urlscan.io logo urlscan.io
SecurityTrails logo

www.palms.com Open in urlscan Pro
141.193.213.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea374698089a88ba873b8bf99c...
Effective URL: https://www.palms.com/featured/grand-opening-042722p/
Submission: On April 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 56 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.palms.com.
TLS certificate: Issued by R3 on February 23rd 2022. Valid for: 3 months.
This is the only time www.palms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 13.111.168.216 22606 (EXACT-7)
40 141.193.213.21 209242 (CLOUDFLAR...)
4 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
4 4 141.193.213.20 209242 (CLOUDFLAR...)
1 159.203.121.181 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
56 10
2    13.111.168.216 (United States)

ASN22606 (EXACT-7, US)
PTR: click.mygamingrewards.com
click.mygamingrewards.com
40    141.193.213.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.palms.com
4    2a02:26f0:f7::5c7b:e053 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    141.193.213.20 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
palms.com
1    159.203.121.181 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: moderate2.cleantalk.org
moderate2.cleantalk.org
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:3500:7::17d8:4dcb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
44 palms.com
www.palms.com
palms.com
1022 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 510
p.typekit.net — Cisco Umbrella Rank: 625
136 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
315 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
114 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
70 KB
2 mygamingrewards.com
click.mygamingrewards.com
467 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
438 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 cleantalk.org
moderate2.cleantalk.org — Cisco Umbrella Rank: 88284
236 B
56 10
Domain Requested by
40 www.palms.com www.palms.com
4 palms.com 4 redirects
4 use.typekit.net www.palms.com
use.typekit.net
2 www.facebook.com www.palms.com
2 connect.facebook.net www.palms.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.palms.com
2 click.mygamingrewards.com 2 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 p.typekit.net use.typekit.net
1 fonts.googleapis.com www.palms.com
1 moderate2.cleantalk.org www.palms.com
56 12
Subject Issuer Validity Valid
www.palms.com
R3		 2022-02-23 -
2022-05-24		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.cleantalk.org
Sectigo RSA Domain Validation Secure Server CA		 2021-09-03 -
2022-09-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.palms.com/featured/grand-opening-042722p/
Frame ID: CE2BFD2F5F1774187FF2B63D92A305D2
Requests: 55 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 48E19FE07F0243ECD4B7A5427C746CCB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grand Opening 042722p | Palms Casino Resort

Page URL History Show full URLs

  1. http://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea3746... HTTP 301
    https://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea3746... HTTP 302
    https://www.palms.com/featured/grand-opening-042722p/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

56
Requests

93 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

10
IPs

3
Countries

1362 kB
Transfer

2775 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea374698089a88ba873b8bf99c30e05b1f3b794e55d14b HTTP 301
    https://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea374698089a88ba873b8bf99c30e05b1f3b794e55d14b HTTP 302
    https://www.palms.com/featured/grand-opening-042722p/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png HTTP 301
  • https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
Request Chain 43
  • https://palms.com/wp-content/uploads/2020/01/iconphone.png HTTP 301
  • https://www.palms.com/wp-content/uploads/2020/01/iconphone.png
Request Chain 44
  • https://palms.com/wp-content/uploads/2020/01/iconlocations.png HTTP 301
  • https://www.palms.com/wp-content/uploads/2020/01/iconlocations.png
Request Chain 53
  • https://palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png HTTP 301
  • https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.palms.com/featured/grand-opening-042722p/
Redirect Chain
  • http://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea374698089a88ba873b8bf99c30e05b1f3b794e55d14b
  • https://click.mygamingrewards.com/?qs=b9cd0d67b1f5d722aa292f3002b09203651bcdd0c78b8c12cf5bcb21f287c8321eea374698089a88ba873b8bf99c30e05b1f3b794e55d14b
  • https://www.palms.com/featured/grand-opening-042722p/
197 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
3ec79f4ebdf38a9f564280931654fcfb49ef7f4ae1cc9e91ee9aa53575501d7f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fbec2d27fc79be9-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests; upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 19:13:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://www.palms.com/wp-json/>; rel="https://api.w.org/" <https://www.palms.com/wp-json/wp/v2/posts/14132>; rel="alternate"; type="application/json" <https://www.palms.com/?p=14132>; rel=shortlink
permissions-policy
geolocation=(); midi=(); notifications=(); push=(); sync-xhr=(); microphone=(); camera=(); magnetometer=(); gyroscope=(); speaker=(self); vibrate=(); fullscreen=(self); payment=();
referrer-policy
origin origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
SHORT
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
WP Engine
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

Cache-Control
private
Connection
close
Content-Length
170
Content-Type
text/html; charset=utf-8
Date
Thu, 14 Apr 2022 19:13:49 GMT
Location
https://www.palms.com/featured/grand-opening-042722p/
pagenavi-css.css
www.palms.com/wp-content/plugins/wp-pagenavi/ 		374 B
317 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
age
328268
etag
W/"61b7ca22-176"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668849be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front.min.css
www.palms.com/wp-content/plugins/popups-for-divi/styles/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/popups-for-divi/styles/front.min.css?ver=3.0.5
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 09:40:54 GMT
server
cloudflare
age
3830792
etag
W/"621c98a6-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d6688d9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front.min.css
www.palms.com/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.9.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:31 GMT
server
cloudflare
age
328268
etag
W/"62502f97-14ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668919be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
zgz5bfe.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cb9bb8ccfed2bbe8ac42fe01849128dbbeb0ea104e0b54b10656a5f282f07689
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 14 Apr 2022 19:13:51 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
810
custom.css
www.palms.com/wp-content/themes/tcms/css/ 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/css/custom.css?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd6388ef8a63fafaa93b740a72701c4a66ddc34036a2d062ffb2820a0b98ce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2022 12:23:07 GMT
server
cloudflare
age
797874
etag
W/"624c34ab-e8de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668929be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
www.palms.com/wp-content/themes/tcms/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/style.css?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9a98732260d8f372039f3b73e1b018375cd711ca8494fc8e72db3490c345a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Dec 2021 10:50:23 GMT
server
cloudflare
age
19749
etag
W/"61c99a6f-1794"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668939be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hotel-datepicker.css
www.palms.com/wp-content/themes/tcms/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/css/hotel-datepicker.css?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f2a2f8e09980ee2d1263f3f17d360f2d7348cc12e07b27eba90b275aca4616

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
age
797873
etag
W/"61b7ca22-1a61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668969be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mystyledatepicker.css
www.palms.com/wp-content/themes/tcms/css/ 		4 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/css/mystyledatepicker.css?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b4fc08b6e1cfc34847040179af3c0fc9e4b0fb57507f06e205dc74004518f62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 Dec 2021 15:00:59 GMT
server
cloudflare
age
797874
etag
W/"61bf492b-fcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668989be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
www.palms.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
age
19749
etag
W/"6048e0ac-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d668999be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
www.palms.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
age
3883783
etag
W/"5fb4e3fe-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d6689c9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apbct-public--functions.min.js
www.palms.com/wp-content/plugins/cleantalk-spam-protect/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public--functions.min.js?ver=5.174.1
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
140b8a5ffe7434e9217d3838352af59b45c7d11fd75acee3898220b388c4c24d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:30 GMT
server
cloudflare
age
19749
etag
W/"62502f96-c84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d6689d9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
apbct-public.min.js
www.palms.com/wp-content/plugins/cleantalk-spam-protect/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public.min.js?ver=5.174.1
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf0fe63d9f03e88348daf1d41227d9f886b37965dce3b5a3bd026b1afc3adf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:30 GMT
server
cloudflare
age
328268
etag
W/"62502f96-19df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d678b99be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cleantalk-modal.min.js
www.palms.com/wp-content/plugins/cleantalk-spam-protect/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/cleantalk-spam-protect/js/cleantalk-modal.min.js?ver=5.174.1
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cad62070b3313384046f00788d7567351713f093beddfd015f1da141c7c4583

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:30 GMT
server
cloudflare
age
531757
etag
W/"62502f96-c3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d678bb9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ie-compat.min.js
www.palms.com/wp-content/plugins/popups-for-divi/scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/popups-for-divi/scripts/ie-compat.min.js?ver=3.0.5
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 09:40:54 GMT
server
cloudflare
age
3917320
etag
W/"621c98a6-2712"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d678bd9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front.min.js
www.palms.com/wp-content/plugins/cookie-notice/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.3
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:31 GMT
server
cloudflare
age
328266
etag
W/"62502f97-20ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86fad9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fecha.min.js
www.palms.com/wp-content/themes/tcms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/js/fecha.min.js?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9de42140ad7b921d11cef29d093a691d780ba5b99702752d10b18d2035480a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
age
328268
etag
W/"61b7ca22-12e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d678be9be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hotel-datepicker.min.js
www.palms.com/wp-content/themes/tcms/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/js/hotel-datepicker.min.js?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2229d66fe1232263f60caac4b54d25a52607010928a21bad0e0a813bde503c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
age
19749
etag
W/"61b7ca22-718e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d678c19be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main.js
www.palms.com/wp-content/themes/tcms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/tcms/js/main.js?ver=2.0.0.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2eb319e49b18d40eab6904ecbc4a744e53feb4a4dbc1c80b0ee8da8ef8859c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2022 10:58:13 GMT
server
cloudflare
age
797874
etag
W/"624c20c5-142e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d678c69be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-215807745-1
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dad598c4636f61765a79d791ba55c44f12643844c829a459b69f4440d9bbfa1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38421
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 18:27:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 19:13:51 GMT
PALMS-caa04a-28.png
www.palms.com/wp-content/uploads/2020/03/
Redirect Chain
  • https://palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
  • https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
546 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa94abb998f8c8615950ad4880b7016f8cc7237e2a72323ba6448be93f8e00b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
age
32465
cf-polished
origFmt=png, origSize=802
content-disposition
inline; filename="PALMS-caa04a-28.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
546
last-modified
Mon, 13 Dec 2021 22:33:05 GMT
server
cloudflare
etag
"61b7ca21-322"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2d919499136-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
server
cloudflare
age
7195
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
cf-ray
6fbec2d8b8c89a1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Palms_3_Tower_Nighttime_fireworks_1200x628.jpg
www.palms.com/wp-content/uploads/2022/03/ 		522 KB
522 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palms.com/wp-content/uploads/2022/03/Palms_3_Tower_Nighttime_fireworks_1200x628.jpg
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee65736dcaefc172c19289e5ea26aae06225cd091be750fee4c40931ed1345bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
MISS
last-modified
Mon, 28 Mar 2022 21:44:16 GMT
server
cloudflare
etag
"62422c30-82693"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2d86fae9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
534163
a538f2bdcc8834e2db88c420380fdc44.gif
moderate2.cleantalk.org/pixel/ 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://moderate2.cleantalk.org/pixel/a538f2bdcc8834e2db88c420380fdc44.gif
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.203.121.181 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
moderate2.cleantalk.org
Software
nginx/1.10.3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 19:13:51 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
dashicons.min.css
www.palms.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-includes/css/dashicons.min.css?ver=5.9.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
cloudflare
age
274696
etag
W/"603ffca6-e688"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d72cef9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
display-opinions-light.css
www.palms.com/wp-content/plugins/ninja-forms/assets/css/ 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms/assets/css/display-opinions-light.css?ver=5.9.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc81276f0b7b4c93299d830b4c3c686fd2e4bf4010bfdc47c5225605217685c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:33 GMT
server
cloudflare
age
274696
etag
W/"62502f99-ae50"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d79df99136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
www.palms.com/wp-content/plugins/ninja-forms/assets/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=5.9.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 12:50:33 GMT
server
cloudflare
etag
W/"62502f99-6b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d7ce629136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
display-structure.css
www.palms.com/wp-content/plugins/ninja-forms-style/layouts/assets/css/ 		2 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms-style/layouts/assets/css/display-structure.css?ver=3.0.29
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Apr 2022 22:36:50 GMT
server
cloudflare
age
180813
etag
W/"6254ad82-619"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d84f6c9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front.min.js
www.palms.com/wp-content/plugins/popups-for-divi/scripts/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/popups-for-divi/scripts/front.min.js?ver=3.0.5
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 09:40:54 GMT
server
cloudflare
age
3917320
etag
W/"621c98a6-10394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86f919136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
scripts.min.js
www.palms.com/wp-content/themes/Divi/js/ 		267 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/Divi/js/scripts.min.js?ver=4.17.0
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
641b4869b33bb1e2a8f76b4324a62a3c5ae76d546772df54731406dbad7edaf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:53:58 GMT
server
cloudflare
age
531757
etag
W/"62503066-42b06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86f969136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
common.js
www.palms.com/wp-content/themes/Divi/core/admin/js/ 		1 KB
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/Divi/core/admin/js/common.js?ver=4.17.0
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:53:58 GMT
server
cloudflare
age
531757
etag
W/"62503066-53f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86f9a9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front-end--inputmask.min.js
www.palms.com/wp-content/plugins/ninja-forms/assets/js/min/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms/assets/js/min/front-end--inputmask.min.js?ver=3.6.9
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b7e6bce990eb78bfaa499ef0448ab166b625969a9f469926d7b1e2f8651f89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 12:50:33 GMT
server
cloudflare
etag
W/"62502f99-1117"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86f9e9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
underscore.min.js
www.palms.com/wp-includes/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-includes/js/underscore.min.js?ver=1.13.1
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Nov 2021 21:47:13 GMT
server
cloudflare
age
274696
etag
W/"61806061-4a7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86f9f9136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
backbone.min.js
www.palms.com/wp-includes/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-includes/js/backbone.min.js?ver=1.4.0
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Nov 2021 21:47:13 GMT
server
cloudflare
etag
W/"61806061-5cf2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86fa29136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front-end-deps.js
www.palms.com/wp-content/plugins/ninja-forms/assets/js/min/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms/assets/js/min/front-end-deps.js?ver=3.6.9
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
79fa511ea1251897ae53b084182bca90953d1ccdf741fb35478c1902bb64a7eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:33 GMT
server
cloudflare
age
274696
etag
W/"62502f99-f109"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86fa59136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front-end.js
www.palms.com/wp-content/plugins/ninja-forms/assets/js/min/ 		212 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms/assets/js/min/front-end.js?ver=3.6.9
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbde90d566e86626c6bcf83511d20053c3d03825f961f34b0cffd9a978f7fca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 12:50:33 GMT
server
cloudflare
etag
W/"62502f99-34ef1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86fa79136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
front-end.js
www.palms.com/wp-content/plugins/ninja-forms-style/layouts/assets/js/min/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms-style/layouts/assets/js/min/front-end.js?ver=3.0.29
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc228e912765cf8289347e62db1643b7efd84f84483d4e550ae97649f882dc0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 Apr 2022 22:36:50 GMT
server
cloudflare
etag
W/"6254ad82-1f1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86fa99136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@600&display=swap
Requested by
Host: www.palms.com
URL: https://www.palms.com/wp-content/themes/tcms/css/custom.css?ver=2.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61a6c9e33c3e2a1f6b12f1b1373c2c394bd21f2edd97e602d088c03f9ff90c0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 19:13:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 14 Apr 2022 19:13:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Apr 2022 19:13:51 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=zgz5bfe&ht=tk&f=42581.42582.42583.42584.42587.42588&a=87785257&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
gtm.js
www.googletagmanager.com/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KWJ7MXN
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72856524d4f8632f6e457991be9c84cde13dab2c34a2b37e3d8f0b61293c61f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32381
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 18:27:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 19:13:51 GMT
user-icon.svg
www.palms.com/wp-content/themes/tcms/images/ 		726 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palms.com/wp-content/themes/tcms/images/user-icon.svg
Requested by
Host: www.palms.com
URL: https://www.palms.com/wp-content/themes/tcms/css/custom.css?ver=2.0.0.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc20e5b5db2a58812823df2dacd293eb657b9d38d58c18700a27db9c7bd67e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/wp-content/themes/tcms/css/custom.css?ver=2.0.0.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
age
328267
etag
W/"61b7ca22-2d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2d86fb09136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
l
use.typekit.net/af/10c0a4/00000000000000007735ceac/30/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/10c0a4/00000000000000007735ceac/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
46652f40170b7b035df842fe8b029f3704fa74750be57dfc72ccb9e28ab6b596

Request headers

Referer
https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Origin
https://www.palms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
server
nginx
etag
"2a706da54204f1989c5f33bc2f4c7bc53483ed5e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
46392
l
use.typekit.net/af/eff0f3/00000000000000007735ce9f/30/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/eff0f3/00000000000000007735ce9f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4b91d8b8dd76377f9689bf57da5a8b55162480878e4710463aa45d5dec89b2f3

Request headers

Referer
https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Origin
https://www.palms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
server
nginx
etag
"af969689f0012f63c3b1470ece0ea541d6953da4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41684
modules.ttf
www.palms.com/wp-content/themes/Divi/core/admin/fonts/modules/all/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.ttf
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09

Request headers

Referer
https://www.palms.com/featured/grand-opening-042722p/
Origin
https://www.palms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Feb 2022 09:42:53 GMT
server
cloudflare
age
3855385
etag
"621c991d-168f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2d86fb89136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92400
l
use.typekit.net/af/58cfb4/00000000000000007735ce98/30/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/58cfb4/00000000000000007735ce98/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c55fcd59f542b545d2cb56bdaea6b3c3365f46e4934252a1dfb878bd73f1f0dc

Request headers

Referer
https://use.typekit.net/zgz5bfe.css?ver=2.0.0.2
Origin
https://www.palms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
server
nginx
etag
"ebb5f0f8defa56a11733ebf35b3486abac246076"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
48564
iconphone.png
www.palms.com/wp-content/uploads/2020/01/
Redirect Chain
  • https://palms.com/wp-content/uploads/2020/01/iconphone.png
  • https://www.palms.com/wp-content/uploads/2020/01/iconphone.png
926 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palms.com/wp-content/uploads/2020/01/iconphone.png
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbe4b464c6182c5664c51442a25448b0bd63f6c0b4083fd7b1a131f8a526dec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
age
19748
cf-polished
origFmt=png, origSize=1498
content-disposition
inline; filename="iconphone.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
926
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
etag
"61b7ca22-5da"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2d9295b9136-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
server
cloudflare
age
2207
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://www.palms.com/wp-content/uploads/2020/01/iconphone.png
cf-ray
6fbec2d8b8cb9a1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iconlocations.png
www.palms.com/wp-content/uploads/2020/01/
Redirect Chain
  • https://palms.com/wp-content/uploads/2020/01/iconlocations.png
  • https://www.palms.com/wp-content/uploads/2020/01/iconlocations.png
956 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palms.com/wp-content/uploads/2020/01/iconlocations.png
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a94898d72f700105ac2a95ead5e4eb9f9a81a83d9358ff0c8f31baf863f0cfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
age
19748
cf-polished
origFmt=png, origSize=1511
content-disposition
inline; filename="iconlocations.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
956
last-modified
Mon, 13 Dec 2021 22:33:06 GMT
server
cloudflare
etag
"61b7ca22-5e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2d919479136-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Thu, 14 Apr 2022 19:13:51 GMT
cf-cache-status
HIT
server
cloudflare
age
530
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://www.palms.com/wp-content/uploads/2020/01/iconlocations.png
cf-ray
6fbec2d8b8cd9a1b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-215807745-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3400
date
Thu, 14 Apr 2022 18:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 14 Apr 2022 20:17:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
dRk6w4E4tpXHGplXRtfswWRV7YzaRtTe47H3xqR9u9j6x3+R2TLD/SRNcqKCNkjIY7YDgZa21t9fdp74ELNaZQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 14 Apr 2022 19:13:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1185059369&t=pageview&_s=1&dl=https%3A%2F%2Fwww.palms.com%2Ffeatured%2Fgrand-opening-042722p%2F&ul=en-us&de=UTF-8&dt=Grand%20Opening%20042722p%20%7C%20Palms%20Casino%20Resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1713517647&gjid=333620071&cid=1454011668.1649963632&tid=UA-215807745-1&_gid=82197949.1649963632&_r=1&gtm=2ou460&z=802604179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.palms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 19:13:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.palms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
658421075263589
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/658421075263589?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
550dde9f61f2bb0244b44e99ec36b1022c75fb207d0de004b41b69a197919634
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
rMafGCChkQinT49Yp0vxGhJoDLVbUeyYl+Oijwcsm+oPyfazpZNSKXgwL0/XL4OQKIcdNmThcM/ixCNU7XLOwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 14 Apr 2022 19:13:51 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-215807745-1&cid=1454011668.1649963632&jid=1713517647&gjid=333620071&_gid=82197949.1649963632&_u=YEBAAUAAAAAAAC~&z=1894985738
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.palms.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Apr 2022 19:13:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.palms.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=658421075263589&ev=PageView&dl=https%3A%2F%2Fwww.palms.com%2Ffeatured%2Fgrand-opening-042722p%2F&rl=&if=false&ts=1649963631782&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649963631781.567202478&it=1649963631630&coo=false&rqm=GET
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 14 Apr 2022 19:13:51 GMT
style.min.css
www.palms.com/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: www.palms.com
URL: https://www.palms.com/featured/grand-opening-042722p/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 17 Feb 2022 19:42:26 GMT
server
cloudflare
age
1766737
etag
W/"620ea522-145a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fbec2daddf79136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fontawesome-webfont.woff2
www.palms.com/wp-content/plugins/ninja-forms/assets/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.palms.com/wp-content/plugins/ninja-forms/assets/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.palms.com
URL: https://www.palms.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=5.9.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.palms.com/wp-content/plugins/ninja-forms/assets/css/font-awesome.min.css?ver=5.9.2
Origin
https://www.palms.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:52 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 12:50:33 GMT
server
cloudflare
age
180814
etag
"62502f99-10440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2dbe8a89136-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66624
PALMS-caa04a-28.png
www.palms.com/wp-content/uploads/2020/03/
Redirect Chain
  • https://palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
  • https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
546 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
Protocol
H3
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa94abb998f8c8615950ad4880b7016f8cc7237e2a72323ba6448be93f8e00b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.palms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 19:13:52 GMT
cf-cache-status
HIT
age
32466
cf-polished
origFmt=png, origSize=802
content-disposition
inline; filename="PALMS-caa04a-28.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
546
last-modified
Mon, 13 Dec 2021 22:33:05 GMT
server
cloudflare
etag
"61b7ca21-322"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6fbec2dcdaa99136-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Thu, 14 Apr 2022 19:13:52 GMT
cf-cache-status
HIT
server
cloudflare
age
1102
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
location
https://www.palms.com/wp-content/uploads/2020/03/PALMS-caa04a-28.png
cf-ray
6fbec2dc9ba490b5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
www.facebook.com/tr/ Frame 48E1 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.palms.com
Referer
https://www.palms.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.palms.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 19:13:52 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| divimode_loader object| DiviAreaConfig object| DiviPopupData object| DiviPopup object| DiviArea function| apbct_attach_event_handler__backend function| jQuery function| $ object| ctPublicFunctions function| ctSetCookie function| ctDeleteCookie function| apbct_public_sendAJAX function| apbct_public_sendREST object| ctPublic function| apbct_collect_visible_fields function| apbct_visible_fields_set_cookie function| apbct_js_keys__set_input_value function| apbctGetScreenInfo object| cleantalkModal object| cnArgs object| fecha function| HotelDatepicker object| palms_object object| dataLayer function| gtag number| formDisplay object| nfForms object| form object| input object| containery undefined| datepicker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| divimode_front object| DIVI object| et_builder_utils_params object| et_frontend_scripts object| et_pb_custom object| et_pb_box_shadow_elements function| Waypoint function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect function| et_pb_menu_inject_inline_centered_logo function| et_pb_menu_inject_item function| et_pb_reposition_menu_module_dropdowns boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_woo_star_rating function| et_pb_wrap_woo_attribute_fields_in_span function| et_pb_init_modules function| etFixDividerSpacing function| etInitWooReviewsRatingStars boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized function| _ object| Backbone object| nfRadio function| nfRecaptcha function| nfRenderRecaptcha object| Mn object| Marionette function| mexp object| nfi18n object| nfFrontEnd object| nfRepeater string| et_location_hash function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_tabs_init function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_pb_shop_add_hover_class function| formContentView function| et_pb_init_woo_custom_button_icon string| waypointContextKey

21 Cookies

Domain/Path Name / Value
www.palms.com/ Name: apbct_timestamp
Value: 1649963613
www.palms.com/ Name: apbct_site_landing_ts
Value: 1649963613
www.palms.com/ Name: apbct_page_hits
Value: 1
www.palms.com/ Name: apbct_cookies_test
Value: %257B%2522cookies_names%2522%253A%255B%2522apbct_timestamp%2522%252C%2522apbct_site_landing_ts%2522%252C%2522apbct_page_hits%2522%255D%252C%2522check_value%2522%253A%2522b89dabb28a797b601be6f53e0c510512%2522%257D
.www.palms.com/ Name: apbct_urls
Value: %7B%22www.palms.com%5C%2Ffeatured%5C%2Fgrand-opening-042722p%5C%2F%22%3A%5B1649963613%5D%7D
.www.palms.com/ Name: apbct_site_referer
Value: UNKNOWN
www.palms.com/ Name: ct_sfw_pass_key
Value: 337b634fffb1f4ede59c86e531b72b4d0
.palms.com/ Name: _ga
Value: GA1.2.1454011668.1649963632
.palms.com/ Name: _gid
Value: GA1.2.82197949.1649963632
.palms.com/ Name: _gat_gtag_UA_215807745_1
Value: 1
.palms.com/ Name: _fbp
Value: fb.1.1649963631781.567202478
www.palms.com/ Name: ct_ps_timestamp
Value: 1649963631
www.palms.com/ Name: ct_fkp_timestamp
Value: 0
www.palms.com/ Name: ct_timezone
Value: 0
www.palms.com/ Name: ct_screen_info
Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A1500%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
www.palms.com/ Name: ct_has_scrolled
Value: false
www.palms.com/ Name: ct_mouse_moved
Value: false
www.palms.com/ Name: apbct_pixel_url
Value: https%3A%2F%2Fmoderate2.cleantalk.org%2Fpixel%2Fa538f2bdcc8834e2db88c420380fdc44.gif
www.palms.com/ Name: ct_checked_emails
Value: 0
www.palms.com/ Name: ct_checkjs
Value: 867713979
www.palms.com/ Name: ct_pointer_data
Value: %5B%5D

1 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.mygamingrewards.com
connect.facebook.net
fonts.googleapis.com
moderate2.cleantalk.org
p.typekit.net
palms.com
stats.g.doubleclick.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.palms.com
13.111.168.216
141.193.213.20
141.193.213.21
159.203.121.181
2a00:1450:4001:802::2008
2a00:1450:4001:812::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c0b::9c
2a02:26f0:3500:7::17d8:4dcb
2a02:26f0:f7::5c7b:e053
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0f2eb319e49b18d40eab6904ecbc4a744e53feb4a4dbc1c80b0ee8da8ef8859c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
140b8a5ffe7434e9217d3838352af59b45c7d11fd75acee3898220b388c4c24d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea
2229d66fe1232263f60caac4b54d25a52607010928a21bad0e0a813bde503c44
3aa94abb998f8c8615950ad4880b7016f8cc7237e2a72323ba6448be93f8e00b
3b4fc08b6e1cfc34847040179af3c0fc9e4b0fb57507f06e205dc74004518f62
3d9a98732260d8f372039f3b73e1b018375cd711ca8494fc8e72db3490c345a5
3dbe4b464c6182c5664c51442a25448b0bd63f6c0b4083fd7b1a131f8a526dec
3ec79f4ebdf38a9f564280931654fcfb49ef7f4ae1cc9e91ee9aa53575501d7f
40f2a2f8e09980ee2d1263f3f17d360f2d7348cc12e07b27eba90b275aca4616
46652f40170b7b035df842fe8b029f3704fa74750be57dfc72ccb9e28ab6b596
4b91d8b8dd76377f9689bf57da5a8b55162480878e4710463aa45d5dec89b2f3
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
550dde9f61f2bb0244b44e99ec36b1022c75fb207d0de004b41b69a197919634
5cad62070b3313384046f00788d7567351713f093beddfd015f1da141c7c4583
61a6c9e33c3e2a1f6b12f1b1373c2c394bd21f2edd97e602d088c03f9ff90c0b
641b4869b33bb1e2a8f76b4324a62a3c5ae76d546772df54731406dbad7edaf2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd6388ef8a63fafaa93b740a72701c4a66ddc34036a2d062ffb2820a0b98ce7
72856524d4f8632f6e457991be9c84cde13dab2c34a2b37e3d8f0b61293c61f3
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
79fa511ea1251897ae53b084182bca90953d1ccdf741fb35478c1902bb64a7eb
88b7e6bce990eb78bfaa499ef0448ab166b625969a9f469926d7b1e2f8651f89
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23c48b5ab60ced83c945fbdf25255b946fc5373c04c328b78342baf2a06f04e
a94898d72f700105ac2a95ead5e4eb9f9a81a83d9358ff0c8f31baf863f0cfbe
b5cec8800ffe6b92993466f61ec4f4d5ee6dee946a942b9356559821585fb650
b6aed488d128d02850cfb20b4de28a2eceffddd04342f413bbe88a141235a976
ba2eeab126375c9cc2fabe9a6fe35f25dea57c52df280e6e24a790f5f45be878
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdbde90d566e86626c6bcf83511d20053c3d03825f961f34b0cffd9a978f7fca
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c38bc4d28cb6dd5263a68b3efa74cd5b746f9083484871c54f4cd437c828b40e
c55fcd59f542b545d2cb56bdaea6b3c3365f46e4934252a1dfb878bd73f1f0dc
c9de42140ad7b921d11cef29d093a691d780ba5b99702752d10b18d2035480a5
cb9bb8ccfed2bbe8ac42fe01849128dbbeb0ea104e0b54b10656a5f282f07689
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d2c30641eed11d27cc45ab60849aaef8d0cef92b8c75b09648ffb764bd6017c0
dad598c4636f61765a79d791ba55c44f12643844c829a459b69f4440d9bbfa1a
dc20e5b5db2a58812823df2dacd293eb657b9d38d58c18700a27db9c7bd67e0e
dc228e912765cf8289347e62db1643b7efd84f84483d4e550ae97649f882dc0d
dc81276f0b7b4c93299d830b4c3c686fd2e4bf4010bfdc47c5225605217685c2
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ddf0fe63d9f03e88348daf1d41227d9f886b37965dce3b5a3bd026b1afc3adf4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee65736dcaefc172c19289e5ea26aae06225cd091be750fee4c40931ed1345bf
f2c4a355f2a88ce6793b73c3a6cddb3703355d2b74a6cff0dc2ff81383480a01
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995