secure.palmbeachgroup.com Open in urlscan Pro
2606:4700::6810:1837 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.exct.palmbeachgroup.com/?qs=6f3f91197d68f72bfec513f022d298a7f8f975f6c30f64d5e49e70f211c6540e4a666a15ddb0a5f98eb5c399171d...
Effective URL:
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm....
Submission: On May 06 via api (May 6th 2022, 10:24:40 am UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Behaviour Indicators

Summary

This website contacted 65 IPs in 8 countries across 55 domains to perform 178 HTTP transactions. The main IP is 2606:4700::6810:1837, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.palmbeachgroup.com. The Cisco Umbrella rank of the primary domain is 256120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.

This is the only time secure.palmbeachgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.83 13.111.45.83	22606 (EXACT-7) (EXACT-7)
23	2606:4700::68... 2606:4700::6810:1837	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:f51b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
8	2600:9000:215... 2600:9000:2156:4400:f:75e2:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.216.8.221 52.216.8.221	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	143.204.103.8 143.204.103.8	16509 (AMAZON-02) (AMAZON-02)
9	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1	104.18.7.244 104.18.7.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::ac43:49ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	151.101.1.2 151.101.1.2	54113 (FASTLY) (FASTLY)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	54.86.209.152 54.86.209.152	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	63.33.177.108 63.33.177.108	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
8	151.101.130.27 151.101.130.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	143.204.100.40 143.204.100.40	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	209.59.154.196 209.59.154.196	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dcb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.248.113.119 3.248.113.119	16509 (AMAZON-02) (AMAZON-02)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:215... 2600:9000:2156:7000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	() ()
1	52.215.133.113 52.215.133.113	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
1	52.29.162.123 52.29.162.123	16509 (AMAZON-02) (AMAZON-02)
1 2	63.33.77.67 63.33.77.67	16509 (AMAZON-02) (AMAZON-02)
2 2	18.209.3.188 18.209.3.188	() ()
1	2600:1f18:444... 2600:1f18:444a:4680:27f9:539b:c9b0:d2ce	() ()
1	35.169.47.120 35.169.47.120	() ()
1	2600:1f18:612... 2600:1f18:612b:4200:ada2:2974:cd33:9395	() ()
1 1	23.35.229.117 23.35.229.117	() ()
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
178	65

1 13.111.45.83 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.exct.palmbeachgroup.com

click.exct.palmbeachgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6810:1837 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.palmbeachgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f51b (United States)

ASN13335 (CLOUDFLARENET, US)

marketingassets.cloudsna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:4400:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3bjnmbj12697.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.8.221 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

gsdpeazjjf.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-8.fra50.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:49ec (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.2 (United States)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.209.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-209-152.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.177.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-177-108.eu-west-1.compute.amazonaws.com

tracking.legacyoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.100.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-100-40.fra50.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.59.154.196 (United States)

ASN32244 (LIQUIDWEB, US)

js.trackinggrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:7::17d8:4dcb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.113.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-113-119.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.242 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.11 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:7000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 1 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.133.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-133-113.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.162.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-162-123.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.77.67 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-77-67.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.209.3.188 (None, ) 2 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:27f9:539b:c9b0:d2ce (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.169.47.120 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:ada2:2974:cd33:9395 (None, )

ASN- ()

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.117 (None, ) 1 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (None, )

ASN- ()

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	palmbeachgroup.com 1 redirects click.exct.palmbeachgroup.com — Cisco Umbrella Rank: 417779 secure.palmbeachgroup.com — Cisco Umbrella Rank: 256120	2 MB
11	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931 sslwidget.criteo.com — Cisco Umbrella Rank: 1964 widget.us.criteo.com — Cisco Umbrella Rank: 18952 dis.criteo.com — Cisco Umbrella Rank: 974	18 KB
11	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289	10 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	520 KB
9	google.de www.google.de — Cisco Umbrella Rank: 3632	1013 B
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 20	973 B
9	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 11571	32 KB
8	cloudfront.net d3bjnmbj12697.cloudfront.net	508 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 612 ib.adnxs.com — Cisco Umbrella Rank: 326	7 KB
7	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 6280 Failed cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 3396	719 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 6159 metrics.brightcove.com — Cisco Umbrella Rank: 4639	5 KB
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 7886	88 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	40 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1090 ads.yahoo.com — Cisco Umbrella Rank: 1553 ups.analytics.yahoo.com — Cisco Umbrella Rank: 420	1 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	1 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	44 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 605	12 KB
3	quora.com a.quora.com — Cisco Umbrella Rank: 9468 q.quora.com — Cisco Umbrella Rank: 4116	15 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	105 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 936	160 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com cdn.stickyadstv.com	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 876	853 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2417	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 590	736 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 491	625 B
2	akamaihd.net bcbolt446c5271-a.akamaihd.net — Cisco Umbrella Rank: 10653	3 MB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 4678	267 B
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 882 sync-t1.taboola.com — Cisco Umbrella Rank: 1476	330 B
2	outbrain.com amplifypixel.outbrain.com — Cisco Umbrella Rank: 15576 sync.outbrain.com — Cisco Umbrella Rank: 1057	732 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 557	7 KB
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 11062 s1.listrakbi.com — Cisco Umbrella Rank: 11295	21 KB
2	amazonaws.com s3.amazonaws.com gsdpeazjjf.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 114650	8 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1131	418 B
1	tremorhub.com criteo-partners.tremorhub.com	183 B
1	postrelease.com jadserve.postrelease.com	428 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 945	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 893	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2297	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2560	336 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 992	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 786	783 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 912	675 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 478	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 2120	428 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2822	232 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 760	13 KB
1	trackinggrid.com js.trackinggrid.com — Cisco Umbrella Rank: 189731	1 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5720	7 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 4366	184 KB
1	legacyoffers.com tracking.legacyoffers.com — Cisco Umbrella Rank: 128629	522 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 12237	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	cloudsna.com marketingassets.cloudsna.com — Cisco Umbrella Rank: 93686	1 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5250	18 KB
178	55

	Domain	Requested by
23	secure.palmbeachgroup.com	secure.palmbeachgroup.com www.googletagmanager.com
10	www.googletagmanager.com	secure.palmbeachgroup.com www.googletagmanager.com js.trackinggrid.com
9	www.google.de
9	www.google.com	1 redirects
9	ssl.kaptcha.com	secure.palmbeachgroup.com ssl.kaptcha.com
8	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
8	d3bjnmbj12697.cloudfront.net	secure.palmbeachgroup.com s3.amazonaws.com
7	c.lytics.io	secure.palmbeachgroup.com c.lytics.io
6	manifest.prod.boltdns.net	secure.palmbeachgroup.com
6	www.google-analytics.com	www.googletagmanager.com secure.palmbeachgroup.com
5	metrics.brightcove.com	players.brightcove.net
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	gum.criteo.com	3 redirects static.criteo.net
3	ib.adnxs.com	3 redirects
3	www.googleadservices.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	cdnjs.cloudflare.com	secure.palmbeachgroup.com cdnjs.cloudflare.com
3	code.jquery.com	secure.palmbeachgroup.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	idsync.rlcdn.com
2	bcbolt446c5271-a.akamaihd.net	secure.palmbeachgroup.com
2	pixel.sitescout.com	secure.palmbeachgroup.com
2	edge.api.brightcove.com	secure.palmbeachgroup.com
2	sp.analytics.yahoo.com
2	stats.g.doubleclick.net	secure.palmbeachgroup.com
2	q.quora.com
2	s.yimg.com	secure.palmbeachgroup.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ups.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	static.criteo.net	www.googletagmanager.com
1	js.trackinggrid.com	secure.palmbeachgroup.com
1	cf-images.us-east-1.prod.boltdns.net
1	trc.taboola.com
1	vjs.zencdn.net	players.brightcove.net
1	players.brightcove.net	secure.palmbeachgroup.com
1	tracking.legacyoffers.com	secure.palmbeachgroup.com
1	amplifypixel.outbrain.com
1	up.pixel.ad	www.googletagmanager.com
1	a.quora.com	secure.palmbeachgroup.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	cdn.listrakbi.com	secure.palmbeachgroup.com
1	gsdpeazjjf.execute-api.us-east-1.amazonaws.com	secure.palmbeachgroup.com
1	s3.amazonaws.com	secure.palmbeachgroup.com
1	fonts.googleapis.com	secure.palmbeachgroup.com
1	marketingassets.cloudsna.com	secure.palmbeachgroup.com
1	cdn.mxpnl.com	secure.palmbeachgroup.com
1	click.exct.palmbeachgroup.com	1 redirects
178	74

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-09-23` - `2022-10-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
quora.com R3	`2022-04-17` - `2022-07-16`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.quora.com R3	`2022-03-27` - `2022-06-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
tracking.legacyoffers.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
js.trackinggrid.com cPanel, Inc. Certification Authority	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Frame ID: C0C7E3F1031F50E206E673311628B6BA
Requests: 143 HTTP requests in this frame

Frame: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=402
Frame ID: BF8F1B91A34478A208400239E154A269
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Frame ID: 8CED01C18E41EB1F2BB8BF144D506917
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 40F1A1FFC631058E618DD49BDE7A4297
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.palmbeachgroup.com&origin=onetag
Frame ID: DE6983F08F96F3B5888E0164D108E50D
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_gid=CAESEOlDRg_edHEMXFcGCBc9RE4&google_cver=1&google_ula=913071,0
Frame ID: 25B204F3E3687267B2D933D805F57513
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Palm Beach Research Group

Page URL History Show full URLs

https://click.exct.palmbeachgroup.com/?qs=6f3f91197d68f72bfec513f022d298a7f8f975f6c30f64d5e49e70f211c6540e4a666a15... HTTP 302
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

178
Requests

89 %
HTTPS

37 %
IPv6

55
Domains

74
Subdomains

65
IPs

8
Countries

6762 kB
Transfer

17669 kB
Size

61
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.exct.palmbeachgroup.com/?qs=6f3f91197d68f72bfec513f022d298a7f8f975f6c30f64d5e49e70f211c6540e4a666a15ddb0a5f98eb5c399171d1a6c6917bb66d0d71349 HTTP 302
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://gum.criteo.com/sid/json?origin=onetag&domain=palmbeachgroup.com&sn=ChromeSyncframe&so=0&topUrl=secure.palmbeachgroup.com&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YwM3KnxRNmYzTDljZlNKMGxNSjJBWE8rRC9TSGx6YTdFejUrUXZoWkh6dkRxeFo4QklmbmFrWTY1cDFLL3JNTWtvVFZwY0h5TWdOaWI0c2JJWGR3dTJKOXc5cGtEeU9WMHIrS0RHNTBUV1NpVzlPbWhnZkhCMHlqY0p0N3dmWGlvSlFpd2dMR2NmMk9DNE9LQWMrOFpzandYcmhvYncwQmw2amVTUGlIK3NNMlM3OUNpeGRWNHdXV2ErYU9CV2JwR1phZW10TmNUTEc4cUYrTlVaNlBvYVZTZ0ZOaENSRHFhaGJJbWEyUFEyU1AxbFhYUVNVUy8xbnhvT1hHMUtTYUNJb3Y2ZmJtSU9VaC9sTk1iN0pnK1A5MDJtcjEyMTZSZ3BCaWh2a0w2UFlCeHFidz18&cppv=2

Request Chain 137

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1651832677438&cv=9&fst=1651832677438&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/668877205/?random=1651832677438&cv=9&fst=1651831200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1144896003&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/668877205/?random=1651832677438&cv=9&fst=1651831200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1144896003&resp=GooglemKTybQhCsO&ipr=y

Request Chain 152

https://sslwidget.criteo.com/event?a=94539&v=5.9.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1JTJGa2tEUWJYOExQYkhtd2hxd0pLdWRTTGRvQiUyQkRtYlBOdEY5dDhHRk1Gd0hiWDZXU2hPbUUlMkJueU1QYVBtRUNvMmowaDhublB3dUJmU29ETGdBVFZwa0JvWHZxWTRDJTJGSDJBTzAyWU91RG1xakhPNHdVclpNaXlYV0RqczNGSSUzRA&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&dtycbr=84088 HTTP 302
https://widget.us.criteo.com/event?a=94539&v=5.9.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1JTJGa2tEUWJYOExQYkhtd2hxd0pLdWRTTGRvQiUyQkRtYlBOdEY5dDhHRk1Gd0hiWDZXU2hPbUUlMkJueU1QYVBtRUNvMmowaDhublB3dUJmU29ETGdBVFZwa0JvWHZxWTRDJTJGSDJBTzAyWU91RG1xakhPNHdVclpNaXlYV0RqczNGSSUzRA&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&dtycbr=84088

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_cm&google_hm=ay0wcUNpNXowekljenVWcWdOSlJCb25iZUN1bDJ0Z25TNjV1ZU1iZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_gid=CAESEOlDRg_edHEMXFcGCBc9RE4&google_cver=1&google_ula=913071,0

Request Chain 154

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=YDqada3miD7ktRymYt1y29lYX7g9WnUb

Request Chain 163

https://secure.adnxs.com/setuid?entity=52&code=k-AkfVPz0zIczuVqgNJRBonbeCul2TRhk_yPC1JA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AkfVPz0zIczuVqgNJRBonbeCul2TRhk_yPC1JA%26seg%3D95287

Request Chain 164

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=817946562597264050

Request Chain 166

https://eb2.3lift.com/xuid?mid=2711&xuid=k-6YkxYT0zIczuVqgNJRBonbeCul3UISEBRbbWKQ&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-6YkxYT0zIczuVqgNJRBonbeCul3UISEBRbbWKQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 168

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ&C=1

Request Chain 170

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vuOMtj0zIczuVqgNJRBonbeCul0CVWqMVuRE0w&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuOMtj0zIczuVqgNJRBonbeCul0CVWqMVuRE0w&expires=30&user_group=5

Request Chain 176

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-wAD4WT0zIczuVqgNJRBonbeCul31URr8HF6RAw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wAD4WT0zIczuVqgNJRBonbeCul31URr8HF6RAw

Request Chain 177

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A&_li_chk=true&previous_uuid=a90406c34a3846a0be5d3701da8894a4 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A

Request Chain 180

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-6hHrRD0zIczuVqgNJRBonbeCul2mipZk4bSOSw&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 181

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/oyLPyRYhJtkTPJG5njJEkrCiYSH3eS2p/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3155527290599636333

Request Chain 182

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6390516855084418259

178 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.palmbeachgroup.com/
Redirect Chain

https://click.exct.palmbeachgroup.com/?qs=6f3f91197d68f72bfec513f022d298a7f8f975f6c30f64d5e49e70f211c6540e4a666a15ddb0a5f98eb5c399171d1a6c6917bb66d0d71349
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&ema...

2 KB
1 KB

557ms
521ms

Document
text/html

2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 707101b95f9223f7-ZRH
content-encoding: gzip
content-type: text/html
date: Fri, 06 May 2022 10:24:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-id: GOppG01xyMC1Yab2kBJIBCELxaVB_7jXlEL5tRyy0fy993UrKPBbPw==
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
x-amz-version-id: null
x-cache: Miss from cloudfront

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 384
Content-Type: text/html; charset=utf-8
Date: Fri, 06 May 2022 10:24:31 GMT
Location: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 36ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:32 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1651832672.dop155.fr8.t,1651832672.cds210.fr8.hn,1651832672.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jsencrypt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ 55 KB
16 KB 46ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1120733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15539
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-db4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxSmwaZtk1gIlrzxL71Ys1OSoc3GoWStBeoY3YKxgP4%2BaZLslUOQGe37Vbja7nO6hWAamti7jHU8LkZFvMnVmyCpsSe0Zvj2pwoNZJtTXWmcPvje1K8XgfY%2B3RKowq%2FQd6l2eixWrLalRjJA5wbjK0pp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 707101bcec7001df-ZRH
expires: Wed, 26 Apr 2023 10:24:32 GMT

GET
H2 200 zuora-min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 16 KB
6 KB 521ms
519ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/zuora-min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8717eadc3b97c75e83d74067e6e042bbca4febc6b6dc4e267b536fb76571b2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 08:46:10 GMT
x-amz-cf-pop: FRA6-C1, FRA56-P4
x-amzn-requestid: ded1b869-3db6-4973-bd8f-1eefd06964ce
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RfUM8EvWoAMFlKg=
content-length: 6273
last-modified: Sat, 22 Sep 2018 11:08:10 GMT
server: cloudflare
etag: W/"7d86df81888eae28ff563475df84af7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: luvJNm4NbI_LUJYsawMnr4af0VHx8MG7
via: 1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront), 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd5023f7-ZRH
x-amz-cf-id: em5NLwXQ_iK2DIiNj8X_7hErhHyAnGtKAqPOWHGmysh5oHKrH1J_VA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 postToIframe.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 2 KB
1 KB 397ms
395ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/postToIframe.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 02:42:58 GMT
x-amz-cf-pop: DUS51-P1, FRA56-P4
x-amzn-requestid: 8440ab4d-5a50-4740-86f9-8e0e225d637e
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Ree__FPpIAMF_yg=
content-length: 607
last-modified: Sat, 22 Sep 2018 10:04:10 GMT
server: cloudflare
etag: W/"3934dce8d049fb2790a29e7de331d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: jcZd1q0X4PG.0tDIV.AM4TZ5jHnAmWBj
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront), 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd5223f7-ZRH
x-amz-cf-id: t5MzqbD215ItI6R71R4k428_m90FntyOrPrN1zK22p8cZ5I8lWnU-Q==
x-amzn-remapped-connection: keep-alive

GET
H2 200 encryption_util.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 6 KB
2 KB 425ms
422ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/encryption_util.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 08:48:21 GMT
x-amz-cf-pop: TXL50-P1, FRA56-P4
x-amzn-requestid: b87c4887-80d7-4ce3-98fb-9e5a2c4cf18d
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RfUhaFxEoAMFfgA=
content-length: 1590
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"a4562de2bcce9e6631abf61e5a04728b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: .RXPgt8IOHDC5kcSlGGlyGGq.lruUQic
via: 1.1 f40ff9523880a4442009f8741bfb3f5c.cloudfront.net (CloudFront), 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd5423f7-ZRH
x-amz-cf-id: QdMdaqby56ahBgAJGyl-yeab5craiiagzSoRObLmWVJxgd8VynSD7g==
x-amzn-remapped-connection: keep-alive

GET
H2 200 HPM2Security-min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 44 KB
14 KB 418ms
416ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/HPM2Security-min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sun, 01 May 2022 08:51:52 GMT
x-amz-cf-pop: FRA6-C1, FRA56-P4
x-amzn-requestid: 5016efb2-c693-46a7-9228-eb3f384ec88c
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RcCGZFEloAMFXLw=
content-length: 13545
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"5c56f33a7d1fcd065fa2bd0fa7758d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: F1zb.i6q7MEDZAdQsvHFruscv_FKHXVQ
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront), 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd5623f7-ZRH
x-amz-cf-id: pSqfDipgb_nMN_RgdJy53DIkAlUjmPWUY9GouiTnwwj5atnRZ_K0EA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery.payment.min.js Show response
secure.palmbeachgroup.com/store/PROD/plugins/jquery-payment/ 8 KB
3 KB 399ms
398ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/plugins/jquery-payment/jquery.payment.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sun, 01 May 2022 08:53:10 GMT
x-amz-cf-pop: DUS51-P1, FRA56-P4
x-amzn-requestid: d8900687-9b09-495a-8448-d29a1b7f5eaf
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RcCSnEmcIAMFSOA=
content-length: 2744
last-modified: Wed, 21 Aug 2019 20:18:01 GMT
server: cloudflare
etag: W/"2ccb4360a6b212383716224d0b56bd21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: uVxF0OX6Rj_lsOZHo0OKGG0I2eVEXwcB
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront), 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd5a23f7-ZRH
x-amz-cf-id: Ee1qyljiGbd63o8hQ_ML6Tr_s4u8fOXsP594P3Stv95V1mks26Caiw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 34ms
17ms Stylesheet
text/css 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:32 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
server: nginx
etag: W/"620cd700-8c85"
vary: Accept-Encoding
x-hw: 1651832672.dop155.fr8.t,1651832672.cds210.fr8.hn,1651832672.cds272.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 store.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/revampstore/ 119 KB
17 KB 453ms
451ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/revampstore/store.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aed9bf2527a71a02eb69ac0e018a55b034067c67efcff7df6a428eac923dfe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 06 May 2022 06:23:27 GMT
x-amz-cf-pop: FRA60-P1, FRA56-P4
x-amzn-requestid: 15b85861-ec35-40ec-bcf4-e4aa0a9bab7e
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RsLC7G45oAMFVrg=
content-length: 17199
last-modified: Fri, 29 Apr 2022 20:36:09 GMT
server: cloudflare
etag: W/"5c17af31fadd4a10f4c6eca9060145c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: iIF.3IV4C6qtmPG6rx1BhQDC.r9T5wDa
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront), 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd5f23f7-ZRH
x-amz-cf-id: eMPWN70pTWciLnQqRi4vHY4mPSAjVD-clfBtL9wo260S0BvrNyCXWA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mygtm.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 474 B
696 B 417ms
415ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/mygtm.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 02:42:59 GMT
x-amz-cf-pop: DUS51-P1, FRA56-P4
x-amzn-requestid: 22b890eb-19d7-4ee9-8c5e-5f567675b90b
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Ree__GPAIAMF0wA=
content-length: 338
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"f01dbb5bc4745bf1f386572cdf22c8c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: 4.dw3bbUWT3wk0yaqGtXbpSm9ui25xti
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront), 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd6223f7-ZRH
x-amz-cf-id: LvH70-dfSxEYdVi-TJI7NEtUTWdMQNlEr1SxedkETI_TU3Axti9EdA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 listrak.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 1 KB
880 B 411ms
409ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/listrak.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 08:46:11 GMT
x-amz-cf-pop: FRA6-C1, FRA56-P4
x-amzn-requestid: 7cf683fd-a2b0-4fb9-acdf-530d1f1d9278
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RfUNFFDvoAMF_Uw=
content-length: 511
last-modified: Thu, 28 Jun 2018 20:46:57 GMT
server: cloudflare
etag: W/"cd9f94dd71125cb7fda1e1088aa19ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: W46Q95OyRSSEl7u8xZsbwfK4bzk35Yt_
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront), 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd6323f7-ZRH
x-amz-cf-id: hpO7EqDus3xF5SziPwxx6WocTgN0u-6KqEXPRqQaNQejWkenXoFrGw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mymixpanel.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 2 KB
1 KB 458ms
457ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/mymixpanel.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 02:42:58 GMT
x-amz-cf-pop: DUS51-P1, FRA56-P4
x-amzn-requestid: ef275bb3-bbaf-47dc-a376-73c7fefd691e
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Ree__EvpIAMFp5A=
content-length: 778
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"52928b3325fc59cf3a4b91c0e7b59c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: kgR13lhzSsVCRIE0MlY3UBQ0EPNv4JeB
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront), 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101bccd6623f7-ZRH
x-amz-cf-id: zE-MBGPVHu10qAsqQrOMzMr_pyBmpN0lZKza2N7HOilJoq7sfTvvbg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 39ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:32 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7f20a"
vary: Accept-Encoding
x-hw: 1651832672.dop155.fr8.t,1651832672.cds210.fr8.hn,1651832672.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 runtime.js Show response
secure.palmbeachgroup.com/ 6 KB
2 KB 526ms
525ms Script
application/x-javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/runtime.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cc82b6dc651cd71361f7da0d6cc98c685f093aeb9d57ae99069aba15409a024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
etag: W/"c1ea2d53dbedcb859f724fc93b88bebd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 707101bccd6823f7-ZRH
x-amz-cf-id: mBgLvjnr0vCmJis4OOvoyQFD3lbjtk6KJJ34j_J2D246GPOnB7r2fQ==

GET
H2 200 polyfills.js Show response
secure.palmbeachgroup.com/ 5 MB
905 KB 839ms
838ms Script
application/x-javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/polyfills.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752451b4f3129531782a28b360e5a8dc6404fd33c490580ac3a24b43ad2bf8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:38 GMT
server: cloudflare
etag: W/"8348978ea5e536eea759b3f13aa07510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 707101bcdd8323f7-ZRH
x-amz-cf-id: _GA2E4e3x3KMp6ifbSoUe-qxE2TC4p1HxbSSsCXr3HrflXcdiQwm6w==

GET
H2 200 styles.js Show response
secure.palmbeachgroup.com/ 15 KB
5 KB 531ms
531ms Script
application/x-javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/styles.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ad7e002b19264473dc3d4d79fb88278f950c24780982674c0ac1738b8b9614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:38 GMT
server: cloudflare
etag: W/"c9304e2d8ec28f315647fd383799078b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 707101bcdd8623f7-ZRH
x-amz-cf-id: mbPbPSt84_dFNSVK2AxA5dymkqlgVQJPYzjoZacQ7AzdgAkSaUUnxw==

GET
H2 200 vendor.js Show response
secure.palmbeachgroup.com/ 558 KB
106 KB 835ms
835ms Script
application/x-javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/vendor.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb42ed48451fec48eebe0f6a456350b1195238d69627819435825fc421e53c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:38 GMT
server: cloudflare
etag: W/"abfd6847d5991c0a84b4e9cac19a0ef6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 707101bcdd8723f7-ZRH
x-amz-cf-id: 8Hx71xiR1KdosIXS-o68VexPMt7bGgbJ-B-sSjbgl3n8hKVfLXJyHw==

GET
H2 200 main.js Show response
secure.palmbeachgroup.com/ 3 MB
553 KB 701ms
700ms Script
application/x-javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/main.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e67c0ad03dc12ebfe255a3518ddb632cbb1cb73b836fc6374a790ec0909c3dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:33 GMT
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:37 GMT
server: cloudflare
etag: W/"b8e7b335166a22e54c0dfb66bf72a4ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 707101bcdd8823f7-ZRH
x-amz-cf-id: oLe7t03Pw1eJgtmrNgIYrVDUp3z-JJv-V6QCIrqVHqskTFTCXNOSzA==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 21ms
7ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/mymixpanel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:23:49 GMT
content-encoding: gzip
age: 44
x-guploader-uploadid: ADPycdtbg-sXvbWnmYTNhV8fG7QuNw_zwFsL6JoHYDCMiAnOsY0_ohZvNi9hQrTm4-Hun-2xCsKjL1vctIOvIkyYZx2FCw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 06 May 2022 10:33:49 GMT

GET
H2 200 getSiteDetails Show response
secure.palmbeachgroup.com/site/api/v1/ 271 KB
13 KB 1262ms
1262ms XHR
text/plain 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/site/api/v1/getSiteDetails?cid=MKT583247&eid=MKT630954&chainId=&plcid=PLC139708&preview=false&baseUrl=secure.palmbeachgroup.com
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e150cd24014262374a0016e0827dc19219a4bb4ab4d4d30970f99038542d814

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 06 May 2022 10:24:35 GMT
x-amz-cf-pop: FRA60-P1, FRA56-P4
x-amzn-requestid: 96c392ed-8f67-4234-b9bb-9a822fdc2183
x-cache: Miss from cloudfront
x-amz-apigw-id: RsuXgER7oAMFpHg=
content-length: 13385
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=ISO-8859-1
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101c9291323f7-ZRH
x-amz-cf-id: 3dVSWL_WYZz-ERB98aBK6wTeE66iuZZ04jl_EQHww9PcZVIxZ_ZWZQ==
x-amzn-remapped-connection: keep-alive

GET
H/1.1 200
OK legacyExternalJs.js Show response
marketingassets.cloudsna.com/prod/javascript/legacy/casey/ 2 KB
1 KB 287ms
251ms Script
application/javascript 2606:4700::6810:f51b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingassets.cloudsna.com/prod/javascript/legacy/casey/legacyExternalJs.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:f51b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:36 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 01 Feb 2022 15:26:26 GMT
Server: cloudflare
x-amz-request-id: YCBAEFPTRHEY3PVB
ETag: W/"af69bb3836d13060de7b6c61e0b79782"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
x-amz-version-id: 7E5q.ejfRs58tAIqNZGxszGsyyvAmP02
Content-Type: application/javascript
Connection: keep-alive
CF-RAY: 707101d15aea01e7-ZRH
x-amz-id-2: Fy2wgA1CQD18uCB8qcXryhB+sn/hOeLTS/UMZ2bWITzjHEgbUBeL6ghmuLQC05SwoAspzSTOJbE=

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&family=Rubik:wght@400;600;900&display=swap

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda94645e6dfe6b5abab8d3262d7802f325db5f5eba7cf088f58f365acafaf4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 10:24:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 10:24:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 10:24:36 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 50ms
49ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 122792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY%2BHpJk%2Fckk47J%2BVUL%2BjK8l8Vgiq5%2FizawSshvv9gXO87M%2FnyBbaB99AVtLaTMtJ1%2F6UUo1i3I8sqGowbKQraSpWEzGApSKNaNC0muZ1PBOAigsnryA81mfU9E3i7CQP7op5ua7ifB7ja7omtjWp5ZvG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 707101d12b3401df-ZRH
expires: Wed, 26 Apr 2023 10:24:36 GMT

GET
H/1.1 200
OK bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ 158 KB
158 KB 27ms
11ms Stylesheet
text/css 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/bootstrap.min.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6702be9b5abcb7f77401607c67f34715ed9e6fa331e941e27702d0ec121756bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 19:47:08 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Last-Modified: Mon, 02 May 2022 19:43:01 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 52839
ETag: "3313c2852cb0b4e264c407de00f934b3"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 161649
X-Amz-Cf-Id: GzHtMgby4exlvKSw0X63L7mPeNj9XIVKGuHGjF7OxDG_t4li9Mqc4g==

GET
H/1.1 200
OK custom.css
d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/css/ 71 KB
72 KB 26ms
10ms Stylesheet
text/css 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/css/custom.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ee822b62dc3f42b8f8442ef52daca78fab784319a3f7def53f42aa8fed74661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:58:54 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Fri, 28 Jan 2022 16:20:39 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 84343
ETag: "af278de227f67482250cecf1874a39f8"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 72710
X-Amz-Cf-Id: T7bPU6EhzO39w0J7-4P8c3dDxYGcm-eoZFDIJI7faPIeFakoWB2TdQ==

GET
H/1.1 200
OK 1637699325186.css
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBL/inlinecss/ 433 B
901 B 423ms
136ms Stylesheet
text/css 52.216.8.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBL/inlinecss/1637699325186.css?versionId=dbgOkl6a06HskKr3j.XN6.qQeckx6O07
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.8.221 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4965a9ae619c0a248a186236a2aee27d1963adef65a94376ea709897c3dd2403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:37 GMT
Content-Encoding: utf8
Last-Modified: Tue, 23 Nov 2021 20:28:46 GMT
Server: AmazonS3
x-amz-request-id: YCBEY6X61KVXTJKZ
ETag: "a945992b0b842aa3def2d287b300d7f4"
x-amz-version-id: dbgOkl6a06HskKr3j.XN6.qQeckx6O07
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 433
x-amz-id-2: /tqb/sTCJqkpo4ZLVpQgDycPLPEWd/Q66qqm8WX6uif9z9RF1HMPLVendM+GPbE1Mb/FO1jl3nk=

GET
H2 200 versionId=T8euP5qcyZc1mjvfgTDO7yVWF1.JT1n3 Show response
gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/PBL/VideoLandingPage/1634568473644.html/ 7 KB
7 KB 398ms
361ms XHR
application/json 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/PBL/VideoLandingPage/1634568473644.html/versionId=T8euP5qcyZc1mjvfgTDO7yVWF1.JT1n3
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: 70f123ae18601c8cf650d2bb037c62f03e1b728d65fe974b8c69293ea5a3915d

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 85722640-d72f-4f5f-8f9a-d0e351712e3c
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6274f764-3f3b794b6ce9b0a655f6acc7;Sampled=0
x-amz-apigw-id: RsuXsHMcIAMFTcQ=
content-length: 6672
x-amz-cf-id: RSkB8U9SLymYR2YgXhalYcagpQwkjMSFKWz9bGiPpOp4CT2_8XQZbA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 430 KB
96 KB 107ms
87ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/mygtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c25ecdde70665eca304e3987d5c38489b516e4369717c0f849525a87c4c8d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97725
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:36 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 62 KB
20 KB 47ms
8ms Script
text/javascript 143.204.103.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=BrxgIoIXfWCS&v=1
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/listrak.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-8.fra50.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: a1a2c9f5eec6de7541b3a38a307f21a69bc1a1771dbe6c10876926d6ad7bb39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:21:31 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 185
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 19513
Last-Modified: Thu, 26 Sep 2019 14:35:21 GMT
Server: cloudflare
X-ltk: 4/25/2022 10:31:57 PM
ETag: "E4KO8Z/Ur3VrLu3p7flIiQ=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
CF-RAY: 701be7b93ccd917c-FRA
X-Amz-Cf-Id: wJlWkwtXF008nHJ6JU0adqxRqqPPcqGO1htM11GlQ0Q-ry4jhA7oig==
Expires: Fri, 06 May 2022 11:21:31 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 477ms
156ms Script
text/javascript 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fc2ddc99f7a256c44ed3fc493bbaf63104a0a3608e38008884930f267f367196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:36 GMT
X-Correlation-Id: 4de5ce76-3227-4435-b249-d6bdb347dbc5
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H2 200 bss-px.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 5 KB
2 KB 173ms
173ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 02 May 2022 08:48:25 GMT
x-amz-cf-pop: DUS51-P1, FRA56-P4
x-amzn-requestid: fe0058aa-0485-4ba0-931c-7694b5c4dbc2
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RfUiDF82oAMF3uQ=
content-length: 2096
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront), 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101d12d9c23f7-ZRH
x-amz-cf-id: GbvXDPYMuJvajONNvx8ntl5R3fC3moSjMRm0Ue-sXlXNyPY8ebOIgQ==
x-amzn-remapped-connection: keep-alive

POST
H2 200 generic Show response
secure.palmbeachgroup.com/snowflake/ 21 B
452 B 226ms
226ms XHR
application/json 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/generic
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P1, FRA56-P4
x-amzn-requestid: e29af5dd-d0cf-47e7-9943-0624182955e7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6274f764-64e8e556156a130135c3748f
cf-ray: 707101d12d9f23f7-ZRH
x-amz-apigw-id: RsuXrFhFIAMFyZw=
content-length: 21
x-amz-cf-id: wOTS86hCnN8cPYAlNp2ik8IYIVgWty1SBAxDNyxlbPMWCW71MScndg==

GET
H2 200 getIds Show response
s1.listrakbi.com/BrxgIoIXfWCS/session/ 175 B
1 KB 428ms
404ms Script
application/x-javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/BrxgIoIXfWCS/session/getIds?callback=ltkCallback9151&gsid=&_sid=&_tid=243866&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=BrxgIoIXfWCS&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58989f52c9ddeb5ca3fd21c016ea8468f10eabac86cfd2eac369317854828744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 707101d1baf89b1f-FRA
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 327
date: Fri, 06 May 2022 10:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 06 May 2022 12:19:09 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 64 KB
22 KB 111ms
45ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4a7bb20a9253244cf4ddff2a3ac6aea8ae2bff1c0425f5273d013bb55a7ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6630
content-encoding: br
last-modified: Fri, 06 May 2022 08:34:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfzL%2BLAylM79b9B6szfA8ZEwjAqxZRYplKp3JTOLhWQuYcLdRiYpb9dw%2B45F99E9eVeK5XL6t2EOhf93VnC1z%2FgmjysZo%2FDNfnSh59zlibIfBE0VjCA%2FABnNczYsUoTBO2fM8Bbfda2q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 707101d2a8ec83b4-MXP

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 45ms
15ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 48PJPKY0GWV182FG
x-amz-id-2: /xxpa3U0Ye2WlVA2hnnNBL1h7J7Vx63pAa+CyyW4ia/xcZX33EnVK4k2gfvTZD6UyOKCK2FqvfM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 28ms
6ms Script
text/plain 151.101.1.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5146467&emailname=20220506-pbd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
content-encoding: gzip
etag: "47078e63380c6b0cbbfb6d8508b25ee7"
age: 414
x-cache: HIT, HIT
content-length: 14031
x-amz-id-2: Mt5ixruyZQMuz2hyMbp/KTbIH5giRHNsfo1OkmpT5XkJbFR2kZYpxLrrBKhfsMq5S8uY+UYjOac=
x-served-by: cache-iad-kiad7000102-IAD, cache-hhn4020-HHN
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
x-timer: S1651832676.204028,VS0,VE0
date: Fri, 06 May 2022 10:24:36 GMT
vary: Accept-Encoding
x-amz-request-id: TA3D3A2BNPW868DS
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 128

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 27ms
6ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 152022
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 1ee68fb15781c89446a280aa1d32385d

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 349ms
85ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=006987b21e348a9f544b8e9c5329ce00df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:36 GMT
Cache-Control: no-cache
X-TraceId: 920bb0c5c3711643d6b58587c18d4ac7
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 2 KB
1 KB 621ms
620ms XHR
text/html 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
cf-ray: 707101d24f4b23f7-ZRH
x-cache: Error from cloudfront
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-type: text/html
x-amz-cf-id: VsGaP-v3sBYdRrG3fPNnSanZkVX899UN6AswyOOWfcHBzMRJV5fgDQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=540950395&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=287271699&gjid=129144941&cid=731307761.1651832676&tid=UA-87443958-7&_gid=908967311.1651832676&_r=1&gtm=2wg540PSPS9BF&z=824013432

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/e105368420994e038ee8f447459557ab/ 43 B
420 B 387ms
95ms Image
image/gif 54.86.209.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/e105368420994e038ee8f447459557ab/pixel?j=1&u=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd&tag=ViewContent&ts=1651832676222

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.209.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-209-152.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,a13ba0b3b35e0a6765fea83b6668ac23,10.0.0.64,7926,217.64.151.69,,30046255210,1,1651832676.562,0.002,,.,0,0,0.000,0.000,-,0,0,197,213,106,10,35796,,,,,,-,
Content-Type: image/gif

GET
H2 200 10028632.json Show response
s.yimg.com/wi/config/ 2 B
451 B 39ms
14ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10028632.json

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:23:33 GMT
x-content-type-options: nosniff
age: 63
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 7KM9RQ6R7S9K36HK
x-amz-id-2: fqrUIJGTW2YTkwgAwGeINNBxZ9jwDA6LCsZ+A7S8++5Qo540QkxmRjyICqY9F5eedgMzc0bkvxY=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
446 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87443958-7&cid=731307761.1651832676&jid=287271699&gjid=129144941&_gid=908967311.1651832676&_u=YEBAAEAAAAAAAC~&z=1710899686

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 May 2022 10:24:36 GMT
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 97ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2006%20May%202022%2010%3A24%3A36%20GMT&n=0&b=Palm%20Beach%20Research%20Group&.yp=10028632&f=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 06 May 2022 10:24:36 GMT

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
550 B 174ms
173ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1651832676018&event=gtm.js&gtm.uniqueEventId=17&_ts=1651832676307&_nmob=t&_device=desktop&url=secure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd&_v=3.0.26&_uid=46f3f935-a9e4-4084-b5de-d8209b41dea2&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2e4GYTj22FxkU76T9aKSpWVk%2B8azSNAB84oCsdihkoqPKQHqO0arXcTAbwnV1EN9GA92xvfbzi2ykGQ3cGOXCto6C4Uy8GF0XD%2FPhdK1nREvxLSPB%2BabLOWx7bbEv8Imt8b2qZzbQjs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 707101d31a5683b4-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 46f3f935-a9e4-4084-b5de-d8209b41dea2 Show response
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 145 KB
16 KB 209ms
208ms Script
application/json 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/46f3f935-a9e4-4084-b5de-d8209b41dea2?segments=true&mergestate=true&state=%7B%22_uid%22%3A%2246f3f935-a9e4-4084-b5de-d8209b41dea2%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22secure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%22%2C%22_v%22%3A%223.0.26%22%7D&ts=1651832676406&callback=u_482945192186831500

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa7d84247201e21da4cb9dca1adbe57cd3acbfeb5c69965decd4c7bc2d20f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray: 707101d3ac0683b4-MXP
date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d41%2FSnTDVbhEF1Ly6miQ0UmsXzvfGr2E4CUfAlidxRNNtVwAso6%2BzZkj%2BhYBEqC0Zmm%2BGjjdlyAbdQSf4nez8SkWOkM0pncyXPBlSs5S3p2%2BqnQfnPxa%2BkmvdIvlpiSVSqk6SNwlodLq"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
312 B 208ms
208ms Image
image/gif 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1651832676403&_nmob=t&_device=desktop&url=secure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd&_uid=46f3f935-a9e4-4084-b5de-d8209b41dea2&_v=3.0.26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywAc0nqoOFHBsRVzgWL7wY7%2Fv5WtINT32AQQ8tv1k3FuwEDG0CpTqWXBzwCpr4pKR2h0sDphpQmw7BmLjFBREkhUjjhyW1mC5GxXdQvMMyzqWI02zvsE45OhRHgkYNcZBrxhop43StZA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 707101d3ac1f83b4-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H/1.1 200
OK aff_goal Show response
tracking.legacyoffers.com/ Frame BF8F 88 B
522 B 133ms
31ms Document
text/html 63.33.177.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=402
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.177.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-177-108.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a62069a41aab6484d03efbadd64f45a860f0d75849acfd7966a23088aff7382d

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 06 May 2022 10:24:36 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Request-Id: 6c6cf0812c5f348de57dffb04097266b

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 33ms
19ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1341206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIXryQPLTM1jAzqLdkP9br6hJ4nymxEGCB7ByulLJ1hhulz%2B1KeM36WlhA%2B3L6qyspVlmybEBAXCDwzQ73253Rk2RfhmDYH7YMQQ9VaUS8lwvV1Agm0JAMxIbmj6LqxOstZzub9QsXCM3d6FIvArOLre"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 707101d3c82c0221-ZRH
expires: Wed, 26 Apr 2023 10:24:36 GMT

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ 79 KB
80 KB 9ms
9ms Script
application/javascript 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/bootstrap.bundle.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 04:39:26 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Jun 2020 13:27:40 GMT
Server: AmazonS3
Age: 20775
ETag: "7fd2f04e75bd7ab1a79d80cdd4c33085"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 81084
X-Amz-Cf-Id: csxnlEKE7ZMYZBz0dVLIFMtAWPIVUWm_Z6iU7DC4STrX2SjaIptBog==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ 676 KB
184 KB 53ms
18ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: Q_CSnOmrD43lt5GQ4.FnJiRrxgH4vQB2
Content-Encoding: gzip
ETag: "b037efb4398a11d20810bda5ec4664a4"
x-amz-request-id: JKD8N0381ZRYMC2F
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 188063
x-amz-id-2: z2LTFTwh4g4jmzbik2dy6VQXfGXoA0uhcl0L+KDWykwcWvQYfwvqUUnieg119sJkT3q4IrGZaKk=
X-BCOV-Response-Mode: 1
X-Served-By: cache-hhn4028-HHN
Last-Modified: Fri, 04 Mar 2022 17:13:39 GMT
Server: AmazonS3
X-Timer: S1646414227.972369,VS0,VE1
Date: Fri, 06 May 2022 10:24:36 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=88
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK ouibounce.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ 2 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ouibounce.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 08:39:28 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Apr 2020 20:03:18 GMT
Server: AmazonS3
Age: 6516
ETag: "aa63b6f263c50e0cd2636cce8c794214"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 1626
X-Amz-Cf-Id: ggiR8vZ-WkpXPTjrSGzWSsKRiFZK6pimZtD7ZPSW6qWzTtJaRqEMVg==

GET
H/1.1 200
OK lr-data-pb.js Show response
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/ 10 KB
11 KB 17ms
7ms Script
application/javascript 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/lr-data-pb.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b16866b87b8808c3b0f8669a7246c1896d65c886a06a8e79a65af86017c33b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:22:22 GMT
Via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Last-Modified: Wed, 28 Apr 2021 15:11:24 GMT
Server: AmazonS3
Age: 15728
ETag: "65707f62b71fbf9cf4810a78e1c7d536"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 10477
X-Amz-Cf-Id: LGf76NQb8UHw1zuHl-orhJC-mxbP2wkezQOfj0sTgCXlXvcpyC9EHg==

GET
H/1.1 200
OK v-zoom-alt.js Show response
d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/js/ 8 KB
8 KB 19ms
9ms Script
application/x-javascript 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/js/v-zoom-alt.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fea6a995f719305ce605045cc3a57bdd0c7115bcfa66b26f0b63ff28f79f3365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 05 May 2022 10:58:55 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jan 2022 18:48:50 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 84342
ETag: "e1a86ac2ebe47094af4c09aba1fe53e8"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 7957
X-Amz-Cf-Id: aYAI8W4kfbNLtrOASVWTCerODUA5H3iGQSQdHkjoa1GxPovfoFBm6w==

GET
H/1.1 200
OK teeka-tiwari-circle.png
d3bjnmbj12697.cloudfront.net/_/headshots/ 71 KB
72 KB 24ms
8ms Image
image/png 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/_/headshots/teeka-tiwari-circle.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5e1837dada0ad7bb636eac26701265690c759923bafd7875a00d9406420224a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:22 GMT
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
Last-Modified: Wed, 14 Jul 2021 19:17:00 GMT
Server: AmazonS3
Age: 162
ETag: "8f2ea8683d788c3521d1aed5ae02d1f8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 72845
X-Amz-Cf-Id: EKyDKvuyN0AhPGtzcCeSNpXrtsZfIHnld_kwkWpJv6UMTbSpCg5-3A==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=540950395&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=731307761.1651832676&tid=UA-87443958-7&_gid=908967311.1651832676&gtm=2wg540PSPS9BF&z=141711371

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 May 2022 16:25:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64731
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/e105368420994e038ee8f447459557ab/ 43 B
420 B 191ms
95ms Image
image/gif 54.86.209.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.86.209.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-209-152.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,d1204265233dbab6c0272e7a20776859,10.0.0.64,8098,217.64.151.69,,30046255462,1,1651832676.658,0.002,,.,0,0,0.000,0.004,-,0,0,197,209,104,10,35796,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK crypto-flag.jpg
d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/img/ 105 KB
106 KB 13ms
8ms Image
image/jpeg 2600:9000:2156:4400:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/img/crypto-flag.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBL/inlinecss/1637699325186.css?versionId=dbgOkl6a06HskKr3j.XN6.qQeckx6O07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4400:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e127bcfa908eef579a98d6824b52fab529458616c89c4aefaf1703d0a13c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:22 GMT
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
Last-Modified: Mon, 25 Oct 2021 21:04:58 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 3279
ETag: "a90e6f5e0b6731e8e1b1862da5e6663b"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 107676
X-Amz-Cf-Id: 1yb36rYEy8O8-dPjSclVRSrD_snGkPeNINh1Tlt8dv56haUdPZ0gwg==

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 477ms
160ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b64e10f91850e345ebb1941e35645684b9ed2c4135136ce573717b3dec785679

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:36 GMT
X-Correlation-Id: 5dfbe8df-acd2-463e-8885-9490e91f47cd
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame 8CED 22 KB
22 KB 157ms
156ms Document
text/html 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: cda737664e4491542d72c7bed3cbda8441f4609e5cd74326820a16a97393f165

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Fri, 06 May 2022 10:24:36 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: e50c6f86-da16-4f49-b427-4d7e7750cf61

OPTIONS
H2 200 6279058424001
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ Frame 0
0 76ms
45ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6279058424001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://secure.palmbeachgroup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
bcov-debug-cache-stats: unknown
bcov-instance: unknown
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Fri, 06 May 2022 10:24:36 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-amz-cf-id: unknown
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4073-HHN
x-timer: S1651832677.734377,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 56ms
15ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-mxp6972-MXP
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 135370

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 42ms
20ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 06 May 2022 10:24:36 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 39ms
21ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 06 May 2022 10:24:36 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 6279058424001 Show response
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ 5 KB
5 KB 12ms
12ms XHR
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6279058424001
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04625c04c6e678ebc79cc1fc05386ec59e0c375d08a81fdc13a9c1fe1a2aaf44

Request headers

Accept: application/json;pk=BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

bc-override-client-ip: 217.114.218.26
date: Fri, 06 May 2022 10:24:36 GMT
powered-from: eu-central-1c
bcov-request-id: db732c26-48b3-43f9-a1a2-d0f03ed86da8
age: 14
policy-key-accountid: 5102072647001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 4626
x-served-by: cache-hhn4073-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
x-timer: S1651832677.746161,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

GET
BLOB 200
OK b804f81b-4723-4d8e-9ab7-33d80a5b0d97
https://secure.palmbeachgroup.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/b804f81b-4723-4d8e-9ab7-33d80a5b0d97
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 22ms
22ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=91f72100ea3de421a231e1b3&account=5102072647001&destination=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&platform_version=6.27.0&player=players.brightcove.com%2F5102072647001%2F0zLsWuD5UW_default&player_name=Marketing%20Player%20-%20No%20autoplay&source=&usage=inpage-embed&event=player_load&time=1651832676684&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=42100000&qos.performance.memory.totalJSHeapSize=50400000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1651832674754&qos.performance.timing.loadEventStart=1651832674753&qos.performance.timing.domComplete=1651832674753&qos.performance.timing.domContentLoadedEventEnd=1651832674753&qos.performance.timing.domContentLoadedEventStart=1651832674753&qos.performance.timing.domInteractive=1651832674753&qos.performance.timing.domLoading=1651832672736&qos.performance.timing.responseEnd=1651832672734&qos.performance.timing.responseStart=1651832672733&qos.performance.timing.requestStart=1651832672212&qos.performance.timing.secureConnectionStart=1651832672188&qos.performance.timing.connectEnd=1651832672212&qos.performance.timing.connectStart=1651832672178&qos.performance.timing.domainLookupEnd=1651832672178&qos.performance.timing.domainLookupStart=1651832672177&qos.performance.timing.fetchStart=1651832672177&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1651832671732&qos.performance.bcInit=50.39999985694885&qos.player.dimensions=%5B%5B1651832676684%2C%22300x150%22%2C%22800x450%22%5D%5D&qos.player.pixelratio=%5B%5B1651832676684%2C1%5D%5D&qos.player.screendimensions=%5B%5B1651832676684%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 06 May 2022 10:24:36 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
231 B 84ms
45ms Image
image/gif 2a04:4e42:600::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D46f3f935-a9e4-4084-b5de-d8209b41dea2%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-vcl-time-ms: 29
pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 varnish
server: nginx
x-timer: S1651832677.739347,VS0,VE29
x-served-by: cache-mxp6952-MXP
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 40F1 0
0 75ms
23ms Document
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd&assetId=AST207430&page=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Fri, 06 May 2022 10:24:36 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 77c21d510266169b
pixel.sitescout.com/up/ 43 B
267 B 464ms
412ms Image
image/gif 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 43ms
22ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 06 May 2022 10:24:36 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET thumbnail.webvtt
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/ 0
0

GET
H2 200 thumbnail.webvtt Show response
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/ 159 KB
159 KB 20ms
8ms XHR
text/vtt 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/thumbnail.webvtt?fastly_token=NjI3NTYzMzZfOTI3MGUwNDNlMTkzM2UyYTQzOTlhMGNhMDVhM2EyZmYyYjU3NDQxMDIwNTJmZGVhMGNiOWU1ZTI3MGQ2ZWNkYw%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: f8dbfcdbe77d25e0830d529f0ecb7fbfa47d68167133dd33fb920c295e7e7996

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 varnish
age: 1634
x-powered-by: BC
x-cache: HIT
content-length: 162380
x-served-by: cache-hhn4073-HHN
x-device-group: desktop-chrome
x-timer: S1651832677.789116,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/vtt; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/9e90e97a-26ac-43ad-ac4d-ac50fe54c822/1280x720/match/ 145 KB
146 KB 33ms
8ms Image
image/jpeg 143.204.100.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/9e90e97a-26ac-43ad-ac4d-ac50fe54c822/1280x720/match/image.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.100.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-100-40.fra50.r.cloudfront.net
Software: / BC
Resource Hash: 2e4300071c7d7ee2228bc47f31403c8c4c6511f5a0b8bd102df8802d85c43dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:43:19 GMT
Via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 8185277
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: vFUics1sMpTJeKK9bD2vhROKy9nSVB7EvsUCDw9RhSiw0KNvEZg80w==
Expires: Tue, 31 Jan 2023 16:43:19 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/10s/ 7 KB
7 KB 22ms
22ms XHR
application/x-mpegurl 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/10s/master.m3u8?fastly_token=NjI3NTYzMzZfYTQ5MDU3MGYxNzJiODI5MjU0NGE2MWNiYjdmMzMwYWJiOTgwZDlmYmVkNmFhN2RiZGMwMGUxZjJjOTM1ZGUyMg%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 14f0dd1a0eda9081ad41fdd0b3ac866c8989ad25570419f523f12b95acfd182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 varnish
age: 1634
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 7279
x-served-by: cache-hhn4073-HHN
x-device-group: desktop-chrome
x-timer: S1651832677.791553,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
BLOB 200
OK 4052649b-8762-49ca-983e-75395f9c9387
https://secure.palmbeachgroup.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/4052649b-8762-49ca-983e-75395f9c9387
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 22ms
22ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Fri, 06 May 2022 10:24:36 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=540950395&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=913250169&gjid=165932488&cid=731307761.1651832676&tid=UA-170962029-3&_gid=908967311.1651832676&_r=1&gtm=2wg540PSPS9BF&z=1882899027

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 63ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 37CEFDB080274936B1CF5FD89AF536AF Ref B: FRAEDGE1313 Ref C: 2022-05-06T10:24:36Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 06 May 2022 10:24:36 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 32ms
17ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-474630786

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f080a9d1a5b53030e8594bcf243581d94e3a24e07363a25d03b2665104b06d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44173
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:36 GMT

GET
H/1.1 200
OK / Show response
js.trackinggrid.com/lr/ 863 B
1 KB 352ms
114ms Script
application/javascript 209.59.154.196
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://js.trackinggrid.com/lr/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.154.196 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:37 GMT
X-Content-Type-Options: nosniff
X-Original-Content-Length: 1062
Server: nginx
Etag: W/"PSA-aj-JPd0QB94FZ"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2570036
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 863
Expires: Sun, 05 Jun 2022 01:48:33 GMT

GET
H2 200 bss-px.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 5 KB
2 KB 385ms
385ms Script
application/javascript 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js?affiliateId=2000&brandId=2003
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd&assetId=AST207430&page=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 06 May 2022 09:54:21 GMT
x-amz-cf-pop: FRA60-P1, FRA56-P4
x-amzn-requestid: 90538692-7efd-4bcd-b887-ccd04cd6081e
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: Rsp8MHOAoAMF-6g=
content-length: 2087
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront), 1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 707101d65e9623f7-ZRH
x-amz-cf-id: 5hU3O7ESBXvSkPK8z1Qy8SE7oSr4NTiZqwIc195UAguOmHe9thwrKg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 40 KB
13 KB 45ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e17cc900f2c3e8e09d3a2d454c231fccc85c4d1c6164b05c1d5c482a51d21190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 22:51:55 GMT
server: nginx
etag: W/"6244df0b-a0be"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 May 2022 10:24:36 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/10s/ 203 KB
203 KB 11ms
11ms XHR
application/x-mpegurl 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/10s/rendition.m3u8?fastly_token=NjI3NTVjZTJfYzZkM2QyZjdlNDRiZjIzNTZmZjE4ZWUwZDMyMzQ2ZTIyNjkwYzdmYmFkMmEyOTAwMjJlYjVjOTU3MjI3NTBkYQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ccfd54834a44aa74f46bc6bbc924e1561afa238f09a0f36a9211ac9a210b8639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 varnish
age: 14
x-powered-by: BC
x-cache: HIT
content-length: 207539
x-served-by: cache-hhn4073-HHN
x-device-group: desktop-chrome
x-timer: S1651832677.857480,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

POST
H2 200 generic Show response
secure.palmbeachgroup.com/snowflake/ 21 B
309 B 462ms
461ms XHR
application/json 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/generic
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd&assetId=AST207430&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA60-P1, FRA56-P4
x-amzn-requestid: 50f438cf-bbff-4690-a162-f6ea9a7273a4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6274f765-2659ad667a803ef92eb6fd56
cf-ray: 707101d66eaf23f7-ZRH
x-amz-apigw-id: RsuX2EtnIAMFdxQ=
content-length: 21
x-amz-cf-id: lZiEIgh9CBpvjRzAy3kAfYFYMVll8L7CVYkXCnZ1FulM4xbHj6k3ng==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-170962029-3&cid=731307761.1651832676&jid=913250169&gjid=165932488&_gid=908967311.1651832676&_u=aEDAAEABAAAAAC~&z=1055091458

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 May 2022 10:24:36 GMT
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 8CED 0
299 B 156ms
156ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 May 2022 10:24:36 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 268dd077-6c59-476e-97a4-0abb686a20ca
Content-Length: 0
Expires: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/10s/ 204 KB
204 KB 7ms
7ms XHR
application/x-mpegurl 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/10s/rendition.m3u8?fastly_token=NjI3NTVjZTJfNWE1YmMwMTY0Nzk2MWE0NGFmOGNkYjRjOTI1OGViYTc0ZWU5Y2UzZjhhZDMzMmUzMzVlODY4ZmFiYmUwNzY4OQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 213f185922e8396329370625b5bf7df03d40cab3b8b592e7b627279672625916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
via: 1.1 varnish
age: 13
x-powered-by: BC
x-cache: HIT
content-length: 208985
x-served-by: cache-hhn4073-HHN
x-device-group: desktop-chrome
x-timer: S1651832677.889233,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
BLOB 200
OK 810d7a0d-1c2d-42e1-9514-9af9aa0d8e3d
https://secure.palmbeachgroup.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/810d7a0d-1c2d-42e1-9514-9af9aa0d8e3d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 1b19a6e5-3416-4143-89bd-84aecc6b14a2 Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/ 16 B
221 B 143ms
142ms XHR
application/octet-stream 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/1b19a6e5-3416-4143-89bd-84aecc6b14a2?fastly_token=NjI3NTYzMzdfYTFhMzhiMjFjOWRlNTBhNDg2NGQ2YjEzNDFjNzZlNWI2NTZkMTY2MjE1ZTA1Y2EwNDAyNmY4MTgyYzQwZmM3Nw%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 6d58748d0b000de1d216c553178882ab71d53f37f5c57e50e97d72a79924cf34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 varnish
bcov-request-id: c8d4d25c-7715-4be1-8b7c-5f5cd4d3a264
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4073-HHN
x-device-group: desktop-chrome
x-timer: S1651832677.903390,VS0,VE134
x-powered-from: eu-west-1c
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=8769
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/ 2 MB
2 MB 46ms
16ms XHR
video/mp2t 2a02:26f0:3500:7::17d8:4dcb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/segment0.ts?akamai_token=exp=1651860278~acl=/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/1b19a6e5-3416-4143-89bd-84aecc6b14a2/*~hmac=4bffeed116cdd08be46482d70e0770dd2480245c408a1f56caabc8329bab83c9
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:7::17d8:4dcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: ce004d6ba293ddac2a8cfe6c819fc6c222f56c93374fcc8492b68e976018ea2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:36 GMT
X-Amz-Cf-Pop: JFK51-C1
X-Powered-By: BC
Backend-IP: 13.225.231.196
BC-MID: true
Connection: keep-alive
Content-Length: 2322560
X-Served-By: cache-ewr18182-EWR
Expires: Tue, 31 Jan 2023 16:28:38 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1643649528.138059,VS0,VE9
X-Powered-From: gantry
ETag: "c0fe676c34d3742ee75af3c7b016536d"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range
Cache-Control: public, max-age=23349842
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: QVqixBqavoujeg5KhWvIfDSmYaaCPi3Y8-Z-WLPIS0fBvovJVkryYA==
X-Cache-Hits: 1

GET
BLOB 200
OK 49d7f3a4-2ecd-48d9-ae6c-4267e82511e1
https://secure.palmbeachgroup.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/49d7f3a4-2ecd-48d9-ae6c-4267e82511e1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 1b19a6e5-3416-4143-89bd-84aecc6b14a2 Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/ 16 B
118 B 239ms
239ms XHR
application/octet-stream 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/1b19a6e5-3416-4143-89bd-84aecc6b14a2?fastly_token=NjI3NTYzMzdfYTFhMzhiMjFjOWRlNTBhNDg2NGQ2YjEzNDFjNzZlNWI2NTZkMTY2MjE1ZTA1Y2EwNDAyNmY4MTgyYzQwZmM3Nw%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 6d58748d0b000de1d216c553178882ab71d53f37f5c57e50e97d72a79924cf34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 varnish
bcov-request-id: 5bd3f5fd-c816-4d47-a3e2-d776cf3d2946
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4073-HHN
x-device-group: desktop-chrome
x-timer: S1651832677.922860,VS0,VE233
x-powered-from: eu-west-1b
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=8769
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/ 297 KB
298 KB 44ms
15ms XHR
video/mp2t 2a02:26f0:3500:7::17d8:4dcb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/segment0.ts?akamai_token=exp=1651860279~acl=/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/1b19a6e5-3416-4143-89bd-84aecc6b14a2/*~hmac=dae5f9aa39f8ab9be5b268e26930e065ad46016999abb2baa469fe056bfb4673
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:7::17d8:4dcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 66f66a06a243997049dddb802cb8066b7891379f487a6553836c3e88e218a3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:36 GMT
X-Amz-Cf-Pop: JFK51-C1
X-Powered-By: BC
Backend-IP: 13.225.231.196
BC-MID: true
Connection: keep-alive
Content-Length: 304192
X-Served-By: cache-ewr18142-EWR
Expires: Tue, 31 Jan 2023 16:23:48 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1643649529.548716,VS0,VE1
X-Powered-From: gantry
ETag: "7be8458ad565ba32687a77024cbd183d"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range
Cache-Control: public, max-age=23349552
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: MG5j4nA9yaQVv-z95wI3hbFOZ876-UeheKkRTirnU5FvADPYb20NPQ==
X-Cache-Hits: 1

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 68ms
40ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 10:24:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 51ms
30ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=731307761.1651832676&jid=913250169&_u=aEDAAEABAAAAAC~&z=1648600490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
32ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=731307761.1651832676&jid=913250169&_u=aEDAAEABAAAAAC~&z=1648600490

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 134025694.js Show response
bat.bing.com/p/action/ 0
118 B 176ms
176ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134025694.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 446FE135D36642A49E1B5F0D53B5A8D1 Ref B: FRAEDGE1313 Ref C: 2022-05-06T10:24:36Z
date: Fri, 06 May 2022 10:24:36 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134025694&tm=gtm002&Ver=2&mid=fbc339bd-587b-48e9-8083-1c5e8cb1db03&sid=bae1cff0cd2611ec9d18676a799898e5&vid=bae1fd50cd2611ec82c501b3738739c1&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Palm%20Beach%20Research%20Group&p=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&r=&lt=3022&evt=pageLoad&msclkid=N&sv=1&rn=271050

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4021449198604516B3DF8E70B8F32708 Ref B: FRAEDGE1313 Ref C: 2022-05-06T10:24:36Z
date: Fri, 06 May 2022 10:24:36 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/474630786/ 3 KB
2 KB 44ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/474630786/?random=1651832677010&cv=9&fst=1651832677010&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0812fa93a55d1a42b860f4a65610b5497e8c63b118c0b9be777f396e2ceae2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
299 B 159ms
159ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 May 2022 10:24:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: c965ccbd-b829-44b8-aff6-2ba424564ce1
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 8CED 0
299 B 170ms
157ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 May 2022 10:24:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: dec9a095-da0f-4659-a7a8-7a38575acd58
Content-Length: 0
Expires: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/474630786/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/474630786/?random=1651832677010&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=2560246428&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/474630786/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/474630786/?random=1651832677010&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=2560246428&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 8CED 0
299 B 238ms
155ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 May 2022 10:24:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: a645a507-34e8-400b-a786-5c88d69bcc2b
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame 8CED 0
299 B 382ms
157ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 May 2022 10:24:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: fcd40629-773c-4132-8db9-c59c1fe50417
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame 8CED 0
299 B 394ms
156ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=33cf0e5f164042a88624c4a6a21e0e7c
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 May 2022 10:24:37 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 6b12949a-07c9-462b-96eb-ffa283f3a7fb
Content-Length: 0
Expires: 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 41ms
41ms Script
text/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray: 707101d89a1583b4-MXP
date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 06 May 2022 09:43:24 GMT
server: cloudflare
age: 2473
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGH0lzbsbhjqte9jWQPSwsVb7UiKv8hUzbhE%2Bx802T1hWb6eGIdKWDtgoGZ5ZwpRRe2RfYUScKBlHeIktXihfNhvFAFzOi%2Fa%2ByOJ4FDliBwxDZtspqflHmZnwDcHQpu8oe%2BGWpfE%2Ftm%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 2 KB
730 B 944ms
944ms XHR
text/html 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd&assetId=AST207430&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
cf-ray: 707101d88a2223f7-ZRH
x-cache: Error from cloudfront
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-type: text/html
x-amz-cf-id: H_HltDMw8Df0rzVF5_uUbA7puNEfzEMQKxjkePhDIipUhfNXNlxDRQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 150 KB
56 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-753664851

Requested by

Host: js.trackinggrid.com
URL: https://js.trackinggrid.com/lr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e2a027cbc0abfeca30d92e9ce4341afd25fffb3f40f9d0867b87325bb36c127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57252
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 46ms
30ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753664851

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c0761851b560ea68db34a7dd10eae78171922dba49888d1ca97410d17206596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40737
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 150 KB
56 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c69bdf297f18bf576e18923b511985dedbc85cec05d3da699e48b9e87efdb74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57252
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

89e7c0e19f9fe02f3cfb6007bca678f67c11925870f6a00a8b3b9ac351ae6af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44181
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 150 KB
56 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-311444767&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cd8b6b22fdfcb11dc3e9bf93a1f2198f4c6f04e4ad714f4756af7bba7f336c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57315
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668877205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fc718fd0841f0564dd2ef3c25f0542bfca894886549b06fdf319e462a5ad934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44184
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10828766220&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9efff436d748fbf4a6dc4c29ef7afb1eae6f5a6ab5b216e558fe89a73155e150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44248
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668474013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a12bb559b0880f1bd77b6e55ad4846aaa64d4afc25afee2ad436e0b89089fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44204
x-xss-protection: 0
last-modified: Fri, 06 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 10:24:37 GMT

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 2 KB
753 B 1325ms
1325ms XHR
text/html 2606:4700::6810:1837
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1837 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd&assetId=AST207430&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
cf-ray: 707101d8daac23f7-ZRH
x-cache: Error from cloudfront
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-type: text/html
x-amz-cf-id: iy7e_FMZ3Wexqaq4GUiv0pIa6_76379MIo2p0-3DDGtnQ0D0BVQOfQ==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DE69 14 KB
6 KB 64ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure.palmbeachgroup.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5884
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 10:24:37 GMT
server-processing-duration-in-ticks: 2446
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 43ms
41ms Stylesheet
text/css 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray: 707101d8fb8883b4-MXP
date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 06 May 2022 09:43:27 GMT
server: cloudflare
age: 2470
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgnosw2iGLriNHcQ2NrOnrnUgWGtBXxd32uQoap1PkTmkH%2BuaM0N6PDDfGifR8mmuPeo3drrLlpSbFATGtrMn%2BNQWqwUuzI%2BAiIRCJSqJ70DpX95B4scZGdZjHPeEwkTwqYOawATE7wu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/ 333 KB
23 KB 63ms
63ms Script
application/javascript 2606:4700:20::ac43:49ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:49ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

553e3d722aeb60f4dc40dc32d19a41fdcf768cc0f59332093f55737f6d746b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2869
content-encoding: br
last-modified: Fri, 06 May 2022 09:36:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMVyKNxq%2FBCB8WyCHZzHjnAxdFmukKsBpaXQFS6lXksmGy7eUJRjVjmx3XuoxzIoR2wKotn91GWyGCSWPVjXQ1m8QzSCoDBh2CpbWgsL%2F3sXBeOYieZXOHGFnn1WLny%2BMvoaEdyZjmlS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 707101d90b9b83b4-MXP

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=540950395&t=pageview&_s=1&dl=secure.palmbeachgroup.com%2Fhttps%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=lrRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1869507065&gjid=1843710272&cid=731307761.1651832676&tid=UA-137602623-2&_gid=908967311.1651832676&_r=1&gtm=2ou540&z=240908151

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 328
date: Fri, 06 May 2022 10:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 06 May 2022 12:19:09 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/ 3 KB
1 KB 72ms
57ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/?random=1651832677342&cv=9&fst=1651832677342&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe671f92bce964f724ceebbd482458cdb20017693b4d5e43917cd24b0dabe2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 26ms
25ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DE69
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=palmbeachgroup.com&sn=ChromeSyncframe&so=0&topUrl=secure.palmbeachgroup.com&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=YwM3KnxRNmYzTDljZlNKMGxNSjJBWE8rRC9TSGx6YTdFejUrUXZoWkh6dkRxeFo4QklmbmFrWTY1cDFLL3JNTWtvVFZwY0h5TWdOaWI0c2JJWGR3dTJKOXc5cGtEeU9WMHIrS0RHNTBUV1NpVzlPbWhnZkhCMHlqY0p0N3...

465 B
655 B

111ms
40ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YwM3KnxRNmYzTDljZlNKMGxNSjJBWE8rRC9TSGx6YTdFejUrUXZoWkh6dkRxeFo4QklmbmFrWTY1cDFLL3JNTWtvVFZwY0h5TWdOaWI0c2JJWGR3dTJKOXc5cGtEeU9WMHIrS0RHNTBUV1NpVzlPbWhnZkhCMHlqY0p0N3dmWGlvSlFpd2dMR2NmMk9DNE9LQWMrOFpzandYcmhvYncwQmw2amVTUGlIK3NNMlM3OUNpeGRWNHdXV2ErYU9CV2JwR1phZW10TmNUTEc4cUYrTlVaNlBvYVZTZ0ZOaENSRHFhaGJJbWEyUFEyU1AxbFhYUVNVUy8xbnhvT1hHMUtTYUNJb3Y2ZmJtSU9VaC9sTk1iN0pnK1A5MDJtcjEyMTZSZ3BCaWh2a0w2UFlCeHFidz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

69cafb680c2741bb52f840b41c88dc025e1c3e45d99a1544fcea2ed288557189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4699
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:36 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=YwM3KnxRNmYzTDljZlNKMGxNSjJBWE8rRC9TSGx6YTdFejUrUXZoWkh6dkRxeFo4QklmbmFrWTY1cDFLL3JNTWtvVFZwY0h5TWdOaWI0c2JJWGR3dTJKOXc5cGtEeU9WMHIrS0RHNTBUV1NpVzlPbWhnZkhCMHlqY0p0N3dmWGlvSlFpd2dMR2NmMk9DNE9LQWMrOFpzandYcmhvYncwQmw2amVTUGlIK3NNMlM3OUNpeGRWNHdXV2ErYU9CV2JwR1phZW10TmNUTEc4cUYrTlVaNlBvYVZTZ0ZOaENSRHFhaGJJbWEyUFEyU1AxbFhYUVNVUy8xbnhvT1hHMUtTYUNJb3Y2ZmJtSU9VaC9sTk1iN0pnK1A5MDJtcjEyMTZSZ3BCaWh2a0w2UFlCeHFidz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1445
content-length: 567
expires: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/ 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/?random=1651832677434&cv=9&fst=1651832677434&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8f33466c2f3951358f335f52d8b38700b1c9ba1edd114512d89efea77ba1975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/ 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1651832677436&cv=9&fst=1651832677436&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5123123a6d6a1dd32fa631603e20b229d29b07ff2ac31f8860188ad23444a3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/ 3 KB
1 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1651832677438&cv=9&fst=1651832677438&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1d0a52eed37fd8b3d4cc1a887c86244eb12287a984646bf2e5391ec9bf8ad27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/668877205/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1651832677438&cv=9&fst=1651832677438&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/668877205/?random=1651832677438&cv=9&fst=1651831200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/668877205/?random=1651832677438&cv=9&fst=1651831200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

20ms
19ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1651832677438&cv=9&fst=1651831200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1144896003&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/668877205/?random=1651832677438&cv=9&fst=1651831200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1144896003&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/ 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/?random=1651832677439&cv=9&fst=1651832677439&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8915589c3b58bc365421ac1a7a84b6a816a2f87cdb920966b1969289c7c2506b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/ 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1651832677440&cv=9&fst=1651832677440&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f450b798173e7c09d31ed72a103fb67ad0b09f7d52ffb099ca79c9f506a4fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/753664851/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/753664851/?random=1651832677342&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3085839466&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/753664851/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/753664851/?random=1651832677342&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3085839466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/700588147/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/700588147/?random=1651832677434&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3372186036&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/700588147/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/700588147/?random=1651832677434&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3372186036&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/311444767/ 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/311444767/?random=1651832677438&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=949035345&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/311444767/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/311444767/?random=1651832677438&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=949035345&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668474013/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668474013/?random=1651832677439&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3183142189&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668474013/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668474013/?random=1651832677439&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3183142189&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456578300/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456578300/?random=1651832677440&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=52232237&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/456578300/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/456578300/?random=1651832677440&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=52232237&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10828766220/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10828766220/?random=1651832677436&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=153880243&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10828766220/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10828766220/?random=1651832677436&cv=9&fst=1651831200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=153880243&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=94539&v=5.9.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1...
https://widget.us.criteo.com/event?a=94539&v=5.9.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1...

8 KB
8 KB

289ms
101ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=94539&v=5.9.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1JTJGa2tEUWJYOExQYkhtd2hxd0pLdWRTTGRvQiUyQkRtYlBOdEY5dDhHRk1Gd0hiWDZXU2hPbUUlMkJueU1QYVBtRUNvMmowaDhublB3dUJmU29ETGdBVFZwa0JvWHZxWTRDJTJGSDJBTzAyWU91RG1xakhPNHdVclpNaXlYV0RqczNGSSUzRA&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&dtycbr=84088

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e350f6099d3c29a866a5fa8e72b70cbb53faf686bdfe383951323841b492ea7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 10375822
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=94539&v=5.9.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1JTJGa2tEUWJYOExQYkhtd2hxd0pLdWRTTGRvQiUyQkRtYlBOdEY5dDhHRk1Gd0hiWDZXU2hPbUUlMkJueU1QYVBtRUNvMmowaDhublB3dUJmU29ETGdBVFZwa0JvWHZxWTRDJTJGSDJBTzAyWU91RG1xakhPNHdVclpNaXlYV0RqczNGSSUzRA&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT630954%26step%3Dstart%26plcid%3DPLC139708%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5146467%26emailname%3D20220506-pbd%26assetId%3DAST207430%26page%3D1&dtycbr=84088
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5274199
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 25B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_cm&google_hm=ay0wcUNpNXowekljenVWcWdOSlJCb25iZUN1bDJ0Z25TN...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_gid=CAESEOlDRg_edHEMXFcGCBc9RE4&google_cver=1&google_ula=913071,0

43 B
371 B

63ms
22ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_gid=CAESEOlDRg_edHEMXFcGCBc9RE4&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 6357911
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&google_gid=CAESEOlDRg_edHEMXFcGCBc9RE4&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame 25B2
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=YDqada3miD7ktRymYt1y29lYX7g9WnUb

42 B
178 B

18ms
17ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=YDqada3miD7ktRymYt1y29lYX7g9WnUb
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=YDqada3miD7ktRymYt1y29lYX7g9WnUb
date: Fri, 06 May 2022 10:24:37 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3035
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame 25B2 0
232 B 129ms
29ms Image
text/html 3.248.113.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg&custom=&tag_format=img&tag_action=sync&custom=&cb=ab44687a-939f-45cf-b87e-5672742daf4b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.113.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-113-119.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame 25B2 42 B
447 B 37ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-0qCi5z0zIczuVqgNJRBonbeCul2tgnS65ueMbg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 May 2022 10:24:37 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 25B2 0
47 B 17ms
14ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame 25B2 43 B
292 B 35ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 06 May 2022 10:24:37 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 25B2 0
398 B 51ms
11ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-jB4_yD0zIczuVqgNJRBonbeCul2O5CvXDJ4TDQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 25B2 0
476 B 360ms
86ms Image
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ghboRT0zIczuVqgNJRBonbeCul1MopXIbI2MiA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:38 GMT
Cache-Control: no-cache
X-TraceId: 47448ffa1532890cc64b23e4166d9141
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame 25B2 0
428 B 134ms
107ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-Xgf7cT0zIczuVqgNJRBonbeCul0uHZ3H_B4XaA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:38 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 06 May 2022 10:24:38 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 25B2 0
239 B 41ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-Xgf7cT0zIczuVqgNJRBonbeCul0uHZ3H_B4XaA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 25B2
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-AkfVPz0zIczuVqgNJRBonbeCul2TRhk_yPC1JA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AkfVPz0zIczuVqgNJRBonbeCul2TRhk_yPC1JA%26seg%3D95287

43 B
1 KB

56ms
56ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AkfVPz0zIczuVqgNJRBonbeCul2TRhk_yPC1JA%26seg%3D95287

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a45dd219-4737-4962-9c0a-8dd112681aef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:37 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5f59e8eb-3944-4654-a4f2-19eb77e7a19e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-AkfVPz0zIczuVqgNJRBonbeCul2TRhk_yPC1JA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 25B2
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=817946562597264050

43 B
370 B

18ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=817946562597264050

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1803642
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2b96a1ef-211e-4ccd-b948-e0ac5c13ebca
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=817946562597264050
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 25B2 42 B
675 B 67ms
20ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-QVTbzD0zIczuVqgNJRBonbeCul1VCf75e0yNyg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug021:0:522
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame 25B2
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-6YkxYT0zIczuVqgNJRBonbeCul3UISEBRbbWKQ&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-6YkxYT0zIczuVqgNJRBonbeCul3UISEBRbbWKQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

8ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-6YkxYT0zIczuVqgNJRBonbeCul3UISEBRbbWKQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-6YkxYT0zIczuVqgNJRBonbeCul3UISEBRbbWKQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 06 May 2022 10:24:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame 25B2 45 B
783 B 87ms
52ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-NVoJRD0zIczuVqgNJRBonbeCul2nI7-tUyd0JQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 06 May 2022 10:24:38 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 06 May 2022 10:24:38 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 25B2
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ&C=1

43 B
1 KB

22ms
22ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 06 May 2022 10:24:38 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Fri, 06 May 2022 10:24:38 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 25B2 0
239 B 52ms
8ms Image
text/plain 2600:9000:2156:7000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-n98KQz0zIczuVqgNJRBonbeCul1iyHh50f4fdA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: sG3fiowWYK3KQRZSg8toE5oLGs5xaCXpcmyG-3ciRwBERmJ1VmhWoA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 25B2
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-vuOMtj0zIczuVqgNJRBonbeCul0CVWqMVuRE0w&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuOMtj0zIczuVqgNJRBonbeCul0CVWqMVuRE0w&expires=30&user_group=5

43 B
510 B

111ms
110ms

Image
image/gif

35.211.178.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuOMtj0zIczuVqgNJRBonbeCul0CVWqMVuRE0w&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 35.211.178.172 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-vuOMtj0zIczuVqgNJRBonbeCul0CVWqMVuRE0w&expires=30&user_group=5
Date: Fri, 06 May 2022 10:24:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame 25B2 35 B
336 B 101ms
37ms Image
image/gif 52.215.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-9-Jy9j0zIczuVqgNJRBonbeCul3t5Y_2XFNKew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.133.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-133-113.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame 25B2 23 B
172 B 97ms
42ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-jNhbFz0zIczuVqgNJRBonbeCul0LGbBonBDJWQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:38 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 06 May 2022 10:24:38 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 25B2 0
99 B 60ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-7LAitj0zIczuVqgNJRBonbeCul2Ne1iZwrXD-Q
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12939

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 25B2 43 B
163 B 66ms
20ms Image
image/gif 185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Bq4mPj0zIczuVqgNJRBonbeCul1ABHLI_Plr5g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:37 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 25B2 68 B
262 B 29ms
7ms Image
image/png 52.29.162.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-CReddz0zIczuVqgNJRBonbeCul1AtlDr5k7PDQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.162.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-162-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 25B2
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-wAD4WT0zIczuVqgNJRBonbeCul31URr8HF6RAw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wAD4WT0zIczuVqgNJRBonbeCul31URr8HF6RAw

43 B
446 B

30ms
30ms

Image
image/gif

63.33.77.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wAD4WT0zIczuVqgNJRBonbeCul31URr8HF6RAw
Protocol: H2
Server: 63.33.77.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-77-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 May 2022 10:24:38 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-wAD4WT0zIczuVqgNJRBonbeCul31URr8HF6RAw
date: Fri, 06 May 2022 10:24:38 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame 25B2
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A&_li_chk=true&previous_uuid=a90406c34a3846a0be5d3701da8894a4
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A

43 B
419 B

579ms
93ms

Image
image/gif

2600:1f18:444a:4680:27f9:539b:c9b0:d2ce

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:27f9:539b:c9b0:d2ce -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:39 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-ExoGrT0zIczuVqgNJRBonbeCul06WGEPXejW-A
Date: Fri, 06 May 2022 10:24:38 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 25B2 43 B
428 B 289ms
94ms Image
image/gif 35.169.47.120

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-lVlUej0zIczuVqgNJRBonbeCul3ZHPPCk2cLpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.47.120 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:38 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 25B2 43 B
183 B 280ms
93ms Image
image/gif 2600:1f18:612b:4200:ada2:2974:cd33:9395

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-rY6Qaz0zIczuVqgNJRBonbeCul0U3ovEjuC-yg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:ada2:2974:cd33:9395 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 10:24:38 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame 25B2
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-6hHrRD0zIczuVqgNJRBonbeCul2mipZk4bSOSw&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

34ms
7ms

Image
image/gif

2001:4de0:ac19::1:b:1a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1a -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Fri, 06 May 2022 10:24:38 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1651832678.dop155.fr8.t,1651832678.cds254.fr8.shn,1651832678.cds254.fr8.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1651832678256008-594
Expires: Fri, 06 May 2022 10:24:38 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 25B2
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/oyLPyRYhJtkTPJG5njJEkrCiYSH3eS2p/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3155527290599636333

43 B
370 B

18ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3155527290599636333

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1650892
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=3155527290599636333
pragma: no-cache
date: Fri, 06 May 2022 10:24:37 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 25B2
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6390516855084418259

43 B
370 B

19ms
19ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6390516855084418259

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 10:24:38 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2281560
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 May 2022 10:24:38 GMT
X-Proxy-Origin: 217.64.151.69; 217.64.151.69; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f67c711-0f03-486f-a510-b95b5b0e55a6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6390516855084418259
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: manifest.prod.boltdns.net
URL: http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/thumbnail.webvtt?fastly_token=NjI3NTYzMzZfOTI3MGUwNDNlMTkzM2UyYTQzOTlhMGNhMDVhM2EyZmYyYjU3NDQxMDIwNTJmZGVhMGNiOWU1ZTI3MGQ2ZWNkYw%3D%3D

Verdicts & Comments Add Verdict or Comment

335 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/BrxgIoIXfWCS	1970-01-23 18:30:51	Name: gsid Value: IReXUJdKQVUBoTQ1b1kw5Ns%2bwC4icaGPXTEmMiyh7KPeAQYgDpsHbLDtThQ4S9wBoeheShi0xNQ%3d
.listrakbi.com/BrxgIoIXfWCS	1970-01-20 11:36:08	Name: scasid Value: 4f5d7a59-5a11-4db0-86d2-937d9dc9c87e
secure.palmbeachgroup.com/	1970-01-20 02:50:33	Name: _dd_s Value: logs=1&id=42fbc4c2-7573-4f7d-b7ec-be1f107e4cb1&created=1651832674733&expire=1651833574733
secure.palmbeachgroup.com/	1970-01-23 18:26:32	Name: bssSessionId Value: 8f31dd69-4eb5-4d2e-ae6a-c9067821dd78
.palmbeachgroup.com/	1970-01-20 20:21:44	Name: _ga Value: GA1.2.731307761.1651832676
.palmbeachgroup.com/	1970-01-20 02:51:59	Name: _gid Value: GA1.2.908967311.1651832676
.palmbeachgroup.com/	1970-01-20 02:50:32	Name: _gat_UA-87443958-7 Value: 1
.secure.palmbeachgroup.com/	1970-01-20 02:50:34	Name: seerses Value: e
.secure.palmbeachgroup.com/	1970-01-23 18:26:32	Name: seerid Value: 46f3f935-a9e4-4084-b5de-d8209b41dea2
.yahoo.com/	1970-01-20 11:36:30	Name: A3 Value: d=AQABBGT3dGICEM7R7BfF9yTqCecCE6bdi70FEgEBAQFIdmJ-YgAAAAAA_eMAAA&S=AQAAAgLqx3SEyC4UHzwSvA7Q0JE
.lytics.io/	1970-01-21 00:26:32	Name: seerid Value: 46f3f935-a9e4-4084-b5de-d8209b41dea2
ssl.kaptcha.com/	1970-01-20 05:00:08	Name: k Value: 470fe175263345fd9372b2061d2d6240
secure.palmbeachgroup.com/	1970-01-20 04:16:56	Name: MKT583247_MKT630954_AST207430 Value: visited
s1.listrakbi.com/	1970-01-20 03:00:37	Name: AWSALBCORS Value: jP7aLIsDcjrmm9Rdmls5kCwcEun72j7zKouLn7/5rk+SylR2VTBADaIJsI/XstS6ej11NHrMvXdnA4vBUzoPmio3njqLdhuG4zfubTvwtZ71i4e8e9O0LC0r7Q9K
.listrakbi.com/	1970-01-20 05:00:08	Name: usid Value: c8abc3d3eb984cd5abdf10b7b29cfe36
.palmbeachgroup.com/	1970-01-23 18:30:51	Name: GSIDBrxgIoIXfWCS Value: b724a77c-b486-4468-bb0d-5c8a80541fd5
.palmbeachgroup.com/	1970-01-20 11:36:08	Name: STSID243866 Value: 4f5d7a59-5a11-4db0-86d2-937d9dc9c87e
secure.palmbeachgroup.com/	1970-01-20 11:36:08	Name: lr_cue_2110AMERICANCRYPTOALT_v1 Value: 0
.palmbeachgroup.com/	1970-01-20 05:00:08	Name: _gcl_au Value: 1.1.1537877759.1651832677
.palmbeachgroup.com/	1970-01-20 02:50:32	Name: _gat_UA-170962029-3 Value: 1
.bing.com/	1970-01-20 12:12:08	Name: MUID Value: 2BB0BC1EF06663170F5AAD82F1B46203
.palmbeachgroup.com/	1970-01-20 02:51:59	Name: _uetsid Value: bae1cff0cd2611ec9d18676a799898e5
.palmbeachgroup.com/	1970-01-20 12:12:08	Name: _uetvid Value: bae1fd50cd2611ec82c501b3738739c1
secure.palmbeachgroup.com/	1970-01-20 11:36:08	Name: cdn.beaconstreetservices.100014.ka.ck Value: 3966bbccb9bd73fa8bea9419be58d22df40d6ff222c866df4bdd5fc9afd844fb6eceb47edcfca55f09edeff1a90e5d31bc3fd1306fee736bac5bc366455995a4c29431fa18392fae8ea246bee6597d70e6a2ced542fcac77ac01643b4c75367e9e8818fa5d1b22bbc8a064a2dcf74af82538bb4c8073594c9b82338e32d588891cdcc168e48f92ad2a5b01d19544b3cf675aaf370cb693d4d088
.palmbeachgroup.com/	1970-01-20 02:50:32	Name: _gat_gtag_UA_137602623_2 Value: 1
.criteo.com/	1970-01-20 12:12:08	Name: uid Value: b3f4ca56-fc44-4498-9748-c53b448b9648
.doubleclick.net/	1970-01-20 12:12:08	Name: IDE Value: AHWqTUk3muHM4bcsEfOf3wVBtTCo4OBG-mn20wipqTFUthpqgGisjnMZxCTk9MX5
.palmbeachgroup.com/	1970-01-20 12:19:56	Name: cto_bundle Value: vf5XXl94MVlWVmNHTW1TSiUyRmVhMURudEFxWEpRSXlqWmlDJTJCNyUyRmd6V3NUNTB5amRJRWY1JTJGa2tEUWJYOExQYkhtd2hxd0pLdWRTTGRvQiUyQkRtYlBOdEY5dDhHRk1Gd0hiWDZXU2hPbUUlMkJueU1QYVBtRUNvMmowaDhublB3dUJmU29ETGdBVFZwa0JvWHZxWTRDJTJGSDJBTzAyWU91RG1xakhPNHdVclpNaXlYV0RqczNGSSUzRA
.rlcdn.com/	1970-01-20 11:36:08	Name: rlas3 Value: b62iL1Zp9YhDibNSuy82qmMR2nOfomeUOhS5T41QN9A=
.rlcdn.com/	1970-01-20 04:16:56	Name: pxrc Value: CAA=
.analytics.yahoo.com/	1970-01-20 11:36:08	Name: IDSYNC Value: 18zh~24qa
.3lift.com/	1970-01-20 05:00:08	Name: tluid Value: 581031354593189130892
.pubmatic.com/	1970-01-20 03:33:44	Name: KRTBCOOKIE_97 Value: 3385-uid:k-QVTbzD0zIczuVqgNJRBonbeCul1VCf75e0yNyg&KRTB&23144-uid:k-QVTbzD0zIczuVqgNJRBonbeCul1VCf75e0yNyg&KRTB&23286-uid:k-QVTbzD0zIczuVqgNJRBonbeCul1VCf75e0yNyg&KRTB&23287-uid:k-QVTbzD0zIczuVqgNJRBonbeCul1VCf75e0yNyg
.pubmatic.com/	1970-01-20 03:33:44	Name: PugT Value: 1651832677
.pubmatic.com/	1970-01-20 05:00:08	Name: PUBMDCID Value: 3
.casalemedia.com/	1970-01-20 11:36:08	Name: CMID Value: YnT3Zsu-ztH9iOsPB0gGfwAA
.casalemedia.com/	1970-01-20 05:00:08	Name: CMPS Value: 5225
.media.net/	1970-01-20 11:36:08	Name: visitor-id Value: 2948342778890117000V10
.media.net/	1970-01-20 03:33:44	Name: data-c-ts Value: 1651832677
.media.net/	1970-01-20 03:33:44	Name: data-c Value: k-NVoJRD0zIczuVqgNJRBonbeCul2nI7-tUyd0JQ~~3
.addthis.com/	1970-01-20 12:12:08	Name: ouid Value: 6274f7650001299b2535663e91694e9ee64a64cc970bbca0bf56
.addthis.com/	1970-01-20 12:12:08	Name: uid Value: 6274f76507db8837
.addthis.com/	1970-01-20 12:12:08	Name: na_id Value: 2022050610243799000743500953
.casalemedia.com/	1970-01-20 05:00:08	Name: CMPRO Value: 1217
.casalemedia.com/	1970-01-20 02:51:59	Name: CMST Value: YnT3ZmJ092YA
.casalemedia.com/	1970-01-20 11:36:08	Name: CMRUM3 Value: 146274f7662760k-Q86y5T0zIczuVqgNJRBonbeCul3_OulSm4L5ZQ
.turn.com/	1970-01-20 07:09:44	Name: uid Value: 3155527290599636333
.adnxs.com/	1970-01-20 05:00:08	Name: uuid2 Value: 6390516855084418259
.sharethrough.com/	1970-01-20 03:33:44	Name: stx_user_id Value: 3ebd4219-840f-479c-8e96-4f32756199a4
.revcontent.com/	1970-02-07 08:50:32	Name: __ID Value: 0435c662a093400eaf666f9fb8eddca3
.revcontent.com/	1970-01-20 03:33:44	Name: v1_151 Value: 1
.adnxs.com/	1970-01-20 05:00:08	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?crikM'!fss0=Rro*E7VW]Fp9RoEzGAi@$N^a0@LMj)wPpV#_gb00+I^movwiXEVwmd#zrUN6A:qvKFpx8#DI2Z#DIgl#XsfsDRR8e
.360yield.com/	1970-01-20 05:00:08	Name: tuuid Value: 9ce45b77-7b4a-4a40-9467-5a2d06b350eb
.360yield.com/	1970-01-20 05:00:08	Name: tuuid_lu Value: 1651832678
.360yield.com/	1970-01-20 05:00:08	Name: um Value: !38,A5YUEuWSv4HjasiO1lenDlme8wBGlagBL9WkVRio4J2sp-4CtxuORD.QqVEXfkM6Bmzp8DdC,1659608678
.360yield.com/	1970-01-20 05:00:08	Name: umeh Value: !38,0,1714040678,-1
.outbrain.com/	1970-01-20 05:00:08	Name: obuid Value: 73de584e-6234-4196-b6cf-0e0919c78e0a
.outbrain.com/	1970-01-20 03:19:20	Name: criteo Value: k-ghboRT0zIczuVqgNJRBonbeCul1MopXIbI2MiA
ads.stickyadstv.com/	1970-01-20 03:33:44	Name: UID Value: a9dd79ea59fd7baa2fad71bd8937cb1f
ads.stickyadstv.com/	1970-01-20 03:33:44	Name: uid-bp-11554 Value: k-6hHrRD0zIczuVqgNJRBonbeCul2mipZk4bSOSw
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 26efa9dba6e2d911d7a19c1e198280

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://secure.palmbeachgroup.com/polyfills.js(Line 117501) Message: Mixed Content: The page at 'https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT630954&step=start&plcid=PLC139708&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5146467&emailname=20220506-pbd&assetId=AST207430&page=1' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/thumbnail.webvtt?fastly_token=NjI3NTYzMzZfOTI3MGUwNDNlMTkzM2UyYTQzOTlhMGNhMDVhM2EyZmYyYjU3NDQxMDIwNTJmZGVhMGNiOWU1ZTI3MGQ2ZWNkYw%3D%3D'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplifypixel.outbrain.com
bat.bing.com
bcbolt446c5271-a.akamaihd.net
c.lytics.io
cdn.listrakbi.com
cdn.mxpnl.com
cdn.stickyadstv.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
click.exct.palmbeachgroup.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
d3bjnmbj12697.cloudfront.net
dis.criteo.com
eb2.3lift.com
edge.api.brightcove.com
fonts.googleapis.com
googleads.g.doubleclick.net
gsdpeazjjf.execute-api.us-east-1.amazonaws.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
js.trackinggrid.com
manifest.prod.boltdns.net
marketingassets.cloudsna.com
match.sharethrough.com
metrics.brightcove.com
mug.criteo.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.sitescout.com
players.brightcove.net
q.quora.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
s1.listrakbi.com
s3.amazonaws.com
secure.adnxs.com
secure.palmbeachgroup.com
simage2.pubmatic.com
sp.analytics.yahoo.com
ssl.kaptcha.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tracking.legacyoffers.com
trc.taboola.com
trends.revcontent.com
up.pixel.ad
ups.analytics.yahoo.com
vjs.zencdn.net
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
manifest.prod.boltdns.net
104.18.7.244
104.75.88.126
13.111.45.83
141.226.228.48
142.250.186.66
142.250.186.98
143.204.100.40
143.204.103.8
143.204.98.87
151.101.1.2
151.101.130.27
178.250.0.157
178.250.0.163
178.250.2.151
178.79.242.181
18.209.3.188
185.33.220.242
185.33.221.11
185.64.190.80
185.86.137.131
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:1a
2001:678:cb4:bbbb::13
209.59.154.196
212.82.100.181
23.35.228.23
23.35.229.117
23.35.236.247
23.35.237.37
23.35.237.56
2600:1901:0:bc29::
2600:1f18:444a:4680:27f9:539b:c9b0:d2ce
2600:1f18:612b:4200:ada2:2974:cd33:9395
2600:9000:2156:4400:f:75e2:4ac0:21
2600:9000:2156:7000:1b:5138:8a40:93a1
2606:4700:20::ac43:49ec
2606:4700::6810:1837
2606:4700::6810:f51b
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c08::9d
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3500:7::17d8:4dcb
2a04:4e42:600::300
2a04:4e42:600::729
3.126.56.137
3.248.113.119
35.169.47.120
35.211.178.172
35.244.174.68
35.244.232.184
35.81.31.24
52.215.133.113
52.216.8.221
52.29.162.123
54.86.209.152
63.33.177.108
63.33.77.67
64.202.112.95
66.155.71.25
69.173.144.139
74.119.119.150
76.223.111.18
013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb
04625c04c6e678ebc79cc1fc05386ec59e0c375d08a81fdc13a9c1fe1a2aaf44
08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399
0cd8b6b22fdfcb11dc3e9bf93a1f2198f4c6f04e4ad714f4756af7bba7f336c3
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
14f0dd1a0eda9081ad41fdd0b3ac866c8989ad25570419f523f12b95acfd182c
1aed9bf2527a71a02eb69ac0e018a55b034067c67efcff7df6a428eac923dfe5
1e2a027cbc0abfeca30d92e9ce4341afd25fffb3f40f9d0867b87325bb36c127
1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7
213f185922e8396329370625b5bf7df03d40cab3b8b592e7b627279672625916
21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13
2e4300071c7d7ee2228bc47f31403c8c4c6511f5a0b8bd102df8802d85c43dbc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37e127bcfa908eef579a98d6824b52fab529458616c89c4aefaf1703d0a13c7c
3c25ecdde70665eca304e3987d5c38489b516e4369717c0f849525a87c4c8d97
3c69bdf297f18bf576e18923b511985dedbc85cec05d3da699e48b9e87efdb74
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4965a9ae619c0a248a186236a2aee27d1963adef65a94376ea709897c3dd2403
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f080a9d1a5b53030e8594bcf243581d94e3a24e07363a25d03b2665104b06d9
4f450b798173e7c09d31ed72a103fb67ad0b09f7d52ffb099ca79c9f506a4fdd
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5123123a6d6a1dd32fa631603e20b229d29b07ff2ac31f8860188ad23444a3f4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553e3d722aeb60f4dc40dc32d19a41fdcf768cc0f59332093f55737f6d746b30
58989f52c9ddeb5ca3fd21c016ea8468f10eabac86cfd2eac369317854828744
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5cb42ed48451fec48eebe0f6a456350b1195238d69627819435825fc421e53c6
5cc82b6dc651cd71361f7da0d6cc98c685f093aeb9d57ae99069aba15409a024
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899
66f66a06a243997049dddb802cb8066b7891379f487a6553836c3e88e218a3d2
6702be9b5abcb7f77401607c67f34715ed9e6fa331e941e27702d0ec121756bf
69cafb680c2741bb52f840b41c88dc025e1c3e45d99a1544fcea2ed288557189
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d58748d0b000de1d216c553178882ab71d53f37f5c57e50e97d72a79924cf34
6fc718fd0841f0564dd2ef3c25f0542bfca894886549b06fdf319e462a5ad934
70f123ae18601c8cf650d2bb037c62f03e1b728d65fe974b8c69293ea5a3915d
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
752451b4f3129531782a28b360e5a8dc6404fd33c490580ac3a24b43ad2bf8fd
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8717eadc3b97c75e83d74067e6e042bbca4febc6b6dc4e267b536fb76571b2b5
8915589c3b58bc365421ac1a7a84b6a816a2f87cdb920966b1969289c7c2506b
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
89e7c0e19f9fe02f3cfb6007bca678f67c11925870f6a00a8b3b9ac351ae6af1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a12bb559b0880f1bd77b6e55ad4846aaa64d4afc25afee2ad436e0b89089fb4
8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8
8ee822b62dc3f42b8f8442ef52daca78fab784319a3f7def53f42aa8fed74661
98ad7e002b19264473dc3d4d79fb88278f950c24780982674c0ac1738b8b9614
98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2
9c0761851b560ea68db34a7dd10eae78171922dba49888d1ca97410d17206596
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9e150cd24014262374a0016e0827dc19219a4bb4ab4d4d30970f99038542d814
9efff436d748fbf4a6dc4c29ef7afb1eae6f5a6ab5b216e558fe89a73155e150
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a2c9f5eec6de7541b3a38a307f21a69bc1a1771dbe6c10876926d6ad7bb39b
a1d0a52eed37fd8b3d4cc1a887c86244eb12287a984646bf2e5391ec9bf8ad27
a62069a41aab6484d03efbadd64f45a860f0d75849acfd7966a23088aff7382d
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ae4a7bb20a9253244cf4ddff2a3ac6aea8ae2bff1c0425f5273d013bb55a7ab5
b0812fa93a55d1a42b860f4a65610b5497e8c63b118c0b9be777f396e2ceae2e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16866b87b8808c3b0f8669a7246c1896d65c886a06a8e79a65af86017c33b15
b64e10f91850e345ebb1941e35645684b9ed2c4135136ce573717b3dec785679
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273
ccfd54834a44aa74f46bc6bbc924e1561afa238f09a0f36a9211ac9a210b8639
cda737664e4491542d72c7bed3cbda8441f4609e5cd74326820a16a97393f165
ce004d6ba293ddac2a8cfe6c819fc6c222f56c93374fcc8492b68e976018ea2d
cfe671f92bce964f724ceebbd482458cdb20017693b4d5e43917cd24b0dabe2d
d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dda94645e6dfe6b5abab8d3262d7802f325db5f5eba7cf088f58f365acafaf4e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa7d84247201e21da4cb9dca1adbe57cd3acbfeb5c69965decd4c7bc2d20f20
e17cc900f2c3e8e09d3a2d454c231fccc85c4d1c6164b05c1d5c482a51d21190
e350f6099d3c29a866a5fa8e72b70cbb53faf686bdfe383951323841b492ea7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67c0ad03dc12ebfe255a3518ddb632cbb1cb73b836fc6374a790ec0909c3dc4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b
f5e1837dada0ad7bb636eac26701265690c759923bafd7875a00d9406420224a
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8dbfcdbe77d25e0830d529f0ecb7fbfa47d68167133dd33fb920c295e7e7996
f8f33466c2f3951358f335f52d8b38700b1c9ba1edd114512d89efea77ba1975
fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada
fc2ddc99f7a256c44ed3fc493bbaf63104a0a3608e38008884930f267f367196
fea6a995f719305ce605045cc3a57bdd0c7115bcfa66b26f0b63ff28f79f3365

secure.palmbeachgroup.com Open in urlscan Pro 2606:4700::6810:1837 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

89 %HTTPS

37 %IPv6

55 Domains

74 Subdomains

65 IPs

8 Countries

6762 kBTransfer

17669 kBSize

61 Cookies

0 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.palmbeachgroup.com Open in urlscan Pro
2606:4700::6810:1837 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

89 %
HTTPS

37 %
IPv6

55
Domains

74
Subdomains

65
IPs

8
Countries

6762 kB
Transfer

17669 kB
Size

61
Cookies

178 HTTP transactions
6 data transactions