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires: 0

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ Frame A056 2 KB
3 KB 53ms
53ms Image
image/png 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 2
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: b2dbdc21-901e-0075-4b88-0c2847000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82ebe1a3ddd66927-FRA
expires: Fri, 01 Dec 2023 14:34:48 GMT

POST
H2 200 receive Show response
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame A056 359 B
354 B 199ms
196ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf58d474a2d805d5826a34c580606b2b3ad7a605e2eb620db661088489d0896

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
x-ym-message-origin: web-widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json
Accept: */*
Referer
x-ym-trace-id: 465369285209438192212526801412_N7J3GwI7ntluep26KuUi2

Response headers

date: Fri, 01 Dec 2023 14:04:48 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"167-SPzyRcQTVX5R2yjAeofEavi/Xes"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 82ebe1a50d4d1e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id

OPTIONS
H2 200 receive
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 0
0 189ms
188ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id,x-ym-message-origin,x-ym-trace-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe1a3db941e32-FRA
content-encoding: br
content-security-policy: default-src 'self'
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:48 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 send-event Show response
r0.cloud.yellow.ai/integrations/analytics/ Frame A056 2 B
138 B 190ms
189ms XHR
text/plain 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/analytics/send-event?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 01 Dec 2023 14:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
feature-policy: geolocation 'self'
access-control-allow-credentials: true
cf-ray: 82ebe1a56dd51e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires: 0

OPTIONS
H2 200 send-event
r0.cloud.yellow.ai/integrations/analytics/ Frame 0
0 192ms
192ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/analytics/send-event?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe1a42c011e32-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:48 GMT
expires: 0
feature-policy: geolocation 'self'
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 update-user-info Show response
r0.cloud.yellow.ai/api/plugin/ Frame A056 1 KB
674 B 240ms
240ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/update-user-info?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db19d2fa3b749ed7525a9b1b762dc442409065b5b7fccc7c6681f0be1147f010

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
x-ym-bot-id: x1689135807776
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 14:04:49 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"52f-dr2v2qacalHY5DokNEGtY3DeS/Q"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82ebe1a798fa1e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

OPTIONS
H2 200 update-user-info
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 201ms
201ms Preflight
text/html 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/update-user-info?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 82ebe1a65f261e32-FRA
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 14:04:49 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 x1689135807776
r0.cloud.yellow.ai/api/status/message/ Frame 0
0 179ms
179ms Preflight 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/status/message/x1689135807776?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pelago.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 82ebe1a9cc601e32-FRA
date: Fri, 01 Dec 2023 14:04:49 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

POST
H2 200 x1689135807776 Show response
r0.cloud.yellow.ai/api/status/message/ Frame A056 33 B
92 B 208ms
207ms XHR
application/json 2606:4700::6812:669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/status/message/x1689135807776?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 14:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 82ebe1aaedf61e32-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-app-id
content-length: 33

GET
H3 200 process-quick-replies.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame A056 19 KB
6 KB 53ms
53ms Script
application/javascript 2606:4700::6812:33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/process-quick-replies.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8355fc2b74d59982b6f301cd4fa1662a7a79f7d07287474dff9514004594a19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 01 Dec 2023 14:04:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: X4KMMVoMmEjHoIxSawh4PA==
age: 11040
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Wed, 29 Nov 2023 06:53:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e69f3ab9-a01e-006b-2a90-225681000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 82ebe1a9cbf86927-FRA
expires: Fri, 01 Dec 2023 14:34:49 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pelago.co/	1970-01-21 01:22:55	Name: __pelago-currency__ Value: EUR
www.pelago.co/	1970-01-21 01:22:55	Name: dsUserId Value: ed03b5c5-c588-4084-9b40-cbcc859fe320
www.pelago.co/	1970-01-20 16:37:21	Name: __pelago-ds-session-id__ Value: 7543e7a9-7612-4e37-b47f-d2543a812b08
www.pelago.co/	1970-01-21 02:13:19	Name: __pelag_pdp_visit__ Value: false
.pelago.co/	1970-01-21 02:13:19	Name: __ssid Value: 8cb0d16e94b2a0427e390f2f93e8cbf
.pelago.co/	1970-01-20 18:46:55	Name: _gcl_au Value: 1.1.1478998456.1701439485
.pelago.co/	1970-01-21 02:13:19	Name: _ga_TJ6G1HY8VL Value: GS1.1.1701439484.1.0.1701439484.60.0.0
.pelago.co/	1970-01-21 02:13:19	Name: _ga Value: GA1.1.2136693410.1701439485
.pelago.co/	1970-01-20 16:38:45	Name: _uetsid Value: 9490ab10905211ee8ec74102559ad42e
.pelago.co/	1970-01-21 01:58:55	Name: _uetvid Value: 9490ba20905211eeb10423ab02a38162
.tiktok.com/	1970-01-21 01:58:55	Name: _ttp Value: 2YwbFS46Xb8X943EGzABtbyOGPC
.bing.com/	1970-01-21 01:58:55	Name: MUID Value: 2932C2710B736ADA1295D1AB0AF86B76
.doubleclick.net/	1970-01-21 01:58:55	Name: IDE Value: AHWqTUkgi2QxrCJpH0Q1NcorgM5qCt-6AcEE4d3yxIy2xEI6O4qkBMAs89dYQL5mStI
.pelago.co/	1970-01-20 16:37:21	Name: tfpsi Value: f722c825-b01d-4d23-9550-3cc457159d06
.pelago.co/	1970-01-20 18:46:55	Name: _fbp Value: fb.1.1701439485308.1946033640
.pelago.co/	1970-01-21 01:58:55	Name: _tt_enable_cookie Value: 1
.pelago.co/	1970-01-21 01:58:55	Name: _ttp Value: a9BCXa9Wza8qH9R8ksmiIB1zIS9
.yahoo.com/	1970-01-21 01:23:17	Name: A3 Value: d=AQABBP3naWUCEK7Yy68LQqu71SHN87c7at4FEgEBAQE5a2VzZeAJyiMA_eMAAA&S=AQAAAnM66ljk4nw1VdxOV12AQhk
.adform.net/	1970-01-20 17:21:57	Name: C Value: 1
.sojern.com/	1970-01-21 01:22:55	Name: gid Value: CAESEGnWrljIO9uHr3aW9ffpibo
.sojern.com/	1970-01-21 01:22:55	Name: cid Value: 85bab4eb-d264-3332-5fbf-e2398b4d7284#1701388800000
.adform.net/	1970-01-20 18:03:43	Name: uid Value: 5692606333844727900
.sojern.com/	1970-01-21 01:22:55	Name: adfid Value: 5692606333844727900
.pelago.co/	1970-01-21 01:22:55	Name: _cioanonid Value: 9b0ccfdb-8284-14a0-0dd7-aa086df599dd
.bluekai.com/	1970-01-20 20:56:31	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 20:56:31	Name: bkpa Value: KJhBE66nQp91dEUNj364LcAGRh2TsI0bApQ+skoqLzcIdSVexua80UFCJSEyQvoGh4AAng+YrKO3LZ6OifnFwfocPM2rpZkViVaWm9OOKPq5/64zGIRLWRHHvdhwfOxktMnfteiYvDJmIPJZZaNbx2mBkOFiYInZVUNkPDzHxreqpX5ct+1oZpd4PawUxSbSkfyDZRWPDeqjno+V+9l22QPjaAZ+
.bluekai.com/	1970-01-20 20:56:31	Name: bku Value: 2Z/O9wf7SVPWPQRC
m.stripe.com/	1970-01-21 02:13:19	Name: m Value: bcfdc1cb-b987-4f0a-ae1a-82e633c6b9c27c7b34
.www.pelago.co/	1970-01-21 01:22:55	Name: __stripe_mid Value: 4896df55-34b5-458e-8c8f-46161f7491ea43e8c1
.www.pelago.co/	1970-01-20 16:37:21	Name: __stripe_sid Value: 54163b58-5439-48af-9b82-c1597a26d5f69dfbae

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .pelago.co .zopim.com 'strict-dynamic' .stripe.com 'unsafe-eval' 'nonce-4875a39161a80488817e0e66add0acff' https: about:; style-src 'self' 'unsafe-inline' www.gstatic.com accounts.google.com fonts.googleapis.com .yellowmessenger.com; connect-src 'self' about: .teads.tv s.yimg.com .pelago.co .zopim.com .yellow.ai pelago.pxf.io bat.bing.com .sprig.com www.facebook.com ekr.zdassets.com .ingest.sentry.io .doubleclick.net analytics.tiktok.com pixel.quantcount.com .google-analytics.com .googletagmanager.com .analytics.google.com .zendesk.com translate.googleapis.com messaging.messagebird.com .googlesyndication.com wss://.cloud.yellow.ai wss://.zopim.com wss://.zendesk.com livechat-metrics.messagebird.com .google.com .google.com.au .google.com.sg fonts.googleapis.com .csftr.com .google.ad .google.ae .google.com.af .google.com.ag .google.al .google.am .google.co.ao .google.com.ar .google.as .google.at .google.az .google.ba .google.com.bd .google.be .google.bf .google.bg .google.com.bh .google.bi .google.bj .google.com.bn .google.com.bo .google.com.br .google.bs .google.bt .google.co.bw .google.by .google.com.bz .google.ca .google.cd .google.cf .google.cg .google.ch .google.ci .google.co.ck .google.cl .google.cm .google.cn .google.com.co .google.co.cr .google.com.cu .google.cv .google.com.cy .google.cz .google.de .google.dj .google.dk .google.dm .google.com.do .google.dz .google.com.ec .google.ee .google.com.eg .google.es .google.com.et .google.fi .google.com.fj .google.fm .google.fr .google.ga .google.ge .google.gg .google.com.gh .google.com.gi .google.gl .google.gm .google.gr .google.com.gt .google.gy .google.com.hk .google.hn .google.hr .google.ht .google.hu .google.co.id .google.ie .google.co.il .google.im .google.co.in .google.iq .google.is .google.it .google.je .google.com.jm .google.jo .google.co.jp .google.co.ke .google.com.kh .google.ki .google.kg .google.co.kr .google.com.kw .google.kz .google.la .google.com.lb .google.li .google.lk .google.co.ls .google.lt .google.lu .google.lv .google.com.ly .google.co.ma .google.md .google.me .google.mg .google.mk .google.ml .google.com.mm .google.mn .google.com.mt .google.mu .google.mv .google.mw .google.com.mx .google.com.my .google.co.mz .google.com.na .google.com.ng .google.com.ni .google.ne .google.nl .google.no .google.com.np .google.nr .google.nu .google.co.nz .google.com.om .google.com.pa .google.com.pe .google.com.pg .google.com.ph .google.com.pk .google.pl .google.pn .google.com.pr .google.ps .google.pt .google.com.py .google.com.qa .google.ro .google.ru .google.rw .google.com.sa .google.com.sb .google.sc .google.se .google.sh .google.si .google.sk .google.com.sl .google.sn .google.so .google.sm .google.sr .google.st .google.com.sv .google.td .google.tg .google.co.th .google.com.tj .google.tl .google.tm .google.tn .google.to .google.com.tr .google.tt .google.com.tw .google.co.tz .google.com.ua .google.co.ug .google.co.uk .google.com.uy .google.co.uz .google.com.vc .google.co.ve .google.co.vi .google.com.vn .google.vu .google.ws .google.rs .google.co.za .google.co.zm .google.co.zw .google.cat; frame-src 'self' about: .pelago.co .teads.tv js.stripe.com hooks.stripe.com .google.com www.facebook.com stags.bluekai.com static.sojern.com ocw.messagebird.com .doubleclick.net livechat.messagebird.com tpc.googlesyndication.com; img-src 'self' data: https:; media-src 'self' static.zdassets.com; font-src 'self' data: fonts.gstatic.com .yellowmessenger.com; base-uri 'self'; object-src 'self'; report-uri /csp-report;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4645703.fls.doubleclick.net
accounts.google.com
ad.doubleclick.net
adservice.google.com
analytics.tiktok.com
api.sprig.com
assets.customer.io
bat.bing.com
beacon.sojern.com
browser.sentry-cdn.com
c1.adform.net
cdn.sift.com
cdn.sprig.com
cdn.yellowmessenger.com
cm.g.doubleclick.net
cm.teads.tv
connect.facebook.net
ds.pelago.co
fcmatch.google.com
fcmatch.youtube.com
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
hooks.stripe.com
ib.adnxs.com
js.sentry-cdn.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
p.teads.tv
pixel.sojern.com
q.stripe.com
r0.cloud.yellow.ai
region1.analytics.google.com
s.yimg.com
sp.analytics.yahoo.com
stags.bluekai.com
static.sojern.com
stats.g.doubleclick.net
t.teads.tv
tags.bkrtx.com
track.customer.io
traveller-core.pelago.co
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.pelago.co
107.178.244.119
13.32.27.12
142.250.185.98
143.204.98.88
15.197.193.217
151.101.64.176
176.34.78.115
185.89.210.180
2.16.97.41
2.18.161.51
2001:4860:4802:34::36
212.82.100.181
216.58.212.134
216.58.212.166
23.212.204.55
23.37.226.187
2600:9000:2057:3400:19:7d10:bd80:93a1
2600:9000:223c:4e00:11:9cfd:9400:93a1
2606:4700::6812:33
2606:4700::6812:669
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:806::2003
2a00:1450:4001:806::200d
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::200e
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:600::729
3.33.166.164
34.102.232.42
34.213.255.230
34.96.67.224
35.227.225.220
35.244.188.9
37.157.6.243
52.86.181.185
54.169.93.153
54.187.119.242
69.192.160.219
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd10c306c8ccf0dc185ec973dcc7f25a4cbdfdd7521bfa529c92c3d7f42a35c
0cb1c95cf9b0326b053cbcdffa448c2adc60675559ff00ab10a1ecfb1503115a
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fdb4fa7d305ed5df48f2be96e7d053787b2280207622e1a7b963ed1f2cbe6cd
11e205470edb14c2047f28dfeb5f97f5592e3cddd31344057af385c26e245594
11eb97ce83999814f95b9226576f2efbb2293b6b861f55e3637c70400ec8c5d3
1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4
147d6b7575d25b4f6a0006238f3a4a0872015c0c6e373fc59f4de842b7ffd753
14f0670aea7cb0b984e9ecc32d2242f42828af442112394ac87c1b6f9742db7d
15715bad2234fa406887a83f10703b4b4bb49633bc6d1008f61023fac16a5acd
166048b1b494b546d686a6442bac330a2ffeaa0afaf5a58d7ed0116d602296d2
16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d31c54eba5932384818bcab1ceeb0194618676fa9ce87e12da511cb6ccf0e54
1d8fa786e9b66b6dac1fa2739e7db40ba1a9401da0e11c6f26cf8e659c187001
1da78f9ed9515ff6089572e6a16cba60a7a2e8c33671b9e7d9680c38e5661384
22fd6b8e9d9417522898862517654fef8ab1c1a4322d3b410f52cb2e38fbdd49
274cefe3b194d4513bc0a8f8d56eaef37295c69c37862646119260a2d76f67e2
2889147edb550aef849e10ba2230d6b1f65a0f8831b45f642bfc0ee185babe38
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
343103e6ac7682f3438053535fd32cf6ba590fd5ef61a9c2d377f50c28c57774
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36ace6e4c38fc4c8a5904f8acd8359f20b14394d5f6177bde16607d10e0c1f7e
387220e5ea3cf0699385ae55b1499cf13b85ab36e38f4eac828642b60b26d4d1
398efdf7010a818046ca13a413b21eb5f3007ee5502e8f57dc2ef604a4145b05
3a661aa8638d8a55f7024f307d71949b0df0dd65cf731a8f1b1e3d08b04dcc88
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
419fd4b1560b1de01564ef05fea5d689bf3e9881c4ecd923c41ef8a417588cfa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446252d5c737f291e338263fa01b35c50a72679375f61ab8cf68a2a95c5d2382
4770624e53f3b85bdf2416f4b3ae82e0e62a3f7b02b37c3bdaf86b836f21c1dc
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4970d1cfa128428c015cc17b09e1238995e3edfc506bb824db8267d58693f2c2
497276ccb1ba5b1b33a14f7a4b3b3ab3de1ed0595dc28ad219547d3c660c7254
4a0c4edb7f10add38d24ba7f4554b0ecae169ae8c57ebc1386cd34941edb3cb3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb7b8e75aeed9f256b52399a58d93fa435271ebb9980d137f4cd13e8d5d9507
529efab20f3260d4417d5f0d8928da34befbd0bf416fa72b23fc511a486e801e
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a
55fd000d4bcfe520e20f539b8f0c021503a949e73dd06037360237f90996c4d2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60
58a0a25af7bf3fbec8e039709d5e840c6b578a04904669ee22d33e51660201e5
5de4b509121ea99acb680043614016f91fd514c4a8e9f930ec59b7b03f2dd1df
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
611e64714abfca66fe42e8ad0d30f4c0e7a2e52280a99db331a4e6b87bb494a7
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
65c50ca447ab9b7546430413659b39f109973e98600a791122c6fc5bd25bd12b
6d5fe8d27bbf4445b26c3bc0e80a33421a68ba4da6a82ea906162b8115c0f562
71d12a87cf335477a81b90bcfd05525bc4900a342f4a2aeff0eba366656b5131
72537cfe9af94c221b7dd97f3f0f6d6e29827b8e608ea95e0f3fdc44727e7574
725406802328f7b86a22825fae66633afa06e6114bbdace1ea6c7f09b51cc3d5
785e455a998e6fab32ea68155089996ef809d2ec0522e81516aa913dac041c00
80516de91a75aa829e48e275af0f36146f861f6d801eb9f274527c2e0efd1216
829d528271a0c1ed89551351a0abd2c9945815c9312d7e7147139ca259ef5f65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8355fc2b74d59982b6f301cd4fa1662a7a79f7d07287474dff9514004594a19d
8891559ce4daa6a3f73eef54008246af3fe4758e2aeb20a1f6cbdf35d0226963
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8a182aab448ae31402b5f341dea36abe6836cbd0bb5038b155b0c2ccd173cbbf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
964a52b00bde63b00753b22c7e8417a007b41a9cf8c4626da6c23b110812bcb7
9a0b9ce42fd95b0a97adf836e9a28dfe66eb339000e163066c546e23e6a29d1b
9de0622588292a819a585fe4214453b3c285ce70f145874f065bd8f560d082e0
9f7186216f86e63ac1358d3ede4ef20c0336dc7f0509e87ce3a2b3f9c353292e
9f9ba6d984d2808a3f17ff083ae0ad2b1c9bbe22974e1a23e33432b3a3fa1d57
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a782cb0589abdfcbc37858f2e02fd814fcad191326a23b4cc819c8db3e8ff653
aa5b7d455b609e53a68508609259a6d20342b2ce20f47f4abee38e513060eefc
afb6fb55093df3f8539c0240c7928f0a89a09d8b146921466e6ab9f7853e425b
b01c0e2985f2a64b75fd80a724dda0d0150e1df7b51c1f9f8b8e9c17a85062d0
b1410573aef92e8cffdef33a29b7b5cc80f428267222d2e63461d05fe555a3b7
b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b
b59d9fa595ca82d47dc30ce80d462c2c8b00fe3a37f9dd7256bd5c571dd88c5c
b612a8d71d0ea2b84cc3329c6db49191a66bfa037c90c997835eb9c9066a729d
bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6
c22264de3f3185afd9db19573b2795d2b5169e7684c04aea00ef087ad6d16647
c22d548d81553d44b569a214db91f0e467bdf6d5edf1deb92bfb338412b902c7
c291c35d8d662efd64ac4e9b2db9b92e1b1a5a6c2a48c7c1789450c58c311752
c5dc250228b63ec45ccaf25c7c7b9103a504bd5ebed035e88067475076c4b78d
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
d0486f4b18b3dd326cc8c716a0568ad41de8dc36e168a711871034149a3676c0
d3b25e4380c18a877394bfc685ad681c92703873f5a2ac2f5918d2ebacc490bd
d969d7b7718eaa80ac55794c1668bc7b3fce47a81bee531323d9289f7d2262db
da767abea34b57a95cc46a83a07e2d9324c11f836991bef28ba7372480d177f7
daf58d474a2d805d5826a34c580606b2b3ad7a605e2eb620db661088489d0896
db19d2fa3b749ed7525a9b1b762dc442409065b5b7fccc7c6681f0be1147f010
dc6658a0cd798fc6a50a1fee974fb6821cec8877c4763c47371afee9dc81df53
ded6dff29c705adb48c831fe4a652814472affd0e7164d66832b00f594573b7f
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e431f3c32102b73a2d03b731bd9d3bb8db101c82fd615c7a979543d5e5476ead
e7c7037b98b3529a486cc0ea34f9e13ea4c997cc196c8649c7eff2a9f18f7605
e94ae0913859d83769af1323a9bedc8a5b1dad100e40920ac5d816bffe62d509
ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8
eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c
eeedc1abe03200da1b9ad6c8d55cfc0c7a5f8c47e492d5826f64f3e719eacb76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0b547193d6534da2846aa4911ae085d40edbad97fcf60105b30bd85a95b43f6
f3601deda38558b1705e1e4506c4e116875714a890c35b38e4170ee8803175a6
f5259b73e08ddae2172be725c422c5f128d05e0d0e7901a3e705cf378f2ee03a
f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b
f9f7768e13aaf8fad07e874e94019ca9cd37a896ca04455c7b375432d8a8a6bb
fd8b7d4177953458266aef394a4a23d5d9029583bc164454bc8e782cb5339213

www.pelago.co Open in urlscan Pro 143.204.98.88 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

96 %HTTPS

43 %IPv6

29 Domains

49 Subdomains

42 IPs

7 Countries

3256 kBTransfer

8211 kBSize

30 Cookies

10 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pelago.co Open in urlscan Pro
143.204.98.88 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

96 %
HTTPS

43 %
IPv6

29
Domains

49
Subdomains

42
IPs

7
Countries

3256 kB
Transfer

8211 kB
Size

30
Cookies

154 HTTP transactions
0 data transactions