www.pelago.com Open in urlscan Pro
18.164.124.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pelago.co/
Effective URL:
https://www.pelago.com/en-US/
Submission Tags: falconsandbox
Submission: On August 29 via api (August 29th 2024, 12:33:04 pm UTC) from US — Scanned from US

Summary HTTP 151 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 23 domains to perform 151 HTTP transactions. The main IP is 18.164.124.75, located in United States and belongs to AMAZON-02, US. The main domain is www.pelago.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 6th 2024. Valid for: a year.

This is the only time www.pelago.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	13.35.93.44 13.35.93.44	16509 (AMAZON-02) (AMAZON-02)
2 33	18.164.124.75 18.164.124.75	16509 (AMAZON-02) (AMAZON-02)
7 7	18.238.80.91 18.238.80.91	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
8	15.197.171.58 15.197.171.58	16509 (AMAZON-02) (AMAZON-02)
4	18.138.4.161 18.138.4.161	16509 (AMAZON-02) (AMAZON-02)
3	34.234.115.5 34.234.115.5	14618 (AMAZON-AES) (AMAZON-AES)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
1	34.96.67.224 34.96.67.224	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4004:c07::54	15169 (GOOGLE) (GOOGLE)
25	104.18.1.51 104.18.1.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:2832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.232.42 34.102.232.42	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.251.40.196 142.251.40.196	15169 (GOOGLE) (GOOGLE)
4	23.51.57.155 23.51.57.155	16625 (AKAMAI-AS) (AKAMAI-AS)
2	31.13.71.7 31.13.71.7	32934 (FACEBOOK) (FACEBOOK)
5	23.206.172.50 23.206.172.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:266... 2600:9000:266a:5400:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
1	35.244.188.9 35.244.188.9	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:33:3... 2620:1ec:33:3::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	54.169.169.4 54.169.169.4	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.41.6 142.251.41.6	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
15	2606:4700::68... 2606:4700::6812:769	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	50.17.194.92 50.17.194.92	14618 (AMAZON-AES) (AMAZON-AES)
2	3.33.219.3 3.33.219.3	16509 (AMAZON-02) (AMAZON-02)
2	23.199.49.95 23.199.49.95	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.225.220 35.227.225.220	15169 (GOOGLE) (GOOGLE)
151	35

3 13.35.93.44 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-44.jfk50.r.cloudfront.net

pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 18.164.124.75 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-75.jfk50.r.cloudfront.net

www.pelago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.238.80.91 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-91.jfk52.r.cloudfront.net

www.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.171.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: ace343a40f543a26b.awsglobalaccelerator.com

traveller-core.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.138.4.161 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-4-161.ap-southeast-1.compute.amazonaws.com

search-core.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.234.115.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-115-5.compute-1.amazonaws.com

us.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.67.224 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.67.96.34.bc.googleusercontent.com

cdn.sift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.18.1.51 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.yellowmessenger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2832 (United States)

ASN13335 (CLOUDFLARENET, US)

us-assets.i.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.232.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.232.102.34.bc.googleusercontent.com

hexagon-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o297024.ingest.us.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.196 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.51.57.155 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fledge.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.206.172.50 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-50.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266a:5400:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:3::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.169.169.4 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com

ds.pelago.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.6 (Queens, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net

4645703.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6812:769 (United States)

ASN13335 (CLOUDFLARENET, US)

r0.cloud.yellow.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.194.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-194-92.compute-1.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: a42e3a3bc5d7c0f11.awsglobalaccelerator.com

metrics.pelago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.199.49.95 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-49-95.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	pelago.com 2 redirects www.pelago.com metrics.pelago.com	2 MB
26	pelago.co 10 redirects pelago.co www.pelago.co traveller-core.pelago.co search-core.pelago.co ds.pelago.co	29 KB
25	yellowmessenger.com cdn.yellowmessenger.com — Cisco Umbrella Rank: 73376	539 KB
15	yellow.ai r0.cloud.yellow.ai — Cisco Umbrella Rank: 757304	2 KB
8	doubleclick.net 1 redirects 4645703.fls.doubleclick.net — Cisco Umbrella Rank: 213635 td.doubleclick.net — Cisco Umbrella Rank: 481 ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	3 KB
6	teads.tv p.teads.tv — Cisco Umbrella Rank: 7621 cm.teads.tv — Cisco Umbrella Rank: 6387 fledge.teads.tv — Cisco Umbrella Rank: 15003 t.teads.tv — Cisco Umbrella Rank: 3893	7 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	138 KB
5	google.com accounts.google.com — Cisco Umbrella Rank: 46 www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	87 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	380 KB
4	posthog.com us.i.posthog.com — Cisco Umbrella Rank: 21216 us-assets.i.posthog.com — Cisco Umbrella Rank: 53587	25 KB
4	gstatic.com fonts.gstatic.com	118 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	customer.io assets.customer.io — Cisco Umbrella Rank: 30615 track.customer.io — Cisco Umbrella Rank: 20396	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 1020	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 7016 browser.sentry-cdn.com — Cisco Umbrella Rank: 6607	43 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393	670 B
1	sojern.com static.sojern.com — Cisco Umbrella Rank: 15876
1	sentry.io o297024.ingest.us.sentry.io	300 B
1	hexagon-analytics.com hexagon-analytics.com — Cisco Umbrella Rank: 8736	288 B
1	sift.com cdn.sift.com — Cisco Umbrella Rank: 21622	21 KB
0	googleadservices.com Failed www.googleadservices.com Failed
151	23

	Domain	Requested by
33	www.pelago.com	2 redirects www.pelago.com
25	cdn.yellowmessenger.com	www.pelago.com cdn.yellowmessenger.com
15	r0.cloud.yellow.ai	cdn.yellowmessenger.com
8	traveller-core.pelago.co	www.pelago.com
7	www.pelago.co	7 redirects
5	analytics.tiktok.com	www.pelago.com analytics.tiktok.com
4	ds.pelago.co	browser.sentry-cdn.com
4	www.googletagmanager.com	www.pelago.com www.googletagmanager.com
4	search-core.pelago.co	www.pelago.com
4	fonts.gstatic.com	www.pelago.com
3	td.doubleclick.net	www.googletagmanager.com
3	bat.bing.com	www.pelago.com bat.bing.com
3	us.i.posthog.com	www.pelago.com
3	pelago.co	3 redirects
2	track.customer.io
2	t.teads.tv	browser.sentry-cdn.com
2	metrics.pelago.com	www.pelago.com browser.sentry-cdn.com
2	cm.teads.tv	browser.sentry-cdn.com
2	www.facebook.com	www.pelago.com
2	4645703.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.yimg.com	www.pelago.com browser.sentry-cdn.com
2	connect.facebook.net	www.pelago.com connect.facebook.net
2	www.google.com	www.googletagmanager.com www.pelago.com
2	accounts.google.com	www.pelago.com accounts.google.com
1	fledge.teads.tv	p.teads.tv
1	sp.analytics.yahoo.com	www.pelago.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	browser.sentry-cdn.com
1	ad.doubleclick.net	www.pelago.com
1	static.sojern.com	www.pelago.com
1	assets.customer.io	www.pelago.com
1	p.teads.tv	www.googletagmanager.com
1	o297024.ingest.us.sentry.io	browser.sentry-cdn.com
1	hexagon-analytics.com	www.pelago.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	us-assets.i.posthog.com	www.pelago.com
1	cdn.sift.com	www.pelago.com
1	js.sentry-cdn.com	www.pelago.com
0	www.googleadservices.com Failed	www.googletagmanager.com
151	40

This site contains links to these domains. Also see Links.

Domain
pages.pelago.co
www.tiktok.com
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
pelago.com Amazon RSA 2048 M03	`2024-06-06` - `2025-07-05`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
pelago.co Amazon RSA 2048 M03	`2024-05-20` - `2025-06-18`	a year	crt.sh
*.i.posthog.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
*.sift.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-03` - `2025-01-19`	6 months	crt.sh
accounts.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
yellowmessenger.com E5	`2024-07-19` - `2024-10-17`	3 months	crt.sh
*.hexagon-analytics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-27` - `2024-11-03`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
teads.tv R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.customer.io Amazon RSA 2048 M03	`2023-10-19` - `2024-11-15`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-08-26` - `2024-10-16`	2 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-21`	5 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
yellow.ai E5	`2024-07-19` - `2024-10-17`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
metrics.pelago.com Amazon RSA 2048 M02	`2024-07-18` - `2025-08-17`	a year	crt.sh
api.customer.io WR3	`2024-08-04` - `2024-11-02`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.pelago.com/en-US/
Frame ID: 1CB708D82DED40F9BFD9BDB88DB9EA8E
Requests: 102 HTTP requests in this frame

Frame: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=US&pc=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Frame ID: AD4F991139E189DF7EC8ACBA7FB6590A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js
Frame ID: 6143D0A1F47CF7A9FB1444189121651E
Requests: 26 HTTP requests in this frame

Frame: https://4645703.fls.doubleclick.net/activityi;dc_pre=CN2kyOSamogDFcyHjggdjxEgIw;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F
Frame ID: E27DAEA7780CA960050CACA57F823C2E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F
Frame ID: B269994DBE208DBDCDBEC50A8ED22104
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-TJ6G1HY8VL&gacid=103799112.1724934775&gtm=45je48r0v877721759z8833390310za200zb833390310&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=2138620201
Frame ID: A2BDB7439B13B36DA12920B304D09E34
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/331425177?random=1724934775590&cv=11&fst=1724934775590&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: D0EC6F27912EB165C6BD75849F584F48
Requests: 1 HTTP requests in this frame

Frame: https://fledge.teads.tv/v1/interest-group/tag.html
Frame ID: B46622F4FB8C7D52FC0F5C8D0E201DC9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/331425177?random=1724934784745&cv=11&fst=1724934784745&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&label=BkrrCMyq-f4CEJnLhJ4B&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: FF0679FD5FF3E98508ED493D65F5A95B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Book activities, attraction tickets, and things to do - Pelago

Page URL History Show full URLs

http://pelago.co/ HTTP 307
https://pelago.co/ HTTP 301
https://www.pelago.com/ HTTP 302
https://www.pelago.com/en-US/ HTTP 307
http://pelago.co/ HTTP 301
https://pelago.co/ HTTP 301
https://www.pelago.com/ HTTP 302
https://www.pelago.com/en-US/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Sift (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.sift(?:science)?\.com/s\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Page Statistics

151
Requests

90 %
HTTPS

36 %
IPv6

23
Domains

40
Subdomains

35
IPs

3
Countries

3503 kB
Transfer

8843 kB
Size

26
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://pages.pelago.co/en/promotions
Title: T&Cs apply

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/krisflyer
Title: Learn more

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://pages.pelago.co/en/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@discoverpelago

Search URL Search Domain Scan URL

URL: https://www.facebook.com/discoverpelago/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/discoverpelago/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/discoverpelago/about/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pelago.co/ HTTP 307
https://pelago.co/ HTTP 301
https://www.pelago.com/ HTTP 302
https://www.pelago.com/en-US/ HTTP 307
http://pelago.co/ HTTP 301
https://pelago.co/ HTTP 301
https://www.pelago.com/ HTTP 302
https://www.pelago.com/en-US/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.pelago.co/img/home/first-fold-valley-xlarge.webp HTTP 301
https://www.pelago.com/img/home/first-fold-valley-xlarge.webp

Request Chain 70

https://www.pelago.co/img/destinations/new-york/0619-0958_newyork-medium.jpg HTTP 301
https://www.pelago.com/img/destinations/new-york/0619-0958_newyork-medium.jpg

Request Chain 71

https://www.pelago.co/img/destinations/bangkok/0502-0436_bangkok-medium.jpg HTTP 301
https://www.pelago.com/img/destinations/bangkok/0502-0436_bangkok-medium.jpg

Request Chain 72

https://www.pelago.co/img/destinations/phuket/0502-0403_phuket-medium.jpg HTTP 301
https://www.pelago.com/img/destinations/phuket/0502-0403_phuket-medium.jpg

Request Chain 73

https://www.pelago.co/img/destinations/kuala-lumpur/0721-0316_kualalumpur-medium.jpg HTTP 301
https://www.pelago.com/img/destinations/kuala-lumpur/0721-0316_kualalumpur-medium.jpg

Request Chain 74

https://www.pelago.co/img/destinations/tokyo/0922-0315_hero-image-medium.jpg HTTP 301
https://www.pelago.com/img/destinations/tokyo/0922-0315_hero-image-medium.jpg

Request Chain 75

https://www.pelago.co/img/destinations/singapore/hero-image-medium.jpg HTTP 301
https://www.pelago.com/img/destinations/singapore/hero-image-medium.jpg

Request Chain 80

https://4645703.fls.doubleclick.net/activityi;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F HTTP 302
https://4645703.fls.doubleclick.net/activityi;dc_pre=CN2kyOSamogDFcyHjggdjxEgIw;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F

151 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pelago.com/en-US/
Redirect Chain

http://pelago.co/
https://pelago.co/
https://www.pelago.com/
https://www.pelago.com/en-US/
http://pelago.co/
https://pelago.co/
https://www.pelago.com/
https://www.pelago.com/en-US/

807 KB
167 KB

1918ms
1908ms

Document
text/html

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

CloudFront / Next.js

Resource Hash

4c9a4531c7fb89236b5d900089cb7121feb82066c375e648f537a5771366837f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy-report-only: default-src 'self' 'unsafe-inline' blob: data: https:; report-to csp-endpoint
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:51 GMT
etag: "gqcym9lk7ihpdu"
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"csp-endpoint","endpoints":[{"url":"/csp-report"}]}
reporting-endpoints: csp-endpoint="/csp-report"
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-amz-cf-id: V76yTVYDqyzs5QgtDdQ51w4yPzB4BFxj-OUdVFSqhZ0ss1kqi4vJGQ==
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Thu, 29 Aug 2024 12:32:49 GMT
location: /en-US/
server: CloudFront
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-amz-cf-id: bT4H-gMdLKqQUl95X8SyMsv5L6qJE5qqHOmIuVgTFNF0P4Ux8WEK5g==
x-amz-cf-pop: JFK50-P7
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 200 81c60640f79c649c.css
www.pelago.com/_next/static/css/ 277 KB
33 KB 245ms
243ms Stylesheet
text/css 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/css/81c60640f79c649c.css

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5c71fb30a6a022ab08f0f19a1dfab83e1265a4ac790052d0da7a23cd50b008d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 09:22:23 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 11858
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:04 GMT
server: AmazonS3
etag: W/"f20925c13fdedf0b6f431819a590806f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: VEImOklH5b_ZdRC6wshkRzzsskJXHRKm3g6atsFJFY-bQ6cOX34c7g==

GET
H2 200 815108c7d73e4190.css
www.pelago.com/_next/static/css/ 131 KB
17 KB 221ms
219ms Stylesheet
text/css 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/css/815108c7d73e4190.css

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

51a526ad5d97935236e681be6f46fc495b2bbe4d936db908a7c4dd3b7b6f97c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:56:44 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 78351
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:04 GMT
server: AmazonS3
etag: W/"d3c567e2f30deb73eb827270dda7abce"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: kj2WWlBe6tFWfmqPEOQK48DH1unsEJvJcoXtsl6mCOl4sBe6uHU45g==

GET
H2 200 195d0b1ccb7807e0.css
www.pelago.com/_next/static/css/ 65 KB
11 KB 197ms
196ms Stylesheet
text/css 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/css/195d0b1ccb7807e0.css

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0d33c7f1bd1936b9b139c48aab9d0452ac95ebba60abbf8be750aeb0d1989dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 20:55:08 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 56265
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:03 GMT
server: AmazonS3
etag: W/"b0fa274dcc340b9c17627039dfd18044"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: xL1GuZTJM6NMZEwFrwuHl4HqLVE4d5skg6cACmP5RW13M5YjcDcbeQ==

GET
H2 200 webpack-ff2bf50b817b0a23.js Show response
www.pelago.com/_next/static/chunks/ 74 KB
38 KB 177ms
176ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/webpack-ff2bf50b817b0a23.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6aab673a88a9ce969a751084e7207aa8400b52ef2a77ddd01bffd93b64ee7f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:56:46 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 12967
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:03 GMT
server: AmazonS3
etag: W/"c042c913cab74e5f9fa79765b001d83f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: zsu1dY-hMfAW4hkBc2yWfcspTNJDC0Qi_3hw8q42T7eXhDO8fy11yg==

GET
H2 200 framework-cb56bbd89447d6f3.js Show response
www.pelago.com/_next/static/chunks/ 127 KB
40 KB 252ms
252ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/framework-cb56bbd89447d6f3.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

1d31c54eba5932384818bcab1ceeb0194618676fa9ce87e12da511cb6ccf0e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 09:22:23 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 11795
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:00 GMT
server: AmazonS3
etag: W/"ac2acd5f4a8273ab4841c66e4c871488"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: 0NUgwgpK4LICGlYmjZX6RbZ4anTIdXnVRxG8LVJww5ZbPuLmLW7qLQ==

GET
H2 200 main-a1acce2f17d4e28c.js Show response
www.pelago.com/_next/static/chunks/ 119 KB
36 KB 253ms
253ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/main-a1acce2f17d4e28c.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5e33f3de61284d1107f4e249d6172a160d71fd5eca106318fd8728290cdd9154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 11:53:38 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 2808
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:00 GMT
server: AmazonS3
etag: W/"8508b51201c27c86d8dc4f57e61cfb62"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: lRhqKRZXmsmqM3Eju3_fhCPEoeqoP9lSSbBSz4_P-0ozLhhicofjbg==

GET
H2 200 _app-a144601ebe02f6c6.js Show response
www.pelago.com/_next/static/chunks/pages/ 1 MB
280 KB 325ms
324ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cc087f8ba1f94d4046d146ed9e4b679a4b6413ea1256457f9da62e9d17d34e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:56:44 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 14352
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:00 GMT
server: AmazonS3
etag: W/"a4b8da518365f264ca858ead13deed82"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: nm7cOLRZp1-vAOr3iRowyyXy0veUlea-Ym7kPAaInQDcdxazTlvnLQ==

GET
H2 200 65171-010aa1c029dc0451.js Show response
www.pelago.com/_next/static/chunks/ 27 KB
8 KB 314ms
314ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/65171-010aa1c029dc0451.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3b3f6cba18696fe4982836c6893b28b1a44d1bffe98b24965cc515384bc4234b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 19:17:25 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 79639
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 23 Aug 2024 09:57:24 GMT
server: AmazonS3
etag: W/"9a7d0d1cf0dcdc3f9df0ecaa44b8f72c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: HPV-iQO9ZfxYar_nfTOSavxE__IB66j4Zb5yhELzo96Pbi5pYOfWLw==

GET
H2 200 78816-1bf6104abf492467.js Show response
www.pelago.com/_next/static/chunks/ 71 KB
19 KB 324ms
324ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/78816-1bf6104abf492467.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7d60ffa73a2e679a1683b65bdba18e3bf6797aefa3543a0f1c2e95ff1ea3dc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:11:36 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 85753
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 23 Aug 2024 09:57:39 GMT
server: AmazonS3
etag: W/"f0d04bfd3e7c004d034f8588c61186ce"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: cmphbIiqM1pV3mZuJC4NI0dV80BNybqc9Qb6hSGa8iSZzK7CrcJayA==

GET
H2 200 93268-e54bfe86412eb304.js Show response
www.pelago.com/_next/static/chunks/ 37 KB
13 KB 494ms
493ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/93268-e54bfe86412eb304.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e4e3fb5e433f29677c0e34e6cc0859fdf2821837b501c2ade333266f2b12628f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:52 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 894
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:31:50 GMT
server: AmazonS3
etag: W/"8ad9e6dda31417e00c56f41fb3e5f6f3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: pg9GQ_KiooyQRS4Skm3Xn_lcQ8kHCSyjIzzmYsIWWBSvCky4Yb3Ylw==

GET
H2 200 37426-98fa782c4b190514.js Show response
www.pelago.com/_next/static/chunks/ 117 KB
35 KB 522ms
522ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/37426-98fa782c4b190514.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cd12984a5efdbf4f7a5f7f40f1ac67c8b68a29d3e8af54cc45c8dc98108255eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 10:05:54 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 78351
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Aug 2024 09:46:07 GMT
server: AmazonS3
etag: W/"ab2ac08181b4d00c4572195e49864cc4"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: UMMS5qe-VtqifFQulqSOHGHxAdPFR5fGSe8mi_6EOwI7njLl-inGRA==

GET
H2 200 index-bb71a0fbc33c0a84.js Show response
www.pelago.com/_next/static/chunks/pages/ 83 KB
23 KB 503ms
503ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/pages/index-bb71a0fbc33c0a84.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b736d597e3c999831663c9e5062b590ba469a6329aa9cfbdaa403a3d1a33340e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 10:40:49 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 6724
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:02 GMT
server: AmazonS3
etag: W/"75a54f4115cd225f31bfb688aa3f910e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: NrwSb0K4w7tcTIE5M5DdXyzsbkNRLzT7_DGn5-fNby4W3ylwlsgyXQ==

GET
H2 200 _buildManifest.js Show response
www.pelago.com/_next/static/PrrAaZSRP_Yflf0mvy_rB/ 17 KB
3 KB 520ms
520ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/PrrAaZSRP_Yflf0mvy_rB/_buildManifest.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9ac60b06018d64702703fb7eec094a2674e7f388637a9f4db9cc6bf79f6306c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:56:46 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 12967
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:30:01 GMT
server: AmazonS3
etag: W/"7f851c47d1370922710bad74715632e7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: b2q8e_0AfrPI3szTEQaDUikPWB51rMdQtq2_-yEzAHwJ-MjYZYF-Xg==

GET
H2 200 _ssgManifest.js Show response
www.pelago.com/_next/static/PrrAaZSRP_Yflf0mvy_rB/ 293 B
836 B 492ms
492ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/PrrAaZSRP_Yflf0mvy_rB/_ssgManifest.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9f754d8cbd7a07aded1a7441c367300066432f28f212010083a28889679f6a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 17:33:14 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 68658
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 293
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:30:01 GMT
server: AmazonS3
etag: "d6415386492c54c3b6066a7e71d96ef2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 3hTnxU05nSIJG6qWx9zUNa8CxJt0EpXThkKO73TgmRVD2kjC0qqx8g==

GET
H2

200

first-fold-valley-xlarge.webp
www.pelago.com/img/home/
Redirect Chain

https://www.pelago.co/img/home/first-fold-valley-xlarge.webp
https://www.pelago.com/img/home/first-fold-valley-xlarge.webp

880 KB
882 KB

171ms
169ms

Image
binary/octet-stream

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/home/first-fold-valley-xlarge.webp

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

37f9f9d006015d73f4ceac460a588fa35e2a6000479a3d2d31639e2b8e5a6381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:52 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 21293
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 901156
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 02 Aug 2024 03:52:15 GMT
server: AmazonS3
etag: "6e9ec89450259e7399b14933e49d9c67"
vary: Accept-Encoding
x-frame-options: DENY
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: jLoANWXfXC8flGNaaHoED3dKZuWBmsJg0692i093W6WWlTxgSpZbag==

Redirect headers

date: Thu, 29 Aug 2024 12:32:52 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/home/first-fold-valley-xlarge.webp
content-length: 0
x-amz-cf-id: mDLN5FdToM1CwXWSKCGps9FlJEVsPUwsmKepYDOzR2IqGzjSpT25xg==

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2
fonts.gstatic.com/s/nunitosans/v15/ 30 KB
30 KB 688ms
292ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQKr51.woff2

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 15:23:57 GMT
x-content-type-options: nosniff
age: 508135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31040
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:15:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 15:23:57 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 544ms
149ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 05:00:52 GMT
x-content-type-options: nosniff
age: 27120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33148
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Aug 2025 05:00:52 GMT

GET
H2 200 slick.653a4cbb.woff
www.pelago.com/_next/static/media/ 1 KB
2 KB 233ms
233ms Font
font/woff 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/media/slick.653a4cbb.woff

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/css/815108c7d73e4190.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/_next/static/css/815108c7d73e4190.css
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 11:53:42 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 2574
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1380
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:32:05 GMT
server: AmazonS3
etag: "b7c9e1e479de3b53f1e4e30ebac2403a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: font/woff
accept-ranges: bytes
x-amz-cf-id: qi2b7hqu5XDF0DSzd-9qaNcMgFAhYZ5QP7qKDPozI8a9NvbKbbGsAw==

GET
H2 200 pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilntw.woff
fonts.gstatic.com/s/nunitosans/v15/ 45 KB
45 KB 237ms
231ms Font
font/woff 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe1mMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp5F5bxqqtQ1yiU4G1ilntw.woff

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9ba6d984d2808a3f17ff083ae0ad2b1c9bbe22974e1a23e33432b3a3fa1d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 14:52:10 GMT
x-content-type-options: nosniff
age: 510043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45884
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 00:25:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 14:52:10 GMT

GET
H2 200 pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t6R-tQKr51pE8.woff2
fonts.gstatic.com/s/nunitosans/v15/ 10 KB
10 KB 411ms
406ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t6R-tQKr51pE8.woff2

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

166048b1b494b546d686a6442bac330a2ffeaa0afaf5a58d7ed0116d602296d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 04:25:03 GMT
x-content-type-options: nosniff
age: 547670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10280
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 01:24:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 04:25:03 GMT

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 719ms
262ms Preflight
text/html 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-domain,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-domain, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.com
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 707ms
259ms Preflight
text/html 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-domain,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-domain, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.com
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
search-core.pelago.co/ Frame 0
0 934ms
253ms Preflight
text/html 18.138.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.4.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-4-161.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-domain,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-domain, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.com
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
search-core.pelago.co/ Frame 0
0 931ms
254ms Preflight
text/html 18.138.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.4.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-4-161.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-domain,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-domain, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.com
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 699ms
263ms Preflight
text/html 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-domain,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-domain, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.com
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

OPTIONS
H2 200 graphql
traveller-core.pelago.co/ Frame 0
0 696ms
261ms Preflight
text/html 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-currency-id,x-domain,x-ds-session-id,x-ds-user-id,x-geo-country-code,x-geo-latitude,x-geo-longitude,x-locale
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-currency-id, x-domain, x-ds-session-id, x-ds-user-id, x-geo-country-code, x-geo-latitude, x-geo-longitude, x-locale
access-control-allow-methods: OPTIONS, POST, HEAD, GET
access-control-allow-origin: https://www.pelago.com
content-length: 0
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:54 GMT
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: deny
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
us.i.posthog.com/decide/ 579 B
715 B 467ms
151ms XHR
application/json 34.234.115.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/decide/?v=3&ip=1&_=1724934773443&ver=1.148.0&compression=base64

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.115.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-115-5.compute-1.amazonaws.com

Software

envoy /

Resource Hash

99f6e3d0ab9d400355f625bdd2577840f88e169a4c5d3000aa7431f07216fd14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Aug 2024 12:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 20
access-control-allow-headers: X-Requested-With,Content-Type

GET
H2 200 67058.c183425969bf4115.js Show response
www.pelago.com/_next/static/chunks/ 5 KB
2 KB 166ms
138ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/67058.c183425969bf4115.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/webpack-ff2bf50b817b0a23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

325aaeebc43fb867485d8ae444aa919f4d6a1cf1af77061bfa45a10672a46a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:11:38 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 20878
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:31:15 GMT
server: AmazonS3
etag: W/"85679bce0001210afd37c06b1e15ef4a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: D5tElto6zazc59FGkL0j-xnVJALbSJy5uiQTNWLkXunAQCdMuIAM1w==

GET
H2 200 31903-7274fdde03bc46b0.js Show response
www.pelago.com/_next/static/chunks/ 40 KB
14 KB 143ms
140ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/31903-7274fdde03bc46b0.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/webpack-ff2bf50b817b0a23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b195fed75e5d1b88d74f37f4922ddf9df427dd6017155d7b9849498f71ace7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:56:46 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 16202
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:30:29 GMT
server: AmazonS3
etag: W/"855ff14df78124196d0a0a1089cbfd88"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: s3YRpy60QIjCx0qbmz44NJZzim68cOZ4uUjAO37-AYwpPvfQQ55Abw==

GET
H2 200 a5f2bb404c61ef6c.css
www.pelago.com/_next/static/css/ 41 KB
5 KB 143ms
139ms Stylesheet
text/css 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/css/a5f2bb404c61ef6c.css

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/webpack-ff2bf50b817b0a23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

efe395af531a51cf77e9659393fcff934185317dd2fbea20da761d4cca0310e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 11:17:31 GMT
content-encoding: br
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 10934
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Aug 2024 09:47:28 GMT
server: AmazonS3
etag: W/"8e6d34c75c81b5274afe9a20d2fa014f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
x-amz-cf-id: EoOeXdQg6-WsJ9MnE2sNf_A-nubnJW_j7T1mWHXLt53ZTeq5Iyh-Rg==

GET
H2 200 28030.e8353f385e751008.js Show response
www.pelago.com/_next/static/chunks/ 30 KB
9 KB 143ms
139ms Script
text/javascript 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/_next/static/chunks/28030.e8353f385e751008.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/webpack-ff2bf50b817b0a23.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7ad614da9f5278029d7ff3b3db29008eed8da75bdb2aefbcc082fa1ffbdb0291

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 17:28:36 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 68658
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:30:24 GMT
server: AmazonS3
etag: W/"03226a242db1b6b8d30af6ea85ca97df"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript
x-amz-cf-id: G4Z0w2hQlrIKbBf8TR9x7tfo5g3vx02g8JCOC9Uyaf4vTdhT4fz9Wg==

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 374 B
1 KB 271ms
264ms Fetch
application/json 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

cb74653a4d2cc53265fc4a866175dc44d5aa59d55a136881616754a58aa3b274

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: 37c0927d-6390-414c-9dea-ca00814fe0f8
x-geo-country-code: US
x-currency-id: USD
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-ds-user-id: 3bd62f66-af37-494c-a731-66a6034d1fae
x-domain: https://www.pelago.com
content-type: application/json
accept: */*
Referer: https://www.pelago.com/en-US/
x-geo-latitude: 33.9214
x-geo-longitude: -118.413

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
content-length: 374
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
111 KB 483ms
191ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1a72607950a27766f0d27f2ef2e8a0c0ecd6222e132dba6fb90e7be4d0e6bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113334
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 12:32:54 GMT

GET
H2 200 266d7e06652349d3a77d6f3921924a65.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 263ms
75ms Script
text/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/266d7e06652349d3a77d6f3921924a65.min.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/main-a1acce2f17d4e28c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2680ccc5842f23dc22628e982570cf5269eab12c7f0cb4410bb189d92ac36c20

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; font-src * data:; base-uri 'none'; img-src * blob: data:; style-src * 'unsafe-inline'; frame-ancestors 'self' .sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src ; worker-src blob:; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=4c10b9fe3389df5c5fcb24c27e9a97f66b84ff93
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: object-src 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; font-src * data:; base-uri 'none'; img-src * blob: data:; style-src * 'unsafe-inline'; frame-ancestors 'self' *.sentry.io; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; media-src *; worker-src blob:; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=4c10b9fe3389df5c5fcb24c27e9a97f66b84ff93
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Aug 2024 12:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 804
x-envoy-upstream-service-time: 20
content-length: 1296
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-65b5676f98-jxq9t, cache-chi-kigq8000058-CHI, cache-bur-kbur8200033-BUR
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 s.js Show response
cdn.sift.com/ 62 KB
21 KB 292ms
79ms Script
text/javascript 34.96.67.224
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sift.com/s.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/main-a1acce2f17d4e28c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

224.67.96.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

2c81cc3c013e563ad03b70adcb3c9651ec391c768dafbe3e36f2da35320f8de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 18:18:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 411293
x-guploader-uploadid: AHxI1nN2p_GK0jYh7RKXqQKFLrcS5ckewgPQy8WQk9eCE5Oqc_jmIp3WayK-Pxquka3ZCSihSk2adR6Ctw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20599
last-modified: Tue, 16 Jul 2024 09:11:58 GMT
server: UploadServer
etag: "11c06eb3d157e5772b6b967e40853e15"
x-goog-generation: 1721121118847320
x-goog-hash: crc32c=wz8G3w==, md5=EcBus9FX5Xcra5Z+QIU+FQ==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 20599
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 24 Aug 2025 18:18:01 GMT

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 7 KB
2 KB 366ms
358ms Fetch
application/json 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

c2bdc927a717f8915475608a4e1d93b04b5859a00f10b04593fe3f8f365a1a7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: 37c0927d-6390-414c-9dea-ca00814fe0f8
x-geo-country-code: US
x-currency-id: USD
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-ds-user-id: 3bd62f66-af37-494c-a731-66a6034d1fae
x-domain: https://www.pelago.com
content-type: application/json
accept: */*
Referer: https://www.pelago.com/en-US/
x-geo-latitude: 33.9214
x-geo-longitude: -118.413

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
search-core.pelago.co/ 33 KB
5 KB 379ms
376ms Fetch
application/json 18.138.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search-core.pelago.co/graphql

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.4.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-4-161.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

c6d938751e66c41222fb9a8a044029d320624c4e01b79f68711c0551dc580ff8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: 37c0927d-6390-414c-9dea-ca00814fe0f8
x-geo-country-code: US
x-currency-id: USD
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-ds-user-id: 3bd62f66-af37-494c-a731-66a6034d1fae
x-domain: https://www.pelago.com
content-type: application/json
accept: */*
Referer: https://www.pelago.com/en-US/
x-geo-latitude: 33.9214
x-geo-longitude: -118.413

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
search-core.pelago.co/ 46 KB
5 KB 387ms
384ms Fetch
application/json 18.138.4.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://search-core.pelago.co/graphql

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.138.4.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-4-161.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

25491129887502678ff16c482bcaadf82b16bca4a54b8832735e949e92fc101e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: 37c0927d-6390-414c-9dea-ca00814fe0f8
x-geo-country-code: US
x-currency-id: USD
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-ds-user-id: 3bd62f66-af37-494c-a731-66a6034d1fae
x-domain: https://www.pelago.com
content-type: application/json
accept: */*
Referer: https://www.pelago.com/en-US/
x-geo-latitude: 33.9214
x-geo-longitude: -118.413

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 2 KB
3 KB 281ms
274ms Fetch
application/json 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

a0cd1ab105c3e6d0c4da9efb7efc3fbee6123e7a23e81c66118ec1ac5eecab7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: 37c0927d-6390-414c-9dea-ca00814fe0f8
x-geo-country-code: US
x-currency-id: USD
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-ds-user-id: 3bd62f66-af37-494c-a731-66a6034d1fae
x-domain: https://www.pelago.com
content-type: application/json
accept: */*
Referer: https://www.pelago.com/en-US/
x-geo-latitude: 33.9214
x-geo-longitude: -118.413

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
content-length: 2324
x-xss-protection: 1; mode=block

POST
H2 200 graphql Show response
traveller-core.pelago.co/ 90 KB
10 KB 956ms
948ms Fetch
application/json 15.197.171.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://traveller-core.pelago.co/graphql

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.197.171.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ace343a40f543a26b.awsglobalaccelerator.com

Software

Resource Hash

20f88479c0d75ac5b825b8392347a2bf9ca6ab07b6ec3f4552b59770b154446f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://.pelago.co https://.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

x-locale: en-US
x-ds-session-id: 37c0927d-6390-414c-9dea-ca00814fe0f8
x-geo-country-code: US
x-currency-id: USD
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
x-ds-user-id: 3bd62f66-af37-494c-a731-66a6034d1fae
x-domain: https://www.pelago.com
content-type: application/json
accept: */*
Referer: https://www.pelago.com/en-US/
x-geo-latitude: 33.9214
x-geo-longitude: -118.413

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-encoding: gzip
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'none'; img-src 'self' data https://static.userback.io; font-src 'self' https://fonts.gstatic.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://static.userback.io https://code.jquery.com https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://static.userback.io https://stackpath.bootstrapcdn.com https://cdn.jsdelivr.net; object-src 'none'; connect-src 'self' https://api.userback.io https://static.userback.io https://*.pelago.co https://*.amazonaws.com https://*.amazoncognito.com; manifest-src 'self'
vary: Origin
x-frame-options: deny
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 client Show response
accounts.google.com/gsi/ 226 KB
86 KB 490ms
187ms Script
application/javascript 2607:f8b0:4004:c07::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c6050d1e06cadcbc1c6af280554439309b811d0c98670e77b87c84b9abf95cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zkv7LQHF6MMqJhkcRxMK-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-zkv7LQHF6MMqJhkcRxMK-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 29 Aug 2024 12:32:54 GMT

GET
H3 200 main.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 253 KB
84 KB 260ms
93ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7ce815305d774a7434cb2bd9abf83f8e11fa36e05dff37eee58989df8fa8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: eS+Ba0+tH0KS0wHW9Nih8g==
age: 1515
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 496cd1b3-001e-001d-4058-f8b68f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91015a99dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:53 GMT

GET
H2 200 surveys.js Show response
us-assets.i.posthog.com/static/ 64 KB
22 KB 380ms
88ms Script
text/javascript 2606:4700:10::ac43:2832
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://us-assets.i.posthog.com/static/surveys.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2832 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313efbb9cfbaed49fbb38c238efdba37b48f64dfb14e9df9061904145c80a945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 230
x-envoy-upstream-service-time: 48
referrer-policy: same-origin
last-modified: Thu, 29 Aug 2024 10:59:14 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Cookie, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 8bac91047b297beb-LAX

GET
H2 200 yellow-ai-icon.gif
www.pelago.com/ 16 KB
16 KB 1025ms
1023ms Image
image/gif 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/yellow-ai-icon.gif

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

CloudFront /

Resource Hash

ebb856b50fca5bbda3a48f74a7fc33fdd25b0465cc02bc79748c936071fdb162

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK50-P7
content-security-policy-report-only: default-src 'self' 'unsafe-inline' blob: data: https:; report-to csp-endpoint
x-cache: Miss from cloudfront
content-length: 16089
x-xss-protection: 1; mode=block
reporting-endpoints: csp-endpoint="/csp-report"
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:19:47 GMT
server: CloudFront
etag: W/"3ed9-1918dc50cb8"
x-frame-options: DENY
report-to: {"group":"csp-endpoint","endpoints":[{"url":"/csp-report"}]}
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: c7TJtJ11E6ACnjuv0aaNrH-iFL4nXhtUPbC4dNUZlhs1OI6oSL7W_w==

POST
H2 200 / Show response
us.i.posthog.com/i/v0/e/ 15 B
243 B 174ms
168ms XHR
application/json 34.234.115.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://us.i.posthog.com/i/v0/e/?ip=1&_=1724934774196&ver=1.148.0&compression=gzip-js
Requested by: Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.115.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-115-5.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
server: envoy
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: https://www.pelago.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 35
content-length: 15

GET
H2 200 bundle.tracing.es5.min.js Show response
browser.sentry-cdn.com/7.119.0/ 129 KB
40 KB 85ms
78ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/266d7e06652349d3a77d6f3921924a65.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e41ad875e8b674c18020f0d8d6637bbb5ae2d684a7ede61052c859480b7cbeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pelago.com/en-US/
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Aug 2024 10:19:44 GMT
server: Fastly
age: 786333
etag: "a1bb067a15cd27967279cf416d8c67b2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 40832
expires: Thu, 14 Aug 2025 11:33:53 GMT

GET
H2 200 647015.gif
hexagon-analytics.com/images/ 43 B
288 B 531ms
163ms Image
image/gif 34.102.232.42
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hexagon-analytics.com/images/647015.gif?bk=624cef0805&tm=70&r=951989318&v=108&cs=UTF-8&h=www.pelago.com&l=en-US&S=eb9b67ccb30afdb736e35f4986803386&uu=fb8711531ef80601b6c2773a020d2a5&t=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&u=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36&nm=2&mh=63196a00446a1e285d1992cfe444aa55&np=5&ph=332b72bdb211e34e6e3c24f88d7c393b&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=600&d=0&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=16&je=false&ss=true&ls=true&in=true&db=false&tl=false&tr=false&ts=false&tb=false&ab=false&cf=a3c415e4f447c1ed3c87d70fb939054d&z=z

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

42.232.102.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:54 GMT
via: 1.1 google
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET 6aa601f7-eb79-4ff3-958d-36dae170aeab
https://www.pelago.com/ Frame 0
0

GET
H3 200 ym_base.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 21 KB
6 KB 111ms
95ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_base.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b595ce3c4fff608d18623811b464c2e854666e87092e49b3b444a88852189e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XCEl983kYnT3zKnXMNYh9Q==
age: 1518
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d7cdea63-f01e-0057-4f58-f843d4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9104ad80dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:54 GMT

GET
H3 200 animate.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ 85 KB
7 KB 101ms
94ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/animate.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2bTvtNNuzKvw7yv3+oAYZQ==
age: 1523
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36c08579-301e-0030-5758-f81b21000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9104ad81dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:54 GMT

GET
H2 200 / Show response
us.i.posthog.com/api/surveys/ 4 KB
2 KB 165ms
165ms XHR
application/json 34.234.115.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://us.i.posthog.com/api/surveys/?token=phc_qZEHuzVWKAH9rZ3u1HG9TqdszF3rG3bObFPqvwxxiL1&ip=1&_=1724934774605&ver=1.148.0

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.115.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-115-5.compute-1.amazonaws.com

Software

envoy /

Resource Hash

9f2429014fa3bfcf7ccb58e2de37af1e8dfea77319e8ccb6a9bef39a6e3d47da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: same-origin
server: envoy
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pelago.com
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 30
access-control-allow-headers: X-Requested-With,Content-Type

POST
H2 200 / Show response
o297024.ingest.us.sentry.io/api/5247208/envelope/ 2 B
300 B 329ms
126ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o297024.ingest.us.sentry.io/api/5247208/envelope/?sentry_key=266d7e06652349d3a77d6f3921924a65&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.119.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.pelago.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 collect
www.google.com/ccm/ 0
0 468ms
163ms Ping
text/html 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&frm=0&rnd=283701384.1724934775&auid=765675281.1724934775&npa=0&gtm=45He48r0v833390310za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&tft=1724934774709&tfd=8562&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
98 KB 186ms
185ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

366a15d48a6c6ea52ed6197b2a8aa84a6cd469db93b06808197694a8a4d812d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99767
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Aug 2024 12:32:54 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 269 KB
92 KB 247ms
246ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-331425177&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c74860505ff2fdaa45dc714ab01810a17d52a2611a3754d2f1d057b4c2879063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94330
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 12:32:54 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 220ms
220ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-4645703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b3c41172b3794a6168614de208144c3f6e5c468c065ab5933824a3a016883e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80568
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 12:32:54 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ 17 KB
6 KB 611ms
155ms Script
application/javascript 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 29 Aug 2024 12:32:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jul 2024 13:21:36 GMT
Server: AmazonS3
x-amz-request-id: WQC2KGGJZAC0F57F
ETag: "8308c4ca0f38b20101f1aa83176a264c"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=479
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5806
x-amz-id-2: Ji+zZDlusjzx1zna6RiTQsiuPNvKEgeL53hyP+jmUXCV+o9wU/vTnTx6M5RYYM8IiBIQO3YHAxM=

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 299ms
144ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:32:54 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8047, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: +ioib9TOcMkKWWsoOeXc9pdFvd20ssSNuCfB33Y/xRhLDL6GAV/CAmOd+cJvdOmMsi2jlLdFoLBguZ1CIRXQwA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 497ms
186ms Script
application/javascript 23.206.172.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAP8FP3C77U56BB6BKP0&lib=ttq
Requested by: Host: www.pelago.com
URL: https://www.pelago.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-50.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7e7d4decf8f4a6f9b4339b0c963451c68a61d9b0dcea9cc4ff334b328b58e93a

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 212fdec
date: Thu, 29 Aug 2024 12:32:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240829123255958F7D7C3FA36740A964-3966C9778130707B-00
x-cache: TCP_MISS from a23-58-89-68.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=43
content-length: 2128
pragma: no-cache
server: nginx
x-tt-logid: 20240829123255958F7D7C3FA36740A964
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 43,23.58.89.68
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5c9eebe82bbdacf1c9207c3b79a722eb795f3787ed166e237af20866455943d5b1ed8a30bd182d7bb4a296960cbcb47a72fa333748d3e55d283108c94ebd6c035b4586851dfd89cb20019a10628b9206b
expires: Thu, 29 Aug 2024 12:32:55 GMT

GET
H2 200 track.js Show response
assets.customer.io/assets/ 7 KB
3 KB 458ms
141ms Script
application/javascript 2600:9000:266a:5400:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: www.pelago.com
URL: https://www.pelago.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:5400:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fcfdae5440da627328eae9b05b0a54eb0e545892167f7e3c88636037a5c4c79

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 05:58:42 GMT
content-encoding: br
via: 1.1 db41504392e7713d8f04462353baa97e.cloudfront.net (CloudFront)
x-amz-version-id: odzkoRMkQKzm9Qvmhal1oizSy3Yx3GJd
last-modified: Mon, 15 Apr 2024 20:40:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P5
age: 23654
x-amz-server-side-encryption: AES256
etag: W/"32a8226512dd2cca5956cdb283e5bdfe"
vary: accept-encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: H40na0xG3UK0ApwPUAbFgoBVCkIq8nAKoVkS--xrEhiccYNptfTEow==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 430ms
155ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Thu, 29 Aug 2024 12:22:45 GMT
x-amz-version-id: JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 3TA3AF65D1WW6FT0
age: 611
x-amz-server-side-encryption: AES256
content-length: 6826
x-amz-id-2: xeC/+JRbSv5gIi8/gvP0DqbQxLkmkdzbSD8TO2FxkjZC16e/bBGvBmkEWwNUyq1NH7z+osJeTJHT5jHR740QjFbA4eVSRkJF
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 28 Aug 2024 12:33:10 GMT
server: ATS
etag: "bc033c3a83e1880e480086bf11ac0b0a-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 68902.html
static.sojern.com/cip/a/ Frame AD4F 0
0 376ms
186ms Document
text/html 35.244.188.9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/cip/a/68902.html?f_v=v6_js&p_v=4&hd1=&hd2=&hc1=&hs1=&hn1=&hb=&hpr=&hr=&hc=&tch=&tad=&hsr=&hpid=&t=&hp=&hcu=&hconfno=&l=US&pc=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&sha256_eml=&sha1_eml=&md5_eml=&ccid=&vid=hot&cid=
Requested by: Host: www.pelago.com
URL: https://www.pelago.com/en-US/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.pelago.com/en-US/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: br
content-type: text/html
date: Thu, 29 Aug 2024 12:32:55 GMT
etag: W/"9f5ca46ddd98784a01a3cf573326e694"
expires: Thu, 29 Aug 2024 13:32:55 GMT
last-modified: Fri, 08 Sep 2023 05:33:33 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1694151213443616
x-goog-hash: crc32c=hcUusg== md5=n1ykbd2YeEoBo89XMybmlA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3370
x-guploader-uploadid: AHxI1nN-1MRGVtUbpQFImU_YvRkV15cQojrid7pQtrnkhJIkrOoytbYfPiNI0WjzdIoF0u8wyppmAxnGGg

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 470ms
106ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 29 Aug 2024 12:32:54 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5402F1BF282F441F850B989344F20EAC Ref B: CO1EDGE1319 Ref C: 2024-08-29T12:32:55Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H3 200 widget.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 549 KB
167 KB 94ms
93ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e26678c31d9b0a6a2198109cb4689cd8a713202f1851ee050855333b6db02fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: M+aamJ3R5iVxo34Lb/rC6Q==
age: 1515
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2695905c-601e-0069-1458-f8827f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91068f5bdbcc-LAX
expires: Thu, 29 Aug 2024 13:02:54 GMT

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
305 B 922ms
363ms Fetch
application/json 54.169.169.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.169.4 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
x-amzn-trace-id: Root=1-66d06a77-6df00e964e4c0d974f32180a;Parent=4b31e2f1acec60aa;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 8fcc923f-f384-4e7c-92d0-55ed02e3c28a
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dRWSuFZFSQ0EGRw=
content-length: 29

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
307 B 846ms
291ms Fetch
application/json 54.169.169.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.169.4 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
x-amzn-trace-id: Root=1-66d06a77-2fb7b7dd7bcbd0544ef4f142;Parent=1b11b2843ce0c399;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 043fd7ca-99e0-40cf-88f5-4859ded0484e
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dRWSuFUJSQ0EZYA=
content-length: 29

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
305 B 876ms
320ms Fetch
application/json 54.169.169.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.169.4 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
x-amzn-trace-id: Root=1-66d06a77-7daf303501c5b99018eece55;Parent=7bc98d350ec9fcf1;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: 2cc4c7e6-3df3-44fa-9d9e-0cdca1ac6e70
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dRWSuHIISQ0EKBA=
content-length: 29

GET
H2 200 rating-stars-empty.svg
www.pelago.com/ 4 KB
1 KB 839ms
836ms Image
image/svg+xml 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/rating-stars-empty.svg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/css/815108c7d73e4190.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

CloudFront /

Resource Hash

f3601deda38558b1705e1e4506c4e116875714a890c35b38e4170ee8803175a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/_next/static/css/815108c7d73e4190.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK50-P7
content-security-policy-report-only: default-src 'self' 'unsafe-inline' blob: data: https:; report-to csp-endpoint
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
reporting-endpoints: csp-endpoint="/csp-report"
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:19:47 GMT
server: CloudFront
etag: W/"ede-1918dc50cb8"
vary: Accept-Encoding
report-to: {"group":"csp-endpoint","endpoints":[{"url":"/csp-report"}]}
content-type: image/svg+xml
x-frame-options: DENY
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: ako4kuRdoB7zUmTpIgvogu-uk63Vr8E2lNIzcN7UcHyjO52XJTi3sg==

GET
H2 200 rating-stars-filled.svg
www.pelago.com/ 3 KB
1 KB 1030ms
1029ms Image
image/svg+xml 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/rating-stars-filled.svg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/css/815108c7d73e4190.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

CloudFront /

Resource Hash

725406802328f7b86a22825fae66633afa06e6114bbdace1ea6c7f09b51cc3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/_next/static/css/815108c7d73e4190.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK50-P7
content-security-policy-report-only: default-src 'self' 'unsafe-inline' blob: data: https:; report-to csp-endpoint
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
reporting-endpoints: csp-endpoint="/csp-report"
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:19:47 GMT
server: CloudFront
etag: W/"c14-1918dc50cb8"
vary: Accept-Encoding
report-to: {"group":"csp-endpoint","endpoints":[{"url":"/csp-report"}]}
content-type: image/svg+xml
x-frame-options: DENY
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: NPlLd43LbamKCpQpJtEDWTSJXT9BqQ2dJ49HxR2V-IwH0ZWgyzQDpw==

POST
H2 200 stream Show response
ds.pelago.co/graphql/ 29 B
305 B 986ms
528ms Fetch
application/json 54.169.169.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.pelago.co/graphql/stream
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.169.169.4 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-169-4.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Aug 2024 12:32:55 GMT
x-amzn-trace-id: Root=1-66d06a77-2d90c50f37c37f5b7d56f82f;Parent=192bc7c946abae46;Sampled=0;lineage=a384e11c:0
x-amzn-requestid: cc69f919-b0d4-40e1-9596-71e0628381a4
x-custom-header: Event streaming POST response
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dRWSwHi0SQ0EFCQ=
content-length: 29

GET
H2

200

0619-0958_newyork-medium.jpg
www.pelago.com/img/destinations/new-york/
Redirect Chain

https://www.pelago.co/img/destinations/new-york/0619-0958_newyork-medium.jpg
https://www.pelago.com/img/destinations/new-york/0619-0958_newyork-medium.jpg

32 KB
33 KB

146ms
141ms

Image
image/jpeg

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/destinations/new-york/0619-0958_newyork-medium.jpg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

90379c069076cf6e70ed0ade09175b04c54c5854b7093d52055b6296542ebe15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 12:31:17 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 518499
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 32728
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Nov 2023 15:14:07 GMT
server: AmazonS3
etag: "bcd5151e17c4b1885d4cd4358be7b9c3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: -O5tn8Z4n_kx6yrn8XPe1JoQkSdA-R-8wcPO3OQyU6aqEJcp04dsHg==

Redirect headers

date: Thu, 29 Aug 2024 12:32:55 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/destinations/new-york/0619-0958_newyork-medium.jpg
content-length: 0
x-amz-cf-id: z0jqQ5gxwbx9ea7tnxVkuuuWUF8mGInNG1Tw5Kr44dhKAzTWcsM-tg==

GET
H2

200

0502-0436_bangkok-medium.jpg
www.pelago.com/img/destinations/bangkok/
Redirect Chain

https://www.pelago.co/img/destinations/bangkok/0502-0436_bangkok-medium.jpg
https://www.pelago.com/img/destinations/bangkok/0502-0436_bangkok-medium.jpg

59 KB
59 KB

155ms
150ms

Image
image/jpeg

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/destinations/bangkok/0502-0436_bangkok-medium.jpg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3be80a76c7eba83023c37de598a89e23667f70948f6c80ff8a5fd0ea58f51445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 13:51:52 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 254464
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 60245
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 05 Nov 2023 15:23:07 GMT
server: AmazonS3
etag: "67eb68e9cbb7b0b9bf539a7482adde11"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: BSOuJ4zKKXMBwGKpSTAmoT-UW3mOI9FRlVbisuKAMmt_AqEqDSKPOg==

Redirect headers

date: Thu, 29 Aug 2024 12:32:55 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/destinations/bangkok/0502-0436_bangkok-medium.jpg
content-length: 0
x-amz-cf-id: P6P0Org9HJMr___0pJTu2imlcQHP4sOYm2NWbp-rwqX3C8ENYCOrhA==

GET
H2

200

0502-0403_phuket-medium.jpg
www.pelago.com/img/destinations/phuket/
Redirect Chain

https://www.pelago.co/img/destinations/phuket/0502-0403_phuket-medium.jpg
https://www.pelago.com/img/destinations/phuket/0502-0403_phuket-medium.jpg

61 KB
61 KB

147ms
143ms

Image
image/jpeg

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/destinations/phuket/0502-0403_phuket-medium.jpg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5be24e7f2ed9c2bcea4a0ab6e9b8b7c80d72b9101e3df272e61145c4fa4b09cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 09:10:53 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 530523
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 61999
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Nov 2023 15:14:09 GMT
server: AmazonS3
etag: "f935ab6f8b347d4f487adc0aba87110e"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: -j4FsUuAHNwEFrgOKhnE-daVthSildnlFIYIk_B1UUnbmkeuymdTBg==

Redirect headers

date: Thu, 29 Aug 2024 12:32:55 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/destinations/phuket/0502-0403_phuket-medium.jpg
content-length: 0
x-amz-cf-id: OmYAwtM1_5mW84OJl6Fkb_DhB1z8Vfl5Ie1-ESXsA1RgmXbogwEMNQ==

GET
H2

200

0721-0316_kualalumpur-medium.jpg
www.pelago.com/img/destinations/kuala-lumpur/
Redirect Chain

https://www.pelago.co/img/destinations/kuala-lumpur/0721-0316_kualalumpur-medium.jpg
https://www.pelago.com/img/destinations/kuala-lumpur/0721-0316_kualalumpur-medium.jpg

59 KB
59 KB

167ms
162ms

Image
image/jpeg

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/destinations/kuala-lumpur/0721-0316_kualalumpur-medium.jpg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

34e00d1fc0cfb3fbcb3c4c23c4e5ceccdc8c4616ff5c148f59b71641d5e9c0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 02:48:04 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 467091
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 60196
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Nov 2023 15:14:01 GMT
server: AmazonS3
etag: "17687e67f3138b9246bea4f7502ed58a"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: mzRJpIKluvVst2F2ePJILGTGnMmThSQAG67ZKlpLev3dylRnivXr3g==

Redirect headers

date: Thu, 29 Aug 2024 12:32:55 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/destinations/kuala-lumpur/0721-0316_kualalumpur-medium.jpg
content-length: 0
x-amz-cf-id: AP0bElrQqvcJd24mY11FVGsvhZ2ROcXw1bERt3oZnSn3_qyV3T7aug==

GET
H2

200

0922-0315_hero-image-medium.jpg
www.pelago.com/img/destinations/tokyo/
Redirect Chain

https://www.pelago.co/img/destinations/tokyo/0922-0315_hero-image-medium.jpg
https://www.pelago.com/img/destinations/tokyo/0922-0315_hero-image-medium.jpg

41 KB
41 KB

159ms
155ms

Image
image/jpeg

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/destinations/tokyo/0922-0315_hero-image-medium.jpg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d739033b519593af33dbceb6d48d5bcab335df2ac60208b80d5e8483cb0bf3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:08:55 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 595441
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41693
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Nov 2023 15:33:57 GMT
server: AmazonS3
etag: "1b278ad1a1ec2e07359789e4e86f2135"
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: -7SgV3S_v2ONa7DyfaHHr9Getx0P3UGPm7_Qo6rWniRHjiQlMzLBvA==

Redirect headers

date: Thu, 29 Aug 2024 12:32:55 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/destinations/tokyo/0922-0315_hero-image-medium.jpg
content-length: 0
x-amz-cf-id: fdeh0-RjmzAoB-EK7jnY-eELk2YL0CXY8VQa0PZRX89nWKSf8KgUXQ==

GET
H2

200

hero-image-medium.jpg
www.pelago.com/img/destinations/singapore/
Redirect Chain

https://www.pelago.co/img/destinations/singapore/hero-image-medium.jpg
https://www.pelago.com/img/destinations/singapore/hero-image-medium.jpg

41 KB
42 KB

166ms
162ms

Image
image/jpeg

18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pelago.com/img/destinations/singapore/hero-image-medium.jpg

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5356f883c6a82669ea0fd6190aa85232b4d04ca9d32a7ad379f044a77eb1be27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 08:30:33 GMT
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-permitted-cross-domain-policies: none
age: 14543
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41882
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Nov 2023 15:21:38 GMT
server: AmazonS3
etag: "8cc0f47f03dd3ba633724aa796eb62fe"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: EYUFTlghk0tzABjbjvdzINFOhVrJNuZIpQUpLzGQSUeJEnZ8LLsBXQ==

Redirect headers

date: Thu, 29 Aug 2024 12:32:55 GMT
via: 1.1 9bafc5788cf742a553f677679fa9ca76.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P5
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.pelago.com/img/destinations/singapore/hero-image-medium.jpg
content-length: 0
x-amz-cf-id: Aby1tNHESWWMre5nQ3xBSBXc264WUBP04M5mM_ZnbKH2pEczR_jRSg==

GET ce16a60a-e8f1-46f1-ae08-d35996778d43
https://www.pelago.com/ Frame 0
0

GET
H3 200 ym_toast.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 6 KB
3 KB 88ms
87ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_toast.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fde2605c1edae449eb99cc527344e0a3d8a5a236ab91f752995e43424ff57f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: WGcLJEYzoUPcuFz0/DYo3Q==
age: 1512
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9ac031e0-801e-0057-0758-f80bdd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9108d923dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:55 GMT

GET
H3 200 ym_skeleton.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 6 KB
3 KB 102ms
98ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym_skeleton.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9105996da21f9cc26f45769b4182cdc3081e172eb3753ea0413698e1dea8a8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: BLee1RygfkLEDb2bF+Uylw==
age: 1515
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3aeb3150-a01e-0038-2658-f84927000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91090943dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:55 GMT

GET
H3 200 ym-file-upload-utils.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 9 KB
4 KB 100ms
92ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym-file-upload-utils.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b36a31f40881097e561d5ae3ddd1bb2f560fa169af4d343cecfc4561803458f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: yIRv195g3oS7E04/GceI3A==
age: 1515
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 835bf0f7-401e-0042-6658-f85467000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9109094adbcc-LAX
expires: Thu, 29 Aug 2024 13:02:55 GMT

GET
H2

200

activityi;dc_pre=CN2kyOSamogDFcyHjggdjxEgIw;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
4645703.fls.doubleclick.net/ Frame E27D
Redirect Chain

https://4645703.fls.doubleclick.net/activityi;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
https://4645703.fls.doubleclick.net/activityi;dc_pre=CN2kyOSamogDFcyHjggdjxEgIw;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab...

0
0

223ms
221ms

Document
text/html

142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4645703.fls.doubleclick.net/activityi;dc_pre=CN2kyOSamogDFcyHjggdjxEgIw;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4645703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:32:55 GMT
expires: Thu, 29 Aug 2024 12:32:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:32:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4645703.fls.doubleclick.net/activityi;dc_pre=CN2kyOSamogDFcyHjggdjxEgIw;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=4...
td.doubleclick.net/td/fls/rul/ Frame B269 0
0 489ms
177ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-4645703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:32:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi...
ad.doubleclick.net/ 0
23 B 504ms
212ms Image
image/png 142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=4645703;type=siaco0;cat=phd_s0b1;ord=4597145836461;npa=0;auiddc=765675281.1724934775;ps=1;pcor=945488362;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe48r0v9181660167z8833390310za201zb833390310;gcd=13l3l3l3l1l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F?

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:55 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"5724063323055106813"}],"aggregatable_trigger_data":[{"filters":[{"14":["14492275"]}],"key_piece":"0x22dbe03fc061ea8c","source_keys":["12","13","14","15","16","17","18","19","20","21","16736652","16736653","16736654","16736655","19852160","19852161","19852162","19852163","628619216","628619217","628619218","628619219","628833436","628833437","628833438","628833439","628884908","628884909","628884910","628884911","638122464","638122465","638122466","638122467","638531392","638531393","638531394","638531395","638635548","638635549","638635550","638635551","900175844","900175845","900175846","900175847"]},{"key_piece":"0xde7b71562f4efa62","not_filters":{"14":["14492275"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16736652","16736653","16736654","16736655","19852160","19852161","19852162","19852163","628619216","628619217","628619218","628619219","628833436","628833437","628833438","628833439","628884908","628884909","628884910","628884911","638122464","638122465","638122466","638122467","638531392","638531393","638531394","638531395","638635548","638635549","638635550","638635551","900175844","900175845","900175846","900175847"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16736652":36,"16736653":36,"16736654":36,"16736655":3530,"17":65,"18":6356,"19":65,"19852160":34,"19852161":34,"19852162":34,"19852163":3345,"20":65,"21":6356,"628619216":32,"628619217":32,"628619218":32,"628619219":3177,"628833436":32,"628833437":32,"628833438":32,"628833439":3177,"628884908":32,"628884909":32,"628884910":32,"628884911":3177,"638122464":65,"638122465":65,"638122466":65,"638122467":6356,"638531392":32,"638531393":32,"638531394":32,"638531395":3177,"638635548":81,"638635549":81,"638635550":81,"638635551":7946,"900175844":65,"900175845":65,"900175846":65,"900175847":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"18192954057429745961","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5724063323055106813","filters":[{"14":["14492275"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5724063323055106813","filters":[{"14":["14492275"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5724063323055106813","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5724063323055106813","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["4645703"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 954065941605939 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 237ms
237ms Script
application/x-javascript 31.13.71.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/954065941605939?v=2.9.166&r=stable&domain=www.pelago.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-lga3.fbcdn.net

Software

Resource Hash

1c9a95cad6158cacbd358cb74bdc25ce3886c1bb43046fdad071a3e8adf24904

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:32:55 GMT
document-policy: force-load-at-top
x-fb-server-load: 51
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=140, rtx=0, c=78, mss=1232, tbw=71842, tp=70, tpl=0, uplat=94, ullat=0
pragma: public
x-fb-debug: 4XjVHYNy+CYEFf4T6TCrO4gD5DcMsXWtxjL322TQvWW8K9VDhfExG+OKa87XpzFmlURiHcfnOUNETQB2qbtxng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 260ms
97ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TJ6G1HY8VL&gtm=45je48r0v877721759z8833390310za200zb833390310&_p=1724934773756&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=103799112.1724934775&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1724934775&sct=1&seg=0&dl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&dt=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&en=page_view&_fv=1&_nsi=1&_ss=1&up.user_id_dimension=&up.customer_id=&tfd=9327
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pelago.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 431ms
145ms Ping
text/plain 2607:f8b0:4004:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TJ6G1HY8VL&cid=103799112.1724934775&gtm=45je48r0v877721759z8833390310za200zb833390310&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pelago.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame A2BD 0
0 218ms
164ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-TJ6G1HY8VL&gacid=103799112.1724934775&gtm=45je48r0v877721759z8833390310za200zb833390310&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=2138620201

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJ6G1HY8VL&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:32:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/331425177/ 5 KB
2 KB 441ms
161ms Script
text/javascript 142.251.40.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/331425177/?random=1724934775590&cv=11&fst=1724934775590&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-331425177&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f2.1e100.net

Software

cafe /

Resource Hash

acbf778367c429166ef96db2048ae6bf313ae659cbb031dc587df5e841d63761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 331425177
td.doubleclick.net/td/rul/ Frame D0EC 0
0 191ms
187ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/331425177?random=1724934775590&cv=11&fst=1724934775590&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-331425177&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Aug 2024 12:32:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.MTcyODg5NjdlMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 331 KB
94 KB 177ms
177ms Script
application/javascript 23.206.172.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyODg5NjdlMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CAP8FP3C77U56BB6BKP0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-50.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 54ae42560c522ac01e50987d61ab619b919f6bc82f37879d750bafb4640c7de2

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 212fff1
date: Thu, 29 Aug 2024 12:32:55 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240827123058C8DB944A1377E85B4C2D
x-tt-trace-id: 00-240827123058C8DB944A1377E85B4C2D-5542D1B593B20681-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-58-89-68.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010307feba198b222b2b89afd2bf2babe2c048b55150ea61131f7558e7509e1084c4e9492ab5ae9d7f68a924303132d83bc3577dd00596bff225d2c0080c43d4c059776b59f605e43fa70ffaa42e2366934e20a538dad0f447120cd2c2465636cf
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
content-length: 95220

GET
H2 200 343065587.js Show response
bat.bing.com/p/action/ 335 B
403 B 112ms
111ms Script
application/javascript 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/343065587.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fb08a8ba57af1d48c2ccb1ea1240bf6654bab21ff680f518d1fbbb486c204e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 29 Aug 2024 12:32:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 104BFBF7CDC54524A2FD23E7277C3CD2 Ref B: CO1EDGE1319 Ref C: 2024-08-29T12:32:55Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 10193912.json Show response
s.yimg.com/wi/config/ 2 B
465 B 417ms
143ms XHR
application/json 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10193912.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 29 Aug 2024 11:49:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: SK9A58Q70S1GHZJV
age: 2634
content-length: 2
x-amz-id-2: lDKlzDLdNh6lwMmM91Q33JYsLQ9TqpTNkjej3DGqcqOW0nmMNK1HamBPUA0/sA9SpiqcbJOf6po=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 422ms
140ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=954065941605939&ev=PageView&dl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&rl=&if=false&ts=1724934775981&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1724934775967.844209373754412320&hmd=0bec33eb73dc770cdc6f33de&pl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&ler=empty&cdl=API_unavailable&it=1724934775377&coo=false&tm=1&rqm=GET

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=2813, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Aug 2024 12:32:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 528ms
246ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=954065941605939&ev=PageView&dl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&rl=&if=false&ts=1724934775981&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=4126&fbp=fb.1.1724934775967.844209373754412320&hmd=0bec33eb73dc770cdc6f33de&pl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&ler=empty&cdl=API_unavailable&it=1724934775377&coo=false&tm=1&rqm=FGET

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 29 Aug 2024 12:32:56 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408538452610802745", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=10, mss=1297, tbw=3127, tp=-1, tpl=-1, uplat=102, ullat=0
pragma: no-cache
x-fb-debug: joydNA2WnVwRk1aie15LlX1PsFv07lEGWH+CGQ8quC2BEr6PihUPDkeZlig/4JMNX+dkgtB0VpXxlZufsOq73w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408538452610802745"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ 133 B
572 B 564ms
149ms Fetch
application/json 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&buyer_pixel_id=10279
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66bbbb65fb49ebf3fb87ffae9e3ddef93d6297d40ece77002265b1c14fcf66a1

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Aug 2024 12:32:56 GMT
Observe-Browsing-Topics: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pelago.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
Expires: Thu, 29 Aug 2024 12:32:56 GMT

GET
H2 204 0
bat.bing.com/action/ 0
359 B 106ms
105ms Image
text/plain 2620:1ec:33:3::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=343065587&Ver=2&mid=f3c89104-4baf-418f-8d9e-0c837f56e699&sid=d160c8a0660211efb30d4979933b3a57&vid=d1611520660211ef8107cb1d0ef020c6&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Book%20activities,%20attraction%20tickets,%20and%20things%20to%20do%20-%20Pelago&p=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&r=&lt=7790&evt=pageLoad&sv=1&cdb=AQAQ&rn=917910

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:3::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Aug 2024 12:32:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8953AE3D1E0A41E5964C9563E4B04BEA Ref B: CO1EDGE1319 Ref C: 2024-08-29T12:32:56Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 widget-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 120 KB
22 KB 94ms
94ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25a390f13809556e24125968d637e32ba68a03548f7e2f9e11490e6dbb13ea96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 7lo4TNkcXSRE1lHRA+pwEA==
age: 1516
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 589265e1-c01e-0011-5a58-f87753000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac910eadb9dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:56 GMT

POST
H2 200 bot-load-details Show response
r0.cloud.yellow.ai/api/plugin/ Frame 6143 2 KB
744 B 343ms
341ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/bot-load-details?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

855119b71e7556b665dac67766a52da698a757bcdc0be04874e9b76a4e3d6205

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
x-ym-bot-id: x1689135807776
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Aug 2024 12:32:57 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"60b-wYN6uetdmXPLDU8XJGK7GxYX9Kk"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8bac9114db962b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

OPTIONS
H2 200 bot-load-details
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 988ms
820ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/bot-load-details?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8bac910faef72b56-LAX
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/331425177/ 42 B
64 B 158ms
157ms Image
image/gif 142.251.40.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/331425177/?random=1724934775590&cv=11&fst=1724932800000&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnff6yMl8ZsErFx2awF51ukbol71X3kNw&random=3826925051&rmt_tld=0&ipr=y

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.196 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
670 B 419ms
135ms Image
image/gif 50.17.194.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2029%20Aug%202024%2012%3A32%3A56%20GMT&n=10&b=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&.yp=10193912&f=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&enc=UTF-8&yv=1.16.5&tagmgr=gtm

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/en-US/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

50.17.194.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-17-194-92.compute-1.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Aug 2024 12:32:56 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.134
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Aug 2024 12:32:56 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
40 KB 144ms
144ms Script
application/javascript 23.206.172.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyODg5NjdlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-50.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 213013d
date: Thu, 29 Aug 2024 12:32:56 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408061913258435689CE415E98077BB
x-tt-trace-id: 00-2408061913258435689CE415E98077BB-195B090BBF7C9BCF-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-58-89-68.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e10cb6773c2b58095eeee787d98a6c6cd1faf5375857e19be7389d71fac41f461d6add66d502e5160f2a482999dbfaa1924d08666268999c55dd10ce86a8b1a994e58b6b0cb129c18bcbf1c6cc18af01f6503f5a19064d77be3454f9f673ae03
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 40268

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 183ms
181ms Ping
text/plain 23.206.172.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyODg5NjdlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-50.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 213014b
date: Thu, 29 Aug 2024 12:32:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240829123256958F7D7C3FA36740AA2F-6DC92BFF7A29A3D1-00
x-cache: TCP_MISS from a23-58-89-68.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing: inner; dur=28, cdn-cache; desc=MISS, edge; dur=7, origin; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240829123256958F7D7C3FA36740AA2F
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.58.89.68
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5c9eebe82bbdacf1c9207c3b79a722eb795f3787ed166e237af20866455943d5b7f9fabcc8327401f4e6e921b64d4fbc8cb1a1b9cbae1311387e2ecd95d3bb4319b9197289ff26bd30385c3f65d9f2699
access-control-allow-headers: Authorization,*
expires: Thu, 29 Aug 2024 12:32:56 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
698 B 176ms
172ms Ping
text/plain 23.206.172.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcyODg5NjdlMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-50.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 21301ec
date: Thu, 29 Aug 2024 12:32:56 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408291232561F0B5B440C760E2513D0-7550E951EA4DD98E-00
x-cache: TCP_MISS from a23-58-89-68.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=9, origin; dur=27
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202408291232561F0B5B440C760E2513D0
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,23.58.89.68
x-tt-trace-host: 01517621e153f4e6597b2abfd402ed4ae5c9eebe82bbdacf1c9207c3b79a722eb75754d58dc66ee62859707b73b67c28cae803ea8c46d896f9f6c388635d07baaac703b26a69e0355cfb7fcfc657c1167517ccb02c1fd7694532eb0b4e1c56b220
access-control-allow-headers: Authorization,*
expires: Thu, 29 Aug 2024 12:32:56 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
608 B 174ms
172ms Stylesheet
text/css 2607:f8b0:4004:c07::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EakpaAHqybywFq_MYpdh2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:56 GMT
content-security-policy: script-src 'report-sample' 'nonce-EakpaAHqybywFq_MYpdh2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Thu, 29 Aug 2024 12:32:56 GMT

GET
H2 200 loader_v3.9.10.js Show response
metrics.pelago.com/web/v3/s9arFzVg3r8aFU1sNcBk/ 159 KB
57 KB 1093ms
512ms Script
text/javascript 3.33.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.pelago.com/web/v3/s9arFzVg3r8aFU1sNcBk/loader_v3.9.10.js

Requested by

Host: www.pelago.com
URL: https://www.pelago.com/_next/static/chunks/pages/_app-a144601ebe02f6c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a42e3a3bc5d7c0f11.awsglobalaccelerator.com

Software

awselb/2.0 /

Resource Hash

9f0e70ff8c8da2dd679349825302a8d2653f9a9e36b19728ed50ecf5153c5562

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
server: awselb/2.0
etag: W/"LpOEtt7p4jgx/1IwYklZUek8qB8"
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3539, s-maxage=620333
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
timing-allow-origin: *
content-length: 58080

GET
H/1.1 200
OK tag.html
fledge.teads.tv/v1/interest-group/ Frame B466 0
0 557ms
148ms Document
text/html 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fledge.teads.tv/v1/interest-group/tag.html
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.pelago.com/en-US/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Ad-Auction-Allowed: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 535
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Aug 2024 12:32:57 GMT
Expires: Thu, 29 Aug 2024 12:32:57 GMT
Pragma: no-cache

GET
H2 200 track
t.teads.tv/ 23 B
0 595ms
165ms Fetch
image/gif 23.199.49.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t.teads.tv/track?action=browser-topics&env=js-gtm&tag_version=6.20.0_03d6d47&provider=tag&buyer_pixel_id=10279&referer=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&user_session_id=71d65bad-4320-44e3-bc9f-6d355d6d2055
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:57 GMT
observe-browsing-topics: ?1
content-type: image/gif
access-control-allow-origin: https://www.pelago.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
134 B 589ms
156ms Image
image/gif 23.199.49.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-gtm&tag_version=6.20.0_03d6d47&provider=tag&buyer_pixel_id=10279&referer=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&user_session_id=71d65bad-4320-44e3-bc9f-6d355d6d2055
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 29 Aug 2024 12:32:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK conversion
cm.teads.tv/v3/ 0
529 B 558ms
145ms Image
text/plain 23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.teads.tv/v3/conversion?action=pageView&env=js-gtm&tag_version=6.20.0_03d6d47&provider=tag&buyer_pixel_id=10279&referer=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&user_session_id=71d65bad-4320-44e3-bc9f-6d355d6d2055
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Attribution-Reporting-Register-Trigger: {"event_trigger_data":[{"trigger_data":"6","priority":"0","deduplication_key":"1724934777","filters":[{"trigger_data_label":["visit"],"source_type":["navigation"]}]}],"debug_reporting":true}
Date: Thu, 29 Aug 2024 12:32:57 GMT
Observe-Browsing-Topics: ?1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 29 Aug 2024 12:32:57 GMT

GET
H2 200 page.gif
track.customer.io/events/ 35 B
89 B 341ms
144ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=5cb89d29-b5fb-08a0-8d8e-431bc5e6d1f4&site_id=97842d03f9edaf99a5ae&timestamp=1724934776696
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:56 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 page.gif
track.customer.io/events/ 35 B
265 B 340ms
143ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&data%5BgeoCountryCode%5D=&data%5BgeoCity%5D=&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=5cb89d29-b5fb-08a0-8d8e-431bc5e6d1f4&site_id=97842d03f9edaf99a5ae&timestamp=1724934776697
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:56 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 favicon.ico
www.pelago.com/ 15 KB
2 KB 802ms
801ms Other
image/x-icon 18.164.124.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelago.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-124-75.jfk50.r.cloudfront.net

Software

CloudFront /

Resource Hash

52326f63b04de8c91e258b6999b28550b2aba53d211f094178be53924cbfefaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:57 GMT
content-encoding: gzip
via: 1.1 5be3f9599d5a17cae6efd973ffca7c22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: JFK50-P7
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 26 Aug 2024 08:19:47 GMT
server: CloudFront
etag: W/"3c2e-1918dc50cb8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/x-icon
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: QrohQ9QW7G-eWBbBDs-WyZXuCcLMwac5EK1lSRn-iuXw_NBShQL7tw==

OPTIONS
H2 200 push-to-metrics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 823ms
822ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1689135807776&linkType=web&payload=[object%20Object]&source=yellowmessenger&subSource=null&_=1724934775104

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-ym-bot-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET,HEAD,POST
cf-cache-status: DYNAMIC
cf-ray: 8bac91173d902b56-LAX
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:32:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 open-sans.min.css
cdn.yellowmessenger.com/ Frame 6143 3 KB
1 KB 90ms
89ms Stylesheet
text/css 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans.min.css

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: cnI5v7BXL776bAJuh+msXA==
age: 7591
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:19:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 1fedb0fe-401e-006a-1c67-7965d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91171ca5dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H2 200 push-to-metrics Show response
r0.cloud.yellow.ai/api/plugin/ Frame 6143 46 B
139 B 351ms
335ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/push-to-metrics?bot=x1689135807776&linkType=web&payload=[object%20Object]&source=yellowmessenger&subSource=null&_=1724934775104

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
x-ym-bot-id: x1689135807776
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:58 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-length: 46
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"2e-Gyi7Bl4WvG7CJ8s8OsTledI1y70"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8bac911c8a792b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

GET
H3 200 strophe.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 84 KB
26 KB 93ms
92ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/strophe.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: G9n+eQa7CayAoVZa1q6AtA==
age: 1524
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 73877ff7-901e-0033-7b58-f8b24c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91174cbadbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 slick-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 9 KB
4 KB 90ms
89ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4618a98934083dfd196c53f4a9bb417be682e9189f3005340912d190a0729d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: VIymhs4I3qyRypiubGKqvw==
age: 1513
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e2fbdfeb-701e-003b-3258-f8a843000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91174cbedbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 slick.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 42 KB
11 KB 99ms
98ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/slick.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: fpfikI/QQZ66YV8VyA96kQ==
age: 1520
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 58926464-c01e-0011-8058-f87753000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91174cbfdbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ Frame 6143 2 KB
3 KB 88ms
88ms Image
image/png 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 6894
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bb0c0387-e01e-005c-1293-cdbec8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bac91174cc3dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 open-sans.min.css
cdn.yellowmessenger.com/ 3 KB
485 B 195ms
138ms Stylesheet
text/css 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans.min.css

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: cnI5v7BXL776bAJuh+msXA==
age: 7591
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:19:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 1fedb0fe-401e-006a-1c67-7965d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9117ad1ddbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ 2 KB
495 B 169ms
114ms Image
image/png 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 6894
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bb0c0387-e01e-005c-1293-cdbec8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bac9117dd45dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 IZRugqoPBiAB1724046568921.gif
cdn.yellowmessenger.com/ 143 KB
144 KB 93ms
92ms Image
image/gif 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/IZRugqoPBiAB1724046568921.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa632bf2ec0aa20ba731a7e4a849086caf2cc6fce80652b5bc3f847b3f53a1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iszdRUsFXyHqgGC8PnXpRA==
age: 894
alt-svc: h3=":443"; ma=86400
content-length: 146524
x-ms-lease-status: unlocked
last-modified: Mon, 19 Aug 2024 05:49:28 GMT
server: cloudflare
etag: 0x8DCC012B0E3A276
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
x-ms-request-id: b2e95a26-501e-0010-6efb-f17e5b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bac91178cf9dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 open-sans-latin-400-normal.woff2
cdn.yellowmessenger.com/ Frame 6143 16 KB
17 KB 186ms
102ms Font
application/octet-stream 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans-latin-400-normal.woff2

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/open-sans.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.yellowmessenger.com/open-sans.min.css
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1lETttp7pL0KWdvaWn4k1A==
age: 5202
alt-svc: h3=":443"; ma=86400
content-length: 16692
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:24:30 GMT
server: cloudflare
etag: 0x8DAEC926389A476
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 7dfc3903-901e-0017-25c6-bc48ce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bac9118485b08a8-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 remix.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 117 KB
17 KB 113ms
112ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/remix.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5953c3f1af06e0d3310c4927725822538723d3755de0239daddac92a01c52f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: rniUSD76uYqWXP5KpRp63w==
age: 1519
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c984e4ba-701e-0031-1a58-f844fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9117fd69dbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 compact-css.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 5 KB
3 KB 90ms
90ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/compact-css.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ae83c2ac8d4ebc1452f3dfda778d874215a79d466df68adbcf0b97b0ed095e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Zcg9ayFDWFbe1OfFGiHi7g==
age: 1512
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2b7636bc-501e-0019-4558-f82555000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9117fd6bdbcc-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H3 200 open-sans-latin-400-normal.woff2
cdn.yellowmessenger.com/ 16 KB
483 B 90ms
89ms Font
application/octet-stream 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/open-sans-latin-400-normal.woff2

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/open-sans.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.yellowmessenger.com/open-sans.min.css
Origin: https://www.pelago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:32:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1lETttp7pL0KWdvaWn4k1A==
age: 5202
alt-svc: h3=":443"; ma=86400
content-length: 16692
x-ms-lease-status: unlocked
last-modified: Mon, 02 Jan 2023 07:24:30 GMT
server: cloudflare
etag: 0x8DAEC926389A476
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 7dfc3903-901e-0017-25c6-bc48ce000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bac9119294e08a8-LAX
expires: Thu, 29 Aug 2024 13:02:57 GMT

GET
H2 200 5J Show response
metrics.pelago.com/oysRWg/F0vEkh/a-1IS/ 96 B
447 B 873ms
315ms XHR
text/plain 3.33.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.pelago.com/oysRWg/F0vEkh/a-1IS/5J?q=s9arFzVg3r8aFU1sNcBk

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.119.0/bundle.tracing.es5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a42e3a3bc5d7c0f11.awsglobalaccelerator.com

Software

Resource Hash

61672763ef17dc622d4c145e590a6140a71b5766b813bca79d9e365ffcceba24

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pelago.com/en-US/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:32:58 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H3 200 ticket-details.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 9 KB
4 KB 86ms
86ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71022826bd0b211a297065e44f5c6de8d5cc989be7c7d1c44b390c4affad9305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: e+n2VozAdlINPJTII0b6TA==
age: 1519
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 64fd39a7-801e-0061-3358-f89870000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac91289b42dbcc-LAX
expires: Thu, 29 Aug 2024 13:03:00 GMT

OPTIONS
H2 200 active-ticket-details
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 337ms
337ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/active-ticket-details?uid=539982456730326121926063549956&bot=x1689135807776&source=yellowmessenger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: GET
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET,HEAD
cf-cache-status: DYNAMIC
cf-ray: 8bac91292dae2b56-LAX
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:33:00 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 active-ticket-details Show response
r0.cloud.yellow.ai/api/plugin/ Frame 6143 97 B
176 B 346ms
346ms Fetch
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/active-ticket-details?uid=539982456730326121926063549956&bot=x1689135807776&source=yellowmessenger

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ticket-details.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f7768e13aaf8fad07e874e94019ca9cd37a896ca04455c7b375432d8a8a6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

x-ym-bot-id: x1689135807776
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Aug 2024 12:33:00 GMT
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"61-bNw1M7CR/xgapEkxLrsjtkVpo2s"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8bac912b4f5b2b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id

GET
H2 200 list-campaigns Show response
r0.cloud.yellow.ai/api/engagements/inbound/ Frame 6143 46 B
420 B 90ms
89ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/engagements/inbound/list-campaigns?bot=x1689135807776&uid=539982456730326121926063549956&_=1724934775105

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 49
content-length: 46
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"2e-r4PPgw/jRLNCglXgL/2LB7fi/Gg"
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=60
feature-policy: geolocation 'self'
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 8bac912aff122b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires: 0

GET
H3 200 ne99VSxI2J1N1692173121082.png
cdn.yellowmessenger.com/ Frame 6143 2 KB
495 B 88ms
88ms Image
image/png 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.yellowmessenger.com/ne99VSxI2J1N1692173121082.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:33:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kWZ0gFofCickfaHjzqfi5g==
age: 6898
alt-svc: h3=":443"; ma=86400
content-length: 2538
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 08:05:21 GMT
server: cloudflare
etag: 0x8DB9E2F89856CB8
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: bb0c0387-e01e-005c-1293-cdbec8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bac912d8f4ddbcc-LAX
expires: Thu, 29 Aug 2024 13:03:01 GMT

OPTIONS
H2 200 receive
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 0
0 831ms
830ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id,x-ym-message-origin,x-ym-trace-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8bac912d89b22b56-LAX
content-encoding: br
content-security-policy: default-src 'self'
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:33:01 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 receive Show response
r0.cloud.yellow.ai/integrations/yellowmessenger/ Frame 6143 359 B
381 B 357ms
355ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/yellowmessenger/receive?bottype=production&bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcddb5c30e531b4489f2054173f9203f3c7ea9379881ef5201da6a888537fe31

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
x-ym-bot-id: x1689135807776
Referer
x-ym-trace-id: 539982456730326121926063549956_jmfUbrbU3MPEVxnkeX1jJ
x-ym-message-origin: web-widget
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Aug 2024 12:33:02 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
content-encoding: br
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"167-tnvmz+jZNC+Y7AZZeipTf0njEUI"
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-frame-options: DENY
cf-ray: 8bac9132be622b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-ym-trace-id,x-ym-message-origin,platform,x-ym-bot-id,x-app-id

POST
H2 200 send-event Show response
r0.cloud.yellow.ai/integrations/analytics/ Frame 6143 2 B
115 B 341ms
339ms XHR
text/plain 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/analytics/send-event?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 29 Aug 2024 12:33:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
server: cloudflare
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-frame-options: DENY
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
feature-policy: geolocation 'self'
access-control-allow-credentials: true
cf-ray: 8bac91332eb12b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
expires: 0

OPTIONS
H2 200 send-event
r0.cloud.yellow.ai/integrations/analytics/ Frame 0
0 808ms
808ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/integrations/analytics/send-event?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-api-key,x-app-id
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8bac912e1a1d2b56-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:33:01 GMT
expires: 0
feature-policy: geolocation 'self'
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 200 update-user-info
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 340ms
340ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/update-user-info?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8bac9134f8542b56-LAX
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:33:02 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST update-user-info
r0.cloud.yellow.ai/api/plugin/ Frame 6143 0
0

POST
H2 200 x1689135807776 Show response
r0.cloud.yellow.ai/api/status/message/ Frame 6143 33 B
95 B 351ms
349ms XHR
application/json 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/status/message/x1689135807776?bot=x1689135807776

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Aug 2024 12:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8bac913bfe4c2b56-LAX
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-app-id
content-length: 33

GET
H3 200 ym-chat-autoPopUp.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 4 KB
2 KB 88ms
88ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ym-chat-autoPopUp.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7000194c03655eaaaacd06c42896818c426875dffc25e6bc796468b9374c41ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Nmzd19SGG/mAsO9fNnW7vQ==
age: 1522
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e4a9a475-e01e-005b-4658-f8d4dc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac9139e981dbcc-LAX
expires: Thu, 29 Aug 2024 13:03:03 GMT

OPTIONS
H2 204 x1689135807776
r0.cloud.yellow.ai/api/status/message/ Frame 0
0 336ms
335ms Preflight 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/status/message/x1689135807776?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
cf-cache-status: DYNAMIC
cf-ray: 8bac9139ec6f2b56-LAX
date: Thu, 29 Aug 2024 12:33:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H3 200 process-quick-replies.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 19 KB
6 KB 108ms
104ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/process-quick-replies.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e9878d1bbe85bfe5785c5881d7e88db7f388f4f5b811b4456f6b7ed4cda34d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Uhyqa22snM0cUuuVgfUP7Q==
age: 1516
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b0711c0e-501e-0003-7758-f80c83000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac913cdc37dbcc-LAX
expires: Thu, 29 Aug 2024 13:03:03 GMT

GET
H3 200 5092.min.js Show response
cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/ Frame 6143 21 KB
6 KB 88ms
88ms Script
application/javascript 104.18.1.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/5092.min.js

Requested by

Host: cdn.yellowmessenger.com
URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/widget.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b150fe8f4ec42d4d86fe90a8e03bed102e7e9a1af6dadbebbe9b7453bedbc41c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Aug 2024 12:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: K64uQniZcsLCnFHtvXG1bA==
age: 1523
alt-svc: h3=":443"; ma=86400
x-ms-lease-status: unlocked
last-modified: Tue, 27 Aug 2024 08:07:07 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1b8d2700-601e-0055-3158-f8fd6c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8bac913dad2cdbcc-LAX
expires: Thu, 29 Aug 2024 13:03:03 GMT

OPTIONS
H2 200 analytics
r0.cloud.yellow.ai/api/plugin/ Frame 0
0 394ms
393ms Preflight
text/html 2606:4700::6812:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r0.cloud.yellow.ai/api/plugin/analytics?bot=x1689135807776

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-ym-bot-id
Access-Control-Request-Method: POST
Origin: https://www.pelago.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,x-api-key,x-ym-bot-id,x-app-id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3600
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8bac913dafc82b56-LAX
content-encoding: br
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: https: wss:;script-src 'unsafe-inline' 'unsafe-eval' https: wss: blob: data:;img-src data: https:; media-src https:;
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:33:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET destination
www.googletagmanager.com/gtag/ 0
0

GET /
www.googleadservices.com/pagead/conversion/331425177/ 0
0

GET 331425177
td.doubleclick.net/td/rul/ Frame FF06 0
0

GET /
www.facebook.com/tr/ 0
0

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.pelago.com
URL: blob:https://www.pelago.com/6aa601f7-eb79-4ff3-958d-36dae170aeab

Domain: www.pelago.com
URL: blob:https://www.pelago.com/ce16a60a-e8f1-46f1-ae08-d35996778d43

Domain: r0.cloud.yellow.ai
URL: https://r0.cloud.yellow.ai/api/plugin/update-user-info?bot=x1689135807776

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-613467960&l=dataLayer&cx=c

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/331425177/?random=1724934784745&cv=11&fst=1724934784745&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&label=BkrrCMyq-f4CEJnLhJ4B&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Domain: td.doubleclick.net
URL: https://td.doubleclick.net/td/rul/331425177?random=1724934784745&cv=11&fst=1724934784745&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48r0v892586507z8833390310za201zb833390310&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&label=BkrrCMyq-f4CEJnLhJ4B&hn=www.googleadservices.com&frm=0&tiba=Book%20activities%2C%20attraction%20tickets%2C%20and%20things%20to%20do%20-%20Pelago&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=765675281.1724934775&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Domain: www.facebook.com
URL: https://www.facebook.com/tr/?id=954065941605939&ev=SGQualityVisit10s&dl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&rl=&if=false&ts=1724934784742&sw=1600&sh=1200&v=2.9.166&r=stable&ec=1&o=4126&fbp=fb.1.1724934775967.844209373754412320&ler=empty&cdl=API_unavailable&it=1724934775377&coo=false&tm=1&rqm=GET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=954065941605939&ev=SGQualityVisit10s&dl=https%3A%2F%2Fwww.pelago.com%2Fen-US%2F&rl=&if=false&ts=1724934784742&sw=1600&sh=1200&v=2.9.166&r=stable&ec=1&o=4126&fbp=fb.1.1724934775967.844209373754412320&ler=empty&cdl=API_unavailable&it=1724934775377&coo=false&tm=1&rqm=FGET

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pelago.com/	1970-01-21 07:54:30	Name: __pelago-currency__ Value: USD
www.pelago.com/	1970-01-21 07:54:30	Name: dsUserId Value: 3bd62f66-af37-494c-a731-66a6034d1fae
www.pelago.com/	1970-01-20 23:29:04	Name: __last_click_from__ Value:
www.pelago.com/	1970-01-20 23:29:04	Name: __first_click_from__ Value: %20
www.pelago.com/	1970-01-20 23:08:56	Name: __pelago-ds-session-id__ Value: 37c0927d-6390-414c-9dea-ca00814fe0f8
www.pelago.com/	1970-01-21 08:44:54	Name: __pelag_pdp_visit__ Value: false
.pelago.com/	1970-01-21 07:54:30	Name: ph_phc_qZEHuzVWKAH9rZ3u1HG9TqdszF3rG3bObFPqvwxxiL1_posthog Value: %7B%22distinct_id%22%3A%2201919e1f-dabf-725a-95d8-fe9ed57aa849%22%2C%22%24sesid%22%3A%5B1724934774193%2C%2201919e1f-dab4-7dd8-aef5-cb8d0bbec5a5%22%2C1724934773428%5D%7D
.pelago.com/	1970-01-21 08:44:54	Name: __ssid Value: fb8711531ef80601b6c2773a020d2a5
.pelago.com/	1970-01-21 01:18:30	Name: _gcl_au Value: 1.1.765675281.1724934775
.tiktok.com/	1970-01-21 08:30:30	Name: _ttp Value: 2lKhf9NNskLbomUR4g95wSmjVt5
.pelago.com/	1970-01-21 08:44:54	Name: _ga_TJ6G1HY8VL Value: GS1.1.1724934775.1.0.1724934775.60.0.0
.pelago.com/	1970-01-21 08:44:54	Name: _ga Value: GA1.1.103799112.1724934775
.doubleclick.net/	1970-01-20 23:52:06	Name: ar_debug Value: 1
.pelago.com/	1970-01-21 01:18:30	Name: _fbp Value: fb.1.1724934775967.844209373754412320
.pelago.com/	1970-01-20 23:10:21	Name: _uetsid Value: d160c8a0660211efb30d4979933b3a57
.pelago.com/	1970-01-21 08:30:30	Name: _uetvid Value: d1611520660211ef8107cb1d0ef020c6
.doubleclick.net/	1970-01-21 08:44:54	Name: IDE Value: AHWqTUmoKK5pV6x2We4oouU106C6Z0GMJdOXAxsxs-4OoUPXqGC1e0Q1l-c0RUZ-oAA
.doubleclick.net/	1970-01-21 03:28:06	Name: receive-cookie-deprecation Value: 1
.bing.com/	1970-01-21 08:30:30	Name: MUID Value: 29409F9D782E66B613858B7779416763
.bat.bing.com/	1970-01-20 23:18:59	Name: MR Value: 0
.pelago.com/	1970-01-21 08:30:30	Name: _tt_enable_cookie Value: 1
.pelago.com/	1970-01-21 08:30:30	Name: _ttp Value: F-fCYfCOFpkoyzGaYwMuP8SCpo4
.yahoo.com/	1970-01-21 07:54:52	Name: A3 Value: d=AQABBHhq0GYCEKURLqFkJ17dAkDQ5kIr5UgFEgEBAQG70WbaZtwAAAAA_eMAAA&S=AQAAAmMmWokRY85lBaJEWQ3ly04
.pelago.com/	1970-01-20 23:08:56	Name: tfpsi Value: 71d65bad-4320-44e3-bc9f-6d355d6d2055
.pelago.com/	1970-01-21 07:54:30	Name: _cioanonid Value: 5cb89d29-b5fb-08a0-8d8e-431bc5e6d1f4
cm.teads.tv/	1969-12-31 23:59:59	Name: ar_debug Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS(Line 4) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' blob: data: https:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS(Line 4) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' blob: data: https:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS(Line 4) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' blob: data: https:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS(Line 4) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' blob: data: https:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GRZDTS(Line 4) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' blob: data: https:". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://cdn.yellowmessenger.com/plugin/widget-v2/latest/dist/strophe.min.js Message: [Report Only] Refused to connect to 'wss://r0.cloud.yellow.ai/websocket/' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' blob: data: https:". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
other	error	URL: https://www.pelago.com/en-US/ Message: Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4645703.fls.doubleclick.net
accounts.google.com
ad.doubleclick.net
analytics.google.com
analytics.tiktok.com
assets.customer.io
bat.bing.com
browser.sentry-cdn.com
cdn.sift.com
cdn.yellowmessenger.com
cm.teads.tv
connect.facebook.net
ds.pelago.co
fledge.teads.tv
fonts.gstatic.com
googleads.g.doubleclick.net
hexagon-analytics.com
js.sentry-cdn.com
metrics.pelago.com
o297024.ingest.us.sentry.io
p.teads.tv
pelago.co
r0.cloud.yellow.ai
s.yimg.com
search-core.pelago.co
sp.analytics.yahoo.com
static.sojern.com
stats.g.doubleclick.net
t.teads.tv
td.doubleclick.net
track.customer.io
traveller-core.pelago.co
us-assets.i.posthog.com
us.i.posthog.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.pelago.co
www.pelago.com
r0.cloud.yellow.ai
td.doubleclick.net
www.facebook.com
www.googleadservices.com
www.googletagmanager.com
www.pelago.com
104.18.1.51
13.35.93.44
142.250.80.70
142.251.40.194
142.251.40.196
142.251.41.6
15.197.171.58
18.138.4.161
18.164.124.75
18.238.80.91
2001:4860:4802:38::181
2001:4998:14:800::1000
23.199.49.95
23.206.172.50
23.51.57.155
2600:9000:266a:5400:11:9cfd:9400:93a1
2606:4700:10::ac43:2832
2606:4700::6812:769
2607:f8b0:4004:c07::54
2607:f8b0:4004:c1b::9a
2607:f8b0:4006:808::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::2008
2620:1ec:33:3::10
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::729
3.33.219.3
31.13.71.7
34.102.232.42
34.120.195.249
34.234.115.5
34.96.67.224
35.227.225.220
35.244.188.9
50.17.194.92
54.169.169.4
0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1
0c7ce815305d774a7434cb2bd9abf83f8e11fa36e05dff37eee58989df8fa8f7
0cdf1e4b27f7420b0ad37ad1d6bac03f7470438bc8f49de10bcf1440dc4fd37b
0d33c7f1bd1936b9b139c48aab9d0452ac95ebba60abbf8be750aeb0d1989dc0
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1436c48e326b6b119a9eb8fd022f110be16605715638f1df029d885fc6ee27f4
166048b1b494b546d686a6442bac330a2ffeaa0afaf5a58d7ed0116d602296d2
16a063db087f3a9d494e5f112ad20a0ef5e01a828db8f7af1687bc1554caa6cf
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c9a95cad6158cacbd358cb74bdc25ce3886c1bb43046fdad071a3e8adf24904
1d31c54eba5932384818bcab1ceeb0194618676fa9ce87e12da511cb6ccf0e54
20f88479c0d75ac5b825b8392347a2bf9ca6ab07b6ec3f4552b59770b154446f
25491129887502678ff16c482bcaadf82b16bca4a54b8832735e949e92fc101e
25a390f13809556e24125968d637e32ba68a03548f7e2f9e11490e6dbb13ea96
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2680ccc5842f23dc22628e982570cf5269eab12c7f0cb4410bb189d92ac36c20
2c81cc3c013e563ad03b70adcb3c9651ec391c768dafbe3e36f2da35320f8de4
2fcfdae5440da627328eae9b05b0a54eb0e545892167f7e3c88636037a5c4c79
313efbb9cfbaed49fbb38c238efdba37b48f64dfb14e9df9061904145c80a945
325aaeebc43fb867485d8ae444aa919f4d6a1cf1af77061bfa45a10672a46a1b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34208e63c50cc27f5c13b0c29629cf0561fa788f564a07f82cf877dc28e46b82
34e00d1fc0cfb3fbcb3c4c23c4e5ceccdc8c4616ff5c148f59b71641d5e9c0ad
366a15d48a6c6ea52ed6197b2a8aa84a6cd469db93b06808197694a8a4d812d4
37f9f9d006015d73f4ceac460a588fa35e2a6000479a3d2d31639e2b8e5a6381
3b3f6cba18696fe4982836c6893b28b1a44d1bffe98b24965cc515384bc4234b
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3be80a76c7eba83023c37de598a89e23667f70948f6c80ff8a5fd0ea58f51445
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45b595ce3c4fff608d18623811b464c2e854666e87092e49b3b444a88852189e
4618a98934083dfd196c53f4a9bb417be682e9189f3005340912d190a0729d8d
4c9a4531c7fb89236b5d900089cb7121feb82066c375e648f537a5771366837f
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
51a526ad5d97935236e681be6f46fc495b2bbe4d936db908a7c4dd3b7b6f97c7
52326f63b04de8c91e258b6999b28550b2aba53d211f094178be53924cbfefaa
5356f883c6a82669ea0fd6190aa85232b4d04ca9d32a7ad379f044a77eb1be27
54ae42560c522ac01e50987d61ab619b919f6bc82f37879d750bafb4640c7de2
5532ee48ae379bef327e4ba2690dea52eef800306b4179a415bc8b9ca9143b3a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
588fc8277526f5313934168da8da5e75cb0ae8f83b6b6198d33a4a405c839e60
5953c3f1af06e0d3310c4927725822538723d3755de0239daddac92a01c52f44
5be24e7f2ed9c2bcea4a0ab6e9b8b7c80d72b9101e3df272e61145c4fa4b09cb
5c71fb30a6a022ab08f0f19a1dfab83e1265a4ac790052d0da7a23cd50b008d2
5e33f3de61284d1107f4e249d6172a160d71fd5eca106318fd8728290cdd9154
61672763ef17dc622d4c145e590a6140a71b5766b813bca79d9e365ffcceba24
653c605223792518e8d7a382812f876321c916845a3f249b022ce16b892f5427
66bbbb65fb49ebf3fb87ffae9e3ddef93d6297d40ece77002265b1c14fcf66a1
6aab673a88a9ce969a751084e7207aa8400b52ef2a77ddd01bffd93b64ee7f0e
6ae83c2ac8d4ebc1452f3dfda778d874215a79d466df68adbcf0b97b0ed095e6
7000194c03655eaaaacd06c42896818c426875dffc25e6bc796468b9374c41ed
71022826bd0b211a297065e44f5c6de8d5cc989be7c7d1c44b390c4affad9305
725406802328f7b86a22825fae66633afa06e6114bbdace1ea6c7f09b51cc3d5
7ad614da9f5278029d7ff3b3db29008eed8da75bdb2aefbcc082fa1ffbdb0291
7d60ffa73a2e679a1683b65bdba18e3bf6797aefa3543a0f1c2e95ff1ea3dc65
7e7d4decf8f4a6f9b4339b0c963451c68a61d9b0dcea9cc4ff334b328b58e93a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855119b71e7556b665dac67766a52da698a757bcdc0be04874e9b76a4e3d6205
90379c069076cf6e70ed0ade09175b04c54c5854b7093d52055b6296542ebe15
9105996da21f9cc26f45769b4182cdc3081e172eb3753ea0413698e1dea8a8cf
99f6e3d0ab9d400355f625bdd2577840f88e169a4c5d3000aa7431f07216fd14
9ac60b06018d64702703fb7eec094a2674e7f388637a9f4db9cc6bf79f6306c5
9c6050d1e06cadcbc1c6af280554439309b811d0c98670e77b87c84b9abf95cd
9f0e70ff8c8da2dd679349825302a8d2653f9a9e36b19728ed50ecf5153c5562
9f2429014fa3bfcf7ccb58e2de37af1e8dfea77319e8ccb6a9bef39a6e3d47da
9f754d8cbd7a07aded1a7441c367300066432f28f212010083a28889679f6a6f
9f9ba6d984d2808a3f17ff083ae0ad2b1c9bbe22974e1a23e33432b3a3fa1d57
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cd1ab105c3e6d0c4da9efb7efc3fbee6123e7a23e81c66118ec1ac5eecab7d
aa632bf2ec0aa20ba731a7e4a849086caf2cc6fce80652b5bc3f847b3f53a1dd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
acbf778367c429166ef96db2048ae6bf313ae659cbb031dc587df5e841d63761
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
b150fe8f4ec42d4d86fe90a8e03bed102e7e9a1af6dadbebbe9b7453bedbc41c
b195fed75e5d1b88d74f37f4922ddf9df427dd6017155d7b9849498f71ace7fd
b244124ea2951bdb620917d3247ff5afb29cfb3393daf67db8328e4ebf749d8b
b36a31f40881097e561d5ae3ddd1bb2f560fa169af4d343cecfc4561803458f1
b3c41172b3794a6168614de208144c3f6e5c468c065ab5933824a3a016883e3d
b736d597e3c999831663c9e5062b590ba469a6329aa9cfbdaa403a3d1a33340e
bae145134387f6b315086c73b2c879ecc3a6abffb5fcbdacf83b66492a6162a6
bcddb5c30e531b4489f2054173f9203f3c7ea9379881ef5201da6a888537fe31
c2bdc927a717f8915475608a4e1d93b04b5859a00f10b04593fe3f8f365a1a7c
c6d938751e66c41222fb9a8a044029d320624c4e01b79f68711c0551dc580ff8
c74860505ff2fdaa45dc714ab01810a17d52a2611a3754d2f1d057b4c2879063
cb74653a4d2cc53265fc4a866175dc44d5aa59d55a136881616754a58aa3b274
cc087f8ba1f94d4046d146ed9e4b679a4b6413ea1256457f9da62e9d17d34e4a
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd12984a5efdbf4f7a5f7f40f1ac67c8b68a29d3e8af54cc45c8dc98108255eb
d739033b519593af33dbceb6d48d5bcab335df2ac60208b80d5e8483cb0bf3ca
e26678c31d9b0a6a2198109cb4689cd8a713202f1851ee050855333b6db02fa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41ad875e8b674c18020f0d8d6637bbb5ae2d684a7ede61052c859480b7cbeeb
e4e3fb5e433f29677c0e34e6cc0859fdf2821837b501c2ade333266f2b12628f
e7e9878d1bbe85bfe5785c5881d7e88db7f388f4f5b811b4456f6b7ed4cda34d
ebb856b50fca5bbda3a48f74a7fc33fdd25b0465cc02bc79748c936071fdb162
ed227504f3c41cb5de1160b0b95f00fe7baa0d54147b134525d0171ca2598fc8
eec6b719c1df15556a3581632c1010a34d2f19f42481c6f875ab3ff21337748c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe395af531a51cf77e9659393fcff934185317dd2fbea20da761d4cca0310e1
f1a72607950a27766f0d27f2ef2e8a0c0ecd6222e132dba6fb90e7be4d0e6bc0
f3601deda38558b1705e1e4506c4e116875714a890c35b38e4170ee8803175a6
f57faa602933fa2c5449d3487280a5bd1d82fd8f8a2ddcef80de8847c7d1121b
f9f7768e13aaf8fad07e874e94019ca9cd37a896ca04455c7b375432d8a8a6bb
fb08a8ba57af1d48c2ccb1ea1240bf6654bab21ff680f518d1fbbb486c204e3b
fde2605c1edae449eb99cc527344e0a3d8a5a236ab91f752995e43424ff57f6b

www.pelago.com Open in urlscan Pro 18.164.124.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

90 %HTTPS

36 %IPv6

23 Domains

40 Subdomains

35 IPs

3 Countries

3503 kBTransfer

8843 kBSize

26 Cookies

11 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pelago.com Open in urlscan Pro
18.164.124.75 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

90 %
HTTPS

36 %
IPv6

23
Domains

40
Subdomains

35
IPs

3
Countries

3503 kB
Transfer

8843 kB
Size

26
Cookies

151 HTTP transactions
0 data transactions