urlscan.io logo urlscan.io
SecurityTrails logo

palmalliance.com Open in urlscan Pro
2606:4700:3033::ac43:a09b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://palmalliance.com/register/?refer=2h7sje
Effective URL: https://palmalliance.com/public/register?refer=2h7sje
Submission: On October 20 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3033::ac43:a09b, located in United States and belongs to CLOUDFLARENET, US. The main domain is palmalliance.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 7th 2022. Valid for: a year.
This is the only time palmalliance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.26.8.183 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.111.9.57 33438 (STACKPATH)
28 5
20    2606:4700:3033::ac43:a09b (United States)

ASN13335 (CLOUDFLARENET, US)
palmalliance.com
1    104.26.8.183 (United States)

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
5    2606:4700:20::681a:98b (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.111.9.57 (United States)

ASN33438 (STACKPATH, US)
twemoji.maxcdn.com
Apex Domain
Subdomains		 Transfer
20 palmalliance.com
palmalliance.com
922 KB
5 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 17993
271 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
2 KB
1 maxcdn.com
twemoji.maxcdn.com — Cisco Umbrella Rank: 9202
2 KB
1 gstatic.com
fonts.gstatic.com
27 KB
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 16147
494 B
28 6
Domain Requested by
20 palmalliance.com 1 redirects palmalliance.com
5 widget-v4.tidiochat.com palmalliance.com
code.tidio.co
2 fonts.googleapis.com palmalliance.com
widget-v4.tidiochat.com
1 twemoji.maxcdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 code.tidio.co 1 redirects
28 6

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-07 -
2023-09-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
twemoji.maxcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-13 -
2022-11-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://palmalliance.com/public/register?refer=2h7sje
Frame ID: 6EE171757BA5059B0A85BF6B27261A36
Requests: 21 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_123_0/static/js/chunk-WidgetIframe-2b15c4d844c6b675e362.js
Frame ID: 34A966999390AF74E419DB7292E1B881
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Frame ID: D28181F8AF0EBC8F6F59452DA678A9FE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Palm Auth

Page URL History Show full URLs

  1. https://palmalliance.com/register/?refer=2h7sje HTTP 301
    https://palmalliance.com/public/register?refer=2h7sje Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1223 kB
Transfer

2717 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://palmalliance.com/register/?refer=2h7sje HTTP 301
    https://palmalliance.com/public/register?refer=2h7sje Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://code.tidio.co/m3tedumpoleevbbgdo0jcfis2q8wynay.js HTTP 302
  • https://widget-v4.tidiochat.com/1_123_0/static/js/render.2b15c4d844c6b675e362.js

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
palmalliance.com/public/
Redirect Chain
  • https://palmalliance.com/register/?refer=2h7sje
  • https://palmalliance.com/public/register?refer=2h7sje
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/register?refer=2h7sje
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.20
Resource Hash
e810c3b3e265b42d1a3ca28e5ac0a61ae8d57ad898b96206a93b15ed5833e73f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
75d30aed4c907162-DUS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 16:13:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5P3k%2F28ih4jea5MjhzdqhWOEit9ZOOhVItEPpY2rXkfwt7rpG1gAoUEJ%2F5FXHlZ%2F%2BBy1a%2Fh6kUDTzsq7UdGquGFs%2B8xCkj0Ffpj4CeGUZNXGSqvfjbY%2BZTGHwruwyvbZiGF5Ng7GspDQC70cpqT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.20
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
75d30aecdb7c7162-DUS
content-type
text/html
date
Thu, 20 Oct 2022 16:13:46 GMT
location
https://palmalliance.com/public/register?refer=2h7sje
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBCEADhr26fvK6MOq8Dt7juN0KSaJJaKUZ9SNdwYxBHW1oWZfpmefEfc5SIt4g9A12ZbrqwqlCEg%2B1U2IJq%2BwcHUNiWBf6ywaZEW6Kaub1ci3XiAQM34ge9TQVQ1mzeErlTKc5V7RLarciVSOtLC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-turbo-charged-by
LiteSpeed
font-awesome.min.css
palmalliance.com/public/assets/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/assets/css/font-awesome.min.css
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aae03f8a8daad95440b46d78675838c8fc7a52362a6d657071554d86f2c9c55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
164206
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7k2TNgXArLbAX8c4NuPZMZ1%2B%2Fxfqxj806tgFlK235pK5gQx84BVGGShivhDFxKVS0uPggoBir3vtBnJbYennkhMCf2p%2B5F4vz1%2FXYFwFxOyyvohDCG%2FztsuCWA1bKYOrHL%2BgEzDQhSKDcjeHN63"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeebe051cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 19 Oct 2022 20:43:05 GMT
icons.min.css
palmalliance.com/public/user-assets/css/ 		401 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/css/icons.min.css
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5a737a197e156fcbd3e1f99a6aa6115350f3820f689cfe698b7bef39042fec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
164206
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raCr9rhYtdpVW2NW5x7uOHUk3CvF6rUKT09L4wp7ai2Fm9vqKos0m1ow1XcIywMvd31qZ4g1PFXfc0E3YAg61keGlpPGujnRU2HBVWqFpb6BpWyON8TZi6iPyZcO6fRU4m11cx43mXHTPUF25QR3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeebe091cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Oct 2022 06:04:31 GMT
bootstrap.min.css
palmalliance.com/public/user-assets/css/ 		173 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/css/bootstrap.min.css
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a85d0a0f6c05c588cf306649cf8d6b40f5fe3cc0885c0f1a8ea96344cd24579

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSjigt4%2FxQoIOps7Mw7S%2FwAl16I0CQ1qNSv4tlMa4rXvkY%2FsWxLSoleLmJpp8E8nCCkBCqYHxRgsxy8%2FGnSgKdFp0t7TYl94LTOsdf4aZ07AYswYngf73wB83%2FDr%2FY8lLEQg%2Bsbo6j%2BDLqWdqcyW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeebe0a1cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Oct 2022 06:45:32 GMT
app.min.css
palmalliance.com/public/user-assets/css/ 		143 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/css/app.min.css
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71dad814be49d010b77f1fa2476643ba8ad3bc2406ee6bc7dd9b1be41e4e54c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBkRWjiRAjxzzm%2BMwMGcHJb1mG2OeTesxnBCDuduUY5s7qhV%2FIARJ6mnlEuK%2Bg4Fa%2FBBLZ9EUl5YrBCYezzk9vWX7K6Hn4BTIk99sQeI%2B0YjsYHMsteiVXWnZA3lqusxsutHanStTT90Lg0dE0tz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeebe0d1cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 06:21:14 GMT
logo.png
palmalliance.com/public/assets/images/Header/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://palmalliance.com/public/assets/images/Header/logo.png
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79771055638fb9c0de91b8f8f3ae313e57b62e25d48e835a87312945ea4a4ef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNaksU2VpyF61MNbZdiG70zeL0IBM%2FPbqrgj%2Be1kf%2BRxEHBFq0isHbsNfay2bZyREiirSaN%2F5sEOYukWtHV47tCBf3P2pLp%2FPaPFCWvl0lTAeSxvLqG4LqLIyXM0o4JWcknth3%2BsscuQINMqxwub"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
75d30aeede681cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10240
expires
Thu, 27 Oct 2022 04:32:40 GMT
email-decode.min.js
palmalliance.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Oct 2022 13:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634571bd-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vFBP9eBnt1tsJApEpM3%2FXwU0lgYQx8QBTNa6%2FKHWXDbZeBnMZmG%2FqSmg%2FGwVZnCEUDPO0jHhNfwhyA9FQxwfBrZ8tdf40SVQ2w7oQsDa7wPZd12y3pvNTZOi5KBPmVj9Jw%2FgsyMMCEhoZURn13J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
75d30aeede541cd0-BUD
expires
Sat, 22 Oct 2022 16:13:46 GMT
render.2b15c4d844c6b675e362.js
widget-v4.tidiochat.com/1_123_0/static/js/
Redirect Chain
  • https://code.tidio.co/m3tedumpoleevbbgdo0jcfis2q8wynay.js
  • https://widget-v4.tidiochat.com/1_123_0/static/js/render.2b15c4d844c6b675e362.js
17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_123_0/static/js/render.2b15c4d844c6b675e362.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H2
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9295e7b62b41fa59aa4367bcd7eef73b5c36693851eb99c0e4b2e5c51d89ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 12:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4660
etag
W/"634ff3b6-4311"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvl5QA%2Bm2PfK2guEY9FXrTiWPcCTFKOuCRcFWNM1IPwWaSiSaNcrph7PHm2ibsF8x7csYQJVM6cfsXgg0%2BXSyFUA9VuzMwTsOrYwtf4z5gqATBprktk%2BuM%2Fb7PsXYCcz2VXAnLuLEpLg7OgZcdE6PPs8l2Z1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
75d30aefeaac915e-FRA

Redirect headers

date
Thu, 20 Oct 2022 16:13:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhMohGSdVLvvyKKEffQVCzK7PHRwTcodSnTgxEcmQ4XE5Uwy7PFIqHCf0uDHQkCr6TFVS0TxRoyPq6spob8IhDw7VoCp5VybSEPHzn8eFnZtwwKRaOisRVvsFUYxe%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_123_0/static/js/render.2b15c4d844c6b675e362.js
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
75d30aeefc2f9152-FRA
jquery.min.js
palmalliance.com/public/user-assets/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/js/jquery.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
164206
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmcHESg%2FgweCJI7usOm5cJeBFYTEQimKhPk8AdfirMOXyhoCRfl7uyZZfUgirxKlp%2F0SRmSzbWxo3uBMO2npCRjMqL1Fl8lB2%2BAzSL7ICDJ%2B4CO8LobIRFRQFuGxZ4icdcybyiJ5HRFaFAh6sbCB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede571cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 05:33:28 GMT
bootstrap.bundle.min.js
palmalliance.com/public/user-assets/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/js/bootstrap.bundle.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exqYBs%2FnmdnZF3KABmgtZGJ6QrgHy6th4cGMLQ16agncGEwhuH3idI%2BKWg2usmr1JzY5viIarlIKfcGvohV%2FSTQjLruf88sl80LJ7dWsfAfJwBtPraHNfPP0dmv0xP7F0sJGwvbgtPA494vU%2Fihu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede591cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Oct 2022 06:45:32 GMT
waves.js
palmalliance.com/public/user-assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/js/waves.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e756a5f1e8e72615fed177b2a9d17be1a0f9c0ff696289f9f0046077cd3398be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164206
cf-polished
origSize=18867
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZ%2BDRmNTYa7JJA%2BK%2FJaEBWORjCACGxSxzYQ%2BonDmgYc90jW8PJGugE9wFdvY56bWlOkhCtFUky8N2uXk2%2Bjovx2bJAu8HEwkvwKRh2FUAas76YkQraanAZxjrWkKoDKLNo19zgXsiIYM2i35K0TF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede5b1cd0-BUD
expires
Fri, 21 Oct 2022 07:25:03 GMT
feather.min.js
palmalliance.com/public/user-assets/js/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/js/feather.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f832aa433d56ed432c7933c53c5743164d743ca6525c215dc48912a51f3e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PBx09AkERpYtOl7ONBB8LOUJ89oIYMzIsPwV7ZiQ8ZC%2BHJfSvTLG6LDdGUrrFI4qKzmmxMixxJZC7YTO%2F6MaECPqG09f%2B1cnjDPkDNbEqwBdCXFv%2BEtq%2BlkWqKvd%2BmvazDFIIo4srLivNzFiDB%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede5c1cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 26 Oct 2022 17:35:55 GMT
simplebar.min.js
palmalliance.com/public/user-assets/js/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/js/simplebar.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84575d0fa5cc23015b6b8213423a6fe56584e79ef0e8ed30f5145f9868c8cf89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p8t%2BkSLs%2F4xCFTMve%2BtWMycBWWWxOSg5PmBLml5HhSjOgEv1gkPlZox%2B2AeD8ZxxqF%2FC7FJqqFxjAS%2FaT4cwbqXHrl5lTR%2BpIEvGd5JrFOyv93%2BTV4gdrJr%2FUWeBqLtoWjVoto5N8WVz3BONpne"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede5d1cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 05:33:28 GMT
parsley.min.js
palmalliance.com/public/user-assets/plugins/parsleyjs/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/plugins/parsleyjs/parsley.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7596b721b38ea517d8b858951a8a198c6851a01f1e2defe7c88d20ca783cdf56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KzYbdh%2BtDy%2BNyycvTcCvIZ5iFfrpFUBgO4w2rQ0%2FTbOwECGIvnyP1vzvDxISbjkIkohrhK54fnNL69d3JserEjBVmJRaT20eGzgv7poWKzQ%2FNUNcK3mmmEcQ0pxCmtRbTifuBR2Sjki4x8O77wk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede601cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Oct 2022 06:29:26 GMT
jquery.validation.init.js
palmalliance.com/public/user-assets/pages/ 		60 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/pages/jquery.validation.init.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e4c29e7e569d5ad0fcb7c000516ff3272841bbec3011c1eb0e673aa8d509c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QMJfdpCtaRohalno%2FREIodFwhFYv9VnncikSWCzQGKr6bYQLqyJAd0AkPspmEYcPiggIoBCvVGli4BZ9lr00MEfdKkBDTcu51GP23djCY%2FUWHNu9LtWGJ1aPRQFiLEi8KuywbAocb4PUp2xSJlB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede611cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 21 Oct 2022 06:25:00 GMT
dropify.min.js
palmalliance.com/public/user-assets/plugins/dropify/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/plugins/dropify/js/dropify.min.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49469aa3943b89faf6b70c044f48b25d5cb43959ee149846562e44fdda8488b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiAJwsLPOHJbnPY0FQGGZwenJhN4vLr%2F8hxwQncVzHIDY3dM3pMyv1TJnsY6MkkHb3QzB6tw3nBXTEpqj9vy70loIrqYkT4MfURgUTHgP%2BUzP3S%2FA%2FCLec2xX5ZknkHg6kufEUI7jmvW4BbyE4x%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede621cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Oct 2022 06:45:32 GMT
jquery.form-upload.init.js
palmalliance.com/public/user-assets/pages/ 		702 B
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/pages/jquery.form-upload.init.js
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169e798c8ac3cac477ea68a5082159e4c1b0e024cdb182e2d404e2f6377a636f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asca%2F2xZT6uQnyNqwZsCWeg0ODmDeByHIpNbIPft5P1MeTnolabEdJBf324V%2FoK6rXHhWuQo8VMFRSAlP97Y07NcDKXayvLj2BLeCqx7NAFsRlSiH7BAfaeGkz%2FnuwQTxcX9V6CqFe2hHLsAEgYw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
75d30aeede641cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 24 Oct 2022 06:45:32 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&amp;family=Roboto:wght@300;400;500;700&amp;display=swap
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/user-assets/css/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c893e83c399c815c8b0c4aadf458a8e67a52a5f6269b3d287116e0311801f38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 16:13:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 16:13:46 GMT
auth-bg.png
palmalliance.com/public/user-assets/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://palmalliance.com/public/user-assets/images/auth-bg.png
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/user-assets/css/app.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc0f0a8867dbf67f0d1996cdc2272c262289e60b6f6ea49027d7ab9029a02d08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/user-assets/css/app.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
164206
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44388
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e4nRVUufPvXrsY%2Bj2XeBIRpqyDMRTQP0V5zwqPiDCZLW1HcVxkEwjaed8sAQ7uaF1EiamFUrMj5RnymgZyld0Mt%2F5q0UPugAo%2Fw8Vh3qvti0PrusJXLP3fA7IgLOyUCMwkc6y2hljdZUuxoNuGO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
75d30aeff8a11cd0-BUD
expires
Mon, 24 Oct 2022 04:56:03 GMT
fa-solid-900.woff2
palmalliance.com/public/user-assets/fonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://palmalliance.com/public/user-assets/fonts/fa-solid-900.woff2
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/user-assets/css/icons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Referer
https://palmalliance.com/public/user-assets/css/icons.min.css
Origin
https://palmalliance.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpVL0KIxX6saS%2FsaSnhjFRjzs%2FTeU8v%2BLthQpaqdgZDgdfpbdmu3GNiSZ8GjL67AzKCEW4qxVy%2F0i7zuBUNaOC4ldTRrqNIeTTozftNAjWckxnzLqNpH6y%2FxsV52IOcCYlljI%2B7olLKuiYeoe%2BIQ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
75d30aeff8a21cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
79444
expires
Sat, 22 Oct 2022 18:13:14 GMT
footer-bg.png
palmalliance.com/public/assets/images/Footer/ 		547 KB
548 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://palmalliance.com/public/assets/images/Footer/footer-bg.png
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a09b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0965b04fb6da984cea1d7afad02359dcfb39e58cc4b3511896219b3456d07e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://palmalliance.com/public/register?refer=2h7sje
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
cf-cache-status
HIT
last-modified
Sat, 16 Oct 2021 23:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2loLcOlJ3Y2aUNnmk%2FXSwQs8I%2F1y%2FGf%2F4Zk%2Fylk14PL32sxj0kEy0W4HUJZc88uW5fhWIPKfZgnFezclAX4i7%2BMtNXrmhg9CG5hnXiJHQf%2BAOSFdhamRWFTxfiRVfOcH4siQyNdqvcjSHIyUD6lt"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
75d30af018fd1cd0-BUD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
560184
expires
Fri, 21 Oct 2022 06:21:17 GMT
chunk-WidgetIframe-2b15c4d844c6b675e362.js
widget-v4.tidiochat.com/1_123_0/static/js/ Frame 34A9 		342 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_123_0/static/js/chunk-WidgetIframe-2b15c4d844c6b675e362.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/m3tedumpoleevbbgdo0jcfis2q8wynay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d230d31c0ccffc43a563f1772bafa3c643874f0f2f4cdb92ca6be532e19265

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 12:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4658
etag
W/"634ff3b6-55707"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3rGYtiyWqPZHR8yUV24fVEiapkckkSPVyYbieMoa%2FOoheBmE40MiEkAR2M9QkMuYhSwseeHDcLqME2UHlM8RMYp8a9VWQzEz6DpyEMm09OQWYbjy3O7Kh4JbkNo3wxekfASyP3UuHDdqolliIIkUfb3aymM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
75d30af03b52915e-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame 34A9 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
874541
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Tue, 04 Oct 2022 08:52:02 GMT
server
cloudflare
etag
"633bf432-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFW3MUTJrHuambqVt94iSwUleMmGUE9aUCcH6WXo%2FbyCCh7RRZ5M8ylEn3%2BDP24YRv%2B34Sl4BEKRUKZkGlgQmMSoJOC6K3qItm4jcByNgDf2Ry6GoQ%2FFPH1Ceo1Me1tatrDh85ASzMTeh7zA1thTpl5OaPZW"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
75d30af04b69915e-FRA
expires
Mon, 24 Oct 2022 13:18:05 GMT
widget.2b15c4d844c6b675e362.js
widget-v4.tidiochat.com//1_123_0/static/js/ Frame 34A9 		523 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//1_123_0/static/js/widget.2b15c4d844c6b675e362.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/m3tedumpoleevbbgdo0jcfis2q8wynay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49259869dfa0127388380b7d9589616ed0bdcb076caf496aac1b476a9f9f1b99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:13:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Oct 2022 12:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4658
etag
W/"634ff3b6-82d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZIjDHFkSfbgBomcmWj7R3OmxZzaDz1Gh%2FUE7bdpCLCTaegpBoH9kte%2B9IMCYFSlwhDA3F8RyZB4jlFMMcm0GsCAfrx2tqRexWMnR3r7Y4zvNa054qBcibExwTR27aQkcjNWX6PEgv9dbLlPZ%2B5rjZY7qjYg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
75d30af04b6a915e-FRA
tururu.mp3
widget-v4.tidiochat.com// Frame 34A9 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: palmalliance.com
URL: https://palmalliance.com/public/register?refer=2h7sje
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 20 Oct 2022 16:13:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
874542
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Tue, 04 Oct 2022 08:52:02 GMT
server
cloudflare
etag
"633bf432-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgSLiHHB79FHuplXxazQjab5ui1l%2BKec5pb%2Bjs9638faTpxXFLthGz7z9Qt2GKahKa2hdj827gRtL0SoxMRCZOMztp6nEREycGiBEjdwqzDQCPIj%2BUX0WPgDloAQfPrU5LgPZnQTbyYm81T9XJQLllTX3bgB"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
75d30af0cc51915e-FRA
expires
Mon, 24 Oct 2022 13:18:05 GMT
css2
fonts.googleapis.com/ Frame D281 		3 KB
554 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com//1_123_0/static/js/widget.2b15c4d844c6b675e362.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b9eda616b81dc5eaa73c8ea68dd4d61c78b28e2b54a05d7936d33742e866993a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 20 Oct 2022 16:13:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 15:18:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Oct 2022 16:13:47 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ Frame D281 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palmalliance.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:32:13 GMT
x-content-type-options
nosniff
age
74494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:32:13 GMT
1f44b.png
twemoji.maxcdn.com/v/13.0.1/72x72/ Frame D281 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.57 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-fastly-request-id
f7b4b6b22344a03ada73e2671838a2c4051e1ca5
date
Thu, 20 Oct 2022 16:13:47 GMT
x-proxy-cache
MISS
x-cache
HIT
powered-by
MaxCDN
content-length
1285
last-modified
Thu, 31 Mar 2022 03:24:17 GMT
server
NetDNA-cache/2.2
x-github-request-id
0808:5E1C:E85F50:F03224:63494544
etag
"62451ee1-505"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 19 Nov 2022 16:13:47 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| params function| $ function| jQuery number| uidEvent object| bootstrap object| Waves object| feather function| SimpleBar function| _toConsumableArray function| _slice object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley function| Dropify object| SENTRY_RELEASE object| tidioChatApi

2 Cookies

Domain/Path Name / Value
palmalliance.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNYK1dxZ3cxcVQxODBkRklDMnRsOGc9PSIsInZhbHVlIjoiTUZRZHB3blRLV0dha3d4VG82MytsVjNjbnd2WGw4OUdZV1E3MnpFd0dtb1Y2eGRjZjBIVHZEcWYxb2VwK1ZVWTVXS0hFQUZDOTFZcng5RzBGd0hQWXlWTFhldWppaTdlV1RSNlRHNTNkV0E5MWRuZUJNS3dsRVJ2bCtuWDBZaUkiLCJtYWMiOiJlZWMzYWY3OGRkMDQ5YTAzMTg3ZmNkNDI2MGE5MTg1YTJhODhmYThlNjZkNDVlM2NmMzU0ZWIyYmE1YWU3ZWI4IiwidGFnIjoiIn0%3D
palmalliance.com/ Name: palm_alliance_management_session
Value: eyJpdiI6InZPcytBU0VJbVJUMVpCWHJycGNtV0E9PSIsInZhbHVlIjoiNVpYUTc1S0laN3E4RGIwOFRRVnZacU05SVVPR2pCL0ViZmp0TlNSWm9kVTZuSWtIZFNkOUlITDNhdGVac2d5UlBYckhHYURyK2tOUm5LSStHazBkU0JOOEI4OEFES1pFUGZUOUxNTDJMODhqSDVQTUI5d1NnVlJqS2orOU43d1IiLCJtYWMiOiIzNmU5MjU5YzU5ZDQ2MTRlMGExMzMwNzZiYTQ5NmQzZWRhNGVjNThkZDA4Y2EwMDY2ZmFlNDA2MzhhOWNiN2I2IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
palmalliance.com
twemoji.maxcdn.com
widget-v4.tidiochat.com
104.26.8.183
23.111.9.57
2606:4700:20::681a:98b
2606:4700:3033::ac43:a09b
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200a
0965b04fb6da984cea1d7afad02359dcfb39e58cc4b3511896219b3456d07e35
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
169e798c8ac3cac477ea68a5082159e4c1b0e024cdb182e2d404e2f6377a636f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
36f832aa433d56ed432c7933c53c5743164d743ca6525c215dc48912a51f3e25
3aae03f8a8daad95440b46d78675838c8fc7a52362a6d657071554d86f2c9c55
49259869dfa0127388380b7d9589616ed0bdcb076caf496aac1b476a9f9f1b99
49469aa3943b89faf6b70c044f48b25d5cb43959ee149846562e44fdda8488b5
4a85d0a0f6c05c588cf306649cf8d6b40f5fe3cc0885c0f1a8ea96344cd24579
5e5a737a197e156fcbd3e1f99a6aa6115350f3820f689cfe698b7bef39042fec
7596b721b38ea517d8b858951a8a198c6851a01f1e2defe7c88d20ca783cdf56
79771055638fb9c0de91b8f8f3ae313e57b62e25d48e835a87312945ea4a4ef1
79d443b15f542c8a8acca8e937f2a3c90ecba78bd49fdbac6c9b878c7f1293e9
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
84575d0fa5cc23015b6b8213423a6fe56584e79ef0e8ed30f5145f9868c8cf89
84d230d31c0ccffc43a563f1772bafa3c643874f0f2f4cdb92ca6be532e19265
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
b6e4c29e7e569d5ad0fcb7c000516ff3272841bbec3011c1eb0e673aa8d509c5
b9eda616b81dc5eaa73c8ea68dd4d61c78b28e2b54a05d7936d33742e866993a
c71dad814be49d010b77f1fa2476643ba8ad3bc2406ee6bc7dd9b1be41e4e54c
c893e83c399c815c8b0c4aadf458a8e67a52a5f6269b3d287116e0311801f38d
d9295e7b62b41fa59aa4367bcd7eef73b5c36693851eb99c0e4b2e5c51d89ac5
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e756a5f1e8e72615fed177b2a9d17be1a0f9c0ff696289f9f0046077cd3398be
e810c3b3e265b42d1a3ca28e5ac0a61ae8d57ad898b96206a93b15ed5833e73f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc0f0a8867dbf67f0d1996cdc2272c262289e60b6f6ea49027d7ab9029a02d08