secure.palmbeachgroup.com Open in urlscan Pro
2606:4700::6810:1937 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.exct.legacyresearch.com/?qs=404d0368ffe2f3bf663a050433722866a4d9089cf9bae01e4efc5bdf0d29819a2b86e182b0f4993a9fff858f08f0...
Effective URL:
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm....
Submission: On May 10 via api (May 10th 2022, 10:28:53 am UTC) from US — Scanned from DE

Summary HTTP 177 Redirects Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 56 domains to perform 177 HTTP transactions. The main IP is 2606:4700::6810:1937, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.palmbeachgroup.com. The Cisco Umbrella rank of the primary domain is 256120.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2021. Valid for: a year.

This is the only time secure.palmbeachgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.45.142 13.111.45.142	22606 (EXACT-7) (EXACT-7)
22	2606:4700::68... 2606:4700::6810:1937	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:f41b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
8	2600:9000:205... 2600:9000:2057:7600:f:75e2:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	3.5.6.167 3.5.6.167	14618 (AMAZON-AES) (AMAZON-AES)
1	108.157.4.28 108.157.4.28	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	108.157.2.11 108.157.2.11	16509 (AMAZON-02) (AMAZON-02)
9	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1	104.18.6.244 104.18.6.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	151.101.193.2 151.101.193.2	54113 (FASTLY) (FASTLY)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
2	52.72.173.139 52.72.173.139	14618 (AMAZON-AES) (AMAZON-AES)
1	34.246.99.35 34.246.99.35	16509 (AMAZON-02) (AMAZON-02)
1	92.122.144.81 92.122.144.81	16625 (AKAMAI-AS) (AKAMAI-AS)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	209.59.154.196 209.59.154.196	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 9	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
8	151.101.2.27 151.101.2.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.213.109 143.204.213.109	16509 (AMAZON-02) (AMAZON-02)
3 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.248.113.119 3.248.113.119	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.36.113.107 104.36.113.107	() ()
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:205... 2600:9000:2057:7e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.185.246.45 18.185.246.45	16509 (AMAZON-02) (AMAZON-02)
1	34.255.141.199 34.255.141.199	16509 (AMAZON-02) (AMAZON-02)
1	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.120.83.85 3.120.83.85	16509 (AMAZON-02) (AMAZON-02)
1 2	52.17.103.74 52.17.103.74	16509 (AMAZON-02) (AMAZON-02)
2 2	35.172.159.73 35.172.159.73	() ()
1	2600:1f18:444... 2600:1f18:444a:4602:66c0:1498:bf97:ef60	() ()
1	18.235.141.125 18.235.141.125	() ()
1	2600:1f18:612... 2600:1f18:612b:4232:6e00:7b23:6545:3513	() ()
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
177	65

1 13.111.45.142 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.exct.legacyresearch.com

click.exct.legacyresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:1937 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.palmbeachgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f41b (United States)

ASN13335 (CLOUDFLARENET, US)

marketingassets.cloudsna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2057:7600:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3bjnmbj12697.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.6.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-28.dus51.r.cloudfront.net

gsdpeazjjf.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.2.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-2-11.dus51.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.6.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.2 (United States)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.173.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-173-139.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.99.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-99-35.eu-west-1.compute.amazonaws.com

tracking.legacyoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.144.81 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-144-81.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.59.154.196 (United States)

ASN32244 (LIQUIDWEB, US)

js.trackinggrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.213.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-213-109.fra53.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:7::17d8:4dce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.113.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-113-119.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.147.230 (Milan, Italy) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.246.45 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.141.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-141-199.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.83.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-85.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.103.74 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-103-74.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.159.73 (None, ) 2 redirects

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4602:66c0:1498:bf97:ef60 (None, )

ASN- ()

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.141.125 (None, )

ASN- ()

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:6e00:7b23:6545:3513 (None, )

ASN- ()

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	palmbeachgroup.com secure.palmbeachgroup.com — Cisco Umbrella Rank: 256120	2 MB
11	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 448 mug.criteo.com — Cisco Umbrella Rank: 1931 sslwidget.criteo.com — Cisco Umbrella Rank: 1964 widget.us.criteo.com — Cisco Umbrella Rank: 18952 dis.criteo.com — Cisco Umbrella Rank: 974	18 KB
11	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289	10 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	509 KB
9	google.de www.google.de — Cisco Umbrella Rank: 3632	1013 B
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 20	973 B
9	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 11571	32 KB
8	cloudfront.net d3bjnmbj12697.cloudfront.net	508 KB
7	adnxs.com 6 redirects secure.adnxs.com — Cisco Umbrella Rank: 612 ib.adnxs.com — Cisco Umbrella Rank: 326	7 KB
7	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 6280 Failed cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 3396	719 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 6159 metrics.brightcove.com — Cisco Umbrella Rank: 4639	5 KB
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 7886	92 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	40 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1090 ads.yahoo.com — Cisco Umbrella Rank: 1553 ups.analytics.yahoo.com — Cisco Umbrella Rank: 420	1 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	1 KB
3	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	44 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 605	12 KB
3	quora.com a.quora.com — Cisco Umbrella Rank: 9468 q.quora.com — Cisco Umbrella Rank: 4116	15 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	106 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 936	160 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 942 cdn.stickyadstv.com — Cisco Umbrella Rank: 2681	1 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 876	851 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 405	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 2417	2 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 590	735 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 491	626 B
2	akamaihd.net bcbolt446c5271-a.akamaihd.net — Cisco Umbrella Rank: 10653	3 MB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 4678	267 B
2	taboola.com trc.taboola.com — Cisco Umbrella Rank: 882 sync-t1.taboola.com — Cisco Umbrella Rank: 1476	328 B
2	outbrain.com amplifypixel.outbrain.com — Cisco Umbrella Rank: 15576 sync.outbrain.com — Cisco Umbrella Rank: 1057	732 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 557	7 KB
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 11062 s1.listrakbi.com — Cisco Umbrella Rank: 11295	21 KB
2	amazonaws.com s3.amazonaws.com gsdpeazjjf.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 114650	8 KB
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1131	418 B
1	tremorhub.com criteo-partners.tremorhub.com	183 B
1	postrelease.com jadserve.postrelease.com	427 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 945	262 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 893	163 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2297	172 B
1	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2560	336 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 992	238 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 786	784 B
1	pubmatic.com simage2.pubmatic.com	672 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 478	239 B
1	addthis.com cw.addthis.com — Cisco Umbrella Rank: 2120	427 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2822	232 B
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5720	7 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 760	14 KB
1	trackinggrid.com js.trackinggrid.com — Cisco Umbrella Rank: 189731	1 KB
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 4366	184 KB
1	legacyoffers.com tracking.legacyoffers.com — Cisco Umbrella Rank: 128629	522 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 12237	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	1 KB
1	cloudsna.com marketingassets.cloudsna.com — Cisco Umbrella Rank: 93686	1 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 5250	18 KB
1	legacyresearch.com 1 redirects click.exct.legacyresearch.com — Cisco Umbrella Rank: 902660	410 B
177	56

	Domain	Requested by
22	secure.palmbeachgroup.com	secure.palmbeachgroup.com www.googletagmanager.com
10	www.googletagmanager.com	secure.palmbeachgroup.com www.googletagmanager.com js.trackinggrid.com
9	www.google.de
9	www.google.com	1 redirects
9	ssl.kaptcha.com	secure.palmbeachgroup.com ssl.kaptcha.com
8	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
8	d3bjnmbj12697.cloudfront.net	secure.palmbeachgroup.com s3.amazonaws.com
7	c.lytics.io	secure.palmbeachgroup.com c.lytics.io
6	manifest.prod.boltdns.net	secure.palmbeachgroup.com
6	www.google-analytics.com	www.googletagmanager.com secure.palmbeachgroup.com
5	metrics.brightcove.com	players.brightcove.net
4	secure.adnxs.com	3 redirects
4	dis.criteo.com
4	gum.criteo.com	3 redirects static.criteo.net
3	ib.adnxs.com	3 redirects
3	www.googleadservices.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	cdnjs.cloudflare.com	secure.palmbeachgroup.com cdnjs.cloudflare.com
3	code.jquery.com	secure.palmbeachgroup.com
2	i.liadm.com	2 redirects
2	ad.360yield.com	1 redirects
2	x.bidswitch.net	1 redirects
2	r.casalemedia.com	1 redirects
2	eb2.3lift.com	1 redirects
2	idsync.rlcdn.com
2	bcbolt446c5271-a.akamaihd.net	secure.palmbeachgroup.com
2	edge.api.brightcove.com	secure.palmbeachgroup.com
2	pixel.sitescout.com	secure.palmbeachgroup.com
2	stats.g.doubleclick.net	secure.palmbeachgroup.com
2	sp.analytics.yahoo.com
2	q.quora.com
2	s.yimg.com	secure.palmbeachgroup.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com
1	ads.stickyadstv.com	1 redirects
1	criteo-partners.tremorhub.com
1	jadserve.postrelease.com
1	i6.liadm.com
1	match.sharethrough.com
1	rtb-csync.smartadserver.com
1	sync-t1.taboola.com
1	criteo-sync.teads.tv
1	trends.revcontent.com
1	s.ad.smaato.net
1	contextual.media.net
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	cw.addthis.com
1	sync.outbrain.com
1	ups.analytics.yahoo.com
1	ads.yahoo.com
1	partner.mediawallahscript.com
1	cm.g.doubleclick.net	1 redirects
1	widget.us.criteo.com
1	sslwidget.criteo.com	1 redirects
1	mug.criteo.com
1	cf-images.us-east-1.prod.boltdns.net
1	vjs.zencdn.net	players.brightcove.net
1	trc.taboola.com
1	static.criteo.net	www.googletagmanager.com
1	js.trackinggrid.com	secure.palmbeachgroup.com
1	players.brightcove.net	secure.palmbeachgroup.com
1	tracking.legacyoffers.com	secure.palmbeachgroup.com
1	amplifypixel.outbrain.com
1	up.pixel.ad	www.googletagmanager.com
1	a.quora.com	secure.palmbeachgroup.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	cdn.listrakbi.com	secure.palmbeachgroup.com
1	gsdpeazjjf.execute-api.us-east-1.amazonaws.com	secure.palmbeachgroup.com
1	s3.amazonaws.com	secure.palmbeachgroup.com
1	fonts.googleapis.com	secure.palmbeachgroup.com
1	marketingassets.cloudsna.com	secure.palmbeachgroup.com
1	cdn.mxpnl.com	secure.palmbeachgroup.com
1	click.exct.legacyresearch.com	1 redirects
177	74

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-09-23` - `2022-10-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-05-02` - `2022-06-22`	2 months	crt.sh
quora.com R3	`2022-05-08` - `2022-08-06`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.quora.com R3	`2022-03-27` - `2022-06-25`	3 months	crt.sh
tracking.legacyoffers.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2021-08-04` - `2022-08-04`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
js.trackinggrid.com cPanel, Inc. Certification Authority	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.adapter.ooyala.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-13` - `2022-06-14`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Frame ID: 082FBD19E96D0A65348C325B3BF66A52
Requests: 142 HTTP requests in this frame

Frame: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=402
Frame ID: 072598034675C48F88CBA9ADB8CFFB3D
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Frame ID: FDCCB7DE5F4609BFEA3EF0DA841AA22A
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: E546FF5ADA187458EC759710AA4748D4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=secure.palmbeachgroup.com&origin=onetag
Frame ID: 0D1846BCED3A017B01876AA7E33A993F
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_gid=CAESEE-OyDpDQX71ytJsMgx2mO0&google_cver=1&google_ula=913071,0
Frame ID: CCF69ADBD619F1BBD9600385D79BF0AD
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Palm Beach Research Group

Page URL History Show full URLs

https://click.exct.legacyresearch.com/?qs=404d0368ffe2f3bf663a050433722866a4d9089cf9bae01e4efc5bdf0d29819a2b86e182... HTTP 302
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

177
Requests

89 %
HTTPS

37 %
IPv6

56
Domains

74
Subdomains

65
IPs

9
Countries

6755 kB
Transfer

17681 kB
Size

62
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.exct.legacyresearch.com/?qs=404d0368ffe2f3bf663a050433722866a4d9089cf9bae01e4efc5bdf0d29819a2b86e182b0f4993a9fff858f08f009ad1ec733a69681b9a1 HTTP 302
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://gum.criteo.com/sid/json?origin=onetag&domain=palmbeachgroup.com&sn=ChromeSyncframe&so=0&topUrl=secure.palmbeachgroup.com&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=83RzM3xxa214OGdYZFkxM0FzdjlxbDQ2MERzdi9ENm1tZHVidUhZc2JuNE8vZS9jY1hQZ0FhOUlHb1BnMWZkVzkwMWRuZVo3OEhCWDFmSGRFbU1OMzhrOGw0WFdQTXd1NGd5V2J0V2JOSGlSRnJVdmVGMVJVVHVLWkVrQmM1NmF6WTRHWkNEbUZjcVpxMHRYaGxSODZnU3gxZi8wRFhYUmlYQmdDeURueHpzdnVnWHBESzBja2NIdWgzbWtwYnhkeXNIUUd4Slc5eEtmYWQxVlRVY1BzTGJqZHI3U3lzME93dDd5L2RZdHZmMkJmaGdjNmowSFluak1kQXJyV2laT2lwYUgzaDVIQ0pRTWNhTlVkaGYrV3o4U0xGdz09fA&cppv=2

Request Chain 133

https://sslwidget.criteo.com/event?a=94539&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVVrbllPclFEOVN5eE9WTnVKa1ZlRTZYTnJCVlNzRG40MU1sdUhOc0tlT29iSmN4cXViRGx4MWR6anQ4RE96eWFRNjclMkJHWmVYVGllV0RSVUprYTc1WiUyQlUlMkZ6dTVqWVVrSE1vY0trTWg3TkdpVEpsTHhtJTJCRSUyRmlOMkVnJTNE&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&dtycbr=67603 HTTP 302
https://widget.us.criteo.com/event?a=94539&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVVrbllPclFEOVN5eE9WTnVKa1ZlRTZYTnJCVlNzRG40MU1sdUhOc0tlT29iSmN4cXViRGx4MWR6anQ4RE96eWFRNjclMkJHWmVYVGllV0RSVUprYTc1WiUyQlUlMkZ6dTVqWVVrSE1vY0trTWg3TkdpVEpsTHhtJTJCRSUyRmlOMkVnJTNE&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&dtycbr=67603

Request Chain 137

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1652178530500&cv=9&fst=1652178530500&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1 HTTP 302
https://www.google.com/pagead/1p-user-list/456578300/?random=1652178530500&cv=9&fst=1652176800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1051882287&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-user-list/456578300/?random=1652178530500&cv=9&fst=1652176800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1051882287&resp=GooglemKTybQhCsO&ipr=y

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_cm&google_hm=ay1NSWU0cXMtV3NCWnFURmIxMUdnR3lCXzBhZ19LVWtsR0RjcUxsUQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_gid=CAESEE-OyDpDQX71ytJsMgx2mO0&google_cver=1&google_ula=913071,0

Request Chain 153

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=SslE8jeMcgnPwNBt_EF7M4d9KXbqPqVi

Request Chain 162

https://secure.adnxs.com/setuid?entity=52&code=k-BVjeUc-WsBZqTFb11GgGyB_0ag8kZTZ-2V3AOA&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BVjeUc-WsBZqTFb11GgGyB_0ag8kZTZ-2V3AOA%26seg%3D95287

Request Chain 163

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3437132892970899307

Request Chain 165

https://eb2.3lift.com/xuid?mid=2711&xuid=k-qvltB8-WsBZqTFb11GgGyB_0ag9gyFsa64Ghjg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-qvltB8-WsBZqTFb11GgGyB_0ag9gyFsa64Ghjg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 167

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g&C=1

Request Chain 169

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-F3A2dM-WsBZqTFb11GgGyB_0ag9pmfBlVhnZog&expires=30&user_group=5 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F3A2dM-WsBZqTFb11GgGyB_0ag9pmfBlVhnZog&expires=30&user_group=5

Request Chain 175

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-247Jx8-WsBZqTFb11GgGyB_0ag8GuE2N2canuQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-247Jx8-WsBZqTFb11GgGyB_0ag8GuE2N2canuQ

Request Chain 176

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA&_li_chk=true&previous_uuid=75057f4637e340df99bafd9fc1ae0864 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA

Request Chain 179

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-bNGPuc-WsBZqTFb11GgGyB_0ag_mQZixeTUV5w&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 180

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6078489531630264675

Request Chain 181

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/G05wy98sdcHwt9yN4P6Oj1MtQozd4E2r/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7425947803823899191

177 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.palmbeachgroup.com/
Redirect Chain

https://click.exct.legacyresearch.com/?qs=404d0368ffe2f3bf663a050433722866a4d9089cf9bae01e4efc5bdf0d29819a2b86e182b0f4993a9fff858f08f009ad1ec733a69681b9a1
https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&ema...

2 KB
1 KB

601ms
566ms

Document
text/html

2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7091fd695ed35b6e-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 10 May 2022 10:28:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
via: 1.1 759fdd9f923ecbc08bad5c12c5d4db9a.cloudfront.net (CloudFront)
x-amz-cf-id: Cle8K1rC-pkVbPZou5GXovqyoStNLbRX58QQUFlr6hSfZV5t1nZG_w==
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
x-amz-version-id: null
x-cache: Miss from cloudfront

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 384
Content-Type: text/html; charset=utf-8
Date: Tue, 10 May 2022 10:28:44 GMT
Location: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 64ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d84"
vary: Accept-Encoding
x-hw: 1652178526.dop124.am5.t,1652178526.cds247.am5.hn,1652178526.cds312.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jsencrypt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ 55 KB
16 KB 69ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1075874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15539
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-db4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aZGuIEwGbbNfuiunwp4KkJ1Hvg1AImV3PdH4P2J%2BT0JJB7rC0Ycw%2BgoYVRy26akN6aHXWZUCjJdEif4WbPLl79j1TkwO0MmiOzmCdaQOTV5%2F8AArEfH%2BIZFx2%2F8jx2UMW43XtvuvNjZ6JBnirSdjccj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7091fd6d389e9b55-FRA
expires: Sun, 30 Apr 2023 10:28:46 GMT

GET
H2 200 zuora-min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 16 KB
6 KB 456ms
455ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/zuora-min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8717eadc3b97c75e83d74067e6e042bbca4febc6b6dc4e267b536fb76571b2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 06 May 2022 20:03:58 GMT
x-amz-cf-pop: CPH50-C1, TXL50-P3
x-amzn-requestid: 361d77f8-b01f-4199-87ce-8ceec4bcb099
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RuDPTGNDoAMF6hQ=
content-length: 6273
last-modified: Sat, 22 Sep 2018 11:08:10 GMT
server: cloudflare
etag: W/"7d86df81888eae28ff563475df84af7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: luvJNm4NbI_LUJYsawMnr4af0VHx8MG7
via: 1.1 76ab02fad35a55e39b30639d4e6784bc.cloudfront.net (CloudFront), 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b8c5b6e-FRA
x-amz-cf-id: UV5Q9ay-vLPgo0x9bOtuD2N93czz8tSYIH97lnko6CMbTANAWWs6mA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 postToIframe.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 2 KB
1009 B 483ms
482ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/postToIframe.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Fri, 06 May 2022 20:03:58 GMT
x-amz-cf-pop: CPH50-C1, TXL50-P3
x-amzn-requestid: f1664ae5-ae93-4c19-9f1a-015fce604099
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: RuDPQFTTIAMFm7A=
content-length: 607
last-modified: Sat, 22 Sep 2018 10:04:10 GMT
server: cloudflare
etag: W/"3934dce8d049fb2790a29e7de331d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: jcZd1q0X4PG.0tDIV.AM4TZ5jHnAmWBj
via: 1.1 fdf9e7e5ec65d753124196745d150f16.cloudfront.net (CloudFront), 1.1 bdb48db5b688ca8c8dee7661b221599a.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b8f5b6e-FRA
x-amz-cf-id: B6v6nLvbcpXHYvYzfokZdE_zsm_Wv-eQvqYkAUV54DoxADrUnJCJVg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 encryption_util.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 6 KB
2 KB 482ms
480ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/encryption_util.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sun, 08 May 2022 20:04:56 GMT
x-amz-cf-pop: DUS51-P1, TXL50-P3
x-amzn-requestid: 79548aed-2c08-4549-9a3c-ca11be270c97
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R0pQUHYvoAMFrzA=
content-length: 1589
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"a4562de2bcce9e6631abf61e5a04728b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: .RXPgt8IOHDC5kcSlGGlyGGq.lruUQic
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront), 1.1 a0c77ad2e3f5bbf63535bc898f348e5a.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b915b6e-FRA
x-amz-cf-id: -aFsnZcLz3HmdrhV0WgES49uCXgkaaz3m-_XqRIALEfgWfZxKFs3Ww==
x-amzn-remapped-connection: keep-alive

GET
H2 200 HPM2Security-min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 44 KB
14 KB 466ms
464ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/HPM2Security-min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sun, 08 May 2022 20:04:56 GMT
x-amz-cf-pop: DUS51-P1, TXL50-P3
x-amzn-requestid: b783b9c0-cc1a-489d-ae8c-4b1c22f9c62c
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R0pQUHHKIAMFxPA=
content-length: 13465
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"5c56f33a7d1fcd065fa2bd0fa7758d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: F1zb.i6q7MEDZAdQsvHFruscv_FKHXVQ
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront), 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b955b6e-FRA
x-amz-cf-id: kR4sW7q2I5UFzAQrP9fdYOCm0yoQr1ItWSthvMDuiOTuPI3kYhNvMw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery.payment.min.js Show response
secure.palmbeachgroup.com/store/PROD/plugins/jquery-payment/ 8 KB
3 KB 448ms
446ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/plugins/jquery-payment/jquery.payment.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 09 May 2022 10:29:07 GMT
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: 3e6f844e-7d7f-492c-be61-dfb235d03f16
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R2n2GEtBIAMF9rg=
content-length: 2713
last-modified: Wed, 21 Aug 2019 20:18:01 GMT
server: cloudflare
etag: W/"2ccb4360a6b212383716224d0b56bd21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: uVxF0OX6Rj_lsOZHo0OKGG0I2eVEXwcB
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront), 1.1 759fdd9f923ecbc08bad5c12c5d4db9a.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b965b6e-FRA
x-amz-cf-id: enX-8tP8Pn5ivB3cDkssfClaZ1nWS-s9Djs8pzm2d0LI8qqS_ZysmQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 62ms
21ms Stylesheet
text/css 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-8c85"
vary: Accept-Encoding
x-hw: 1652178526.dop124.am5.t,1652178526.cds247.am5.hn,1652178526.cds257.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2 200 store.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/revampstore/ 119 KB
17 KB 479ms
477ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/revampstore/store.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aed9bf2527a71a02eb69ac0e018a55b034067c67efcff7df6a428eac923dfe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 10 May 2022 09:16:59 GMT
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: 42e5ba37-9bc5-40ed-89dc-c78862f172c9
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R5wNzGddIAMFfcw=
content-length: 17137
last-modified: Fri, 29 Apr 2022 20:36:09 GMT
server: cloudflare
etag: W/"5c17af31fadd4a10f4c6eca9060145c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: iIF.3IV4C6qtmPG6rx1BhQDC.r9T5wDa
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront), 1.1 713ca272939518d00fa2a777781680ca.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b985b6e-FRA
x-amz-cf-id: p3tpMIlmM8NHuQcG6_Ou9sZ3qF-857rWt7d9OyCMBnwc5-xqKNmRJA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mygtm.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 474 B
833 B 304ms
302ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/mygtm.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 09 May 2022 20:51:15 GMT
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: 3a0a0615-a52d-4aec-a1be-a2d4123c3596
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R4C-nEmooAMFo6g=
content-length: 338
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"f01dbb5bc4745bf1f386572cdf22c8c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: 4.dw3bbUWT3wk0yaqGtXbpSm9ui25xti
via: 1.1 547a0375ec02f9b604ed007303b6266a.cloudfront.net (CloudFront), 1.1 0570c32dd309ece735b20cdea238c10e.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b9b5b6e-FRA
x-amz-cf-id: 5HORPsrLuVpXVWGleqwru7uUBfdNmX0U8McDCu9diNfUxuV1UmnHQg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 listrak.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 1 KB
938 B 475ms
474ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/listrak.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sun, 08 May 2022 20:04:56 GMT
x-amz-cf-pop: DUS51-P1, TXL50-P3
x-amzn-requestid: c821e55d-272a-4944-928e-bc85fb7787d7
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R0pQUEs9IAMFV8A=
content-length: 506
last-modified: Thu, 28 Jun 2018 20:46:57 GMT
server: cloudflare
etag: W/"cd9f94dd71125cb7fda1e1088aa19ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: W46Q95OyRSSEl7u8xZsbwfK4bzk35Yt_
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront), 1.1 f75621cd6e47ae7d0a4d07cd1877339c.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b9d5b6e-FRA
x-amz-cf-id: ew2m6zi9b0lQ3oJxgE8hdPhsHecn3n5wn7ZUxv9d8yQfgPsywtkeIA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mymixpanel.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 2 KB
1 KB 465ms
464ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/mymixpanel.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Sun, 08 May 2022 20:20:51 GMT
x-amz-cf-pop: CPH50-C1, TXL50-P3
x-amzn-requestid: 7778b3c0-c50b-4b7b-8e27-88887df54638
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R0rlfEFPoAMFcuQ=
content-length: 778
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"52928b3325fc59cf3a4b91c0e7b59c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: kgR13lhzSsVCRIE0MlY3UBQ0EPNv4JeB
via: 1.1 1eaba3be3fe032170d946b3b2ae3b2b8.cloudfront.net (CloudFront), 1.1 1bccf6a872dd296ef2ffc6656debd1f0.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd6d0b9e5b6e-FRA
x-amz-cf-id: gnt3TiX2bf1Q8xcHLecVzHhS7JA66f2qakIDWweRlloXWBA0zB9KhQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 79ms
39ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-7f20a"
vary: Accept-Encoding
x-hw: 1652178526.dop124.am5.t,1652178526.cds247.am5.hn,1652178526.cds015.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 runtime.js Show response
secure.palmbeachgroup.com/ 6 KB
2 KB 590ms
590ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/runtime.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cc82b6dc651cd71361f7da0d6cc98c685f093aeb9d57ae99069aba15409a024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
via: 1.1 713ca272939518d00fa2a777781680ca.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
etag: W/"c1ea2d53dbedcb859f724fc93b88bebd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7091fd6d0b9f5b6e-FRA
x-amz-cf-id: NNUpPyBCnk_IO9FJBQoqPMH1YQB3y_YKicjSlb8ySbcxTnNTFquQ8Q==

GET
H2 200 polyfills.js Show response
secure.palmbeachgroup.com/ 5 MB
905 KB 762ms
761ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/polyfills.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752451b4f3129531782a28b360e5a8dc6404fd33c490580ac3a24b43ad2bf8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
via: 1.1 71899bd3f76489e8a6e71cc77aaa6424.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:38 GMT
server: cloudflare
etag: W/"8348978ea5e536eea759b3f13aa07510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7091fd6d1bb05b6e-FRA
x-amz-cf-id: zpSCDZQBdRBWMq4ub5hS97ieIxmcoipZyytyCHyi6Bte0rXQ4hfjsA==

GET
H2 200 styles.js Show response
secure.palmbeachgroup.com/ 15 KB
5 KB 556ms
556ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/styles.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ad7e002b19264473dc3d4d79fb88278f950c24780982674c0ac1738b8b9614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
via: 1.1 b2373cd296c22c460cd352ec0beb0b2c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:38 GMT
server: cloudflare
etag: W/"c9304e2d8ec28f315647fd383799078b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7091fd6d1bb35b6e-FRA
x-amz-cf-id: kOxO9noFwCR2LeO7Bbxmh6bJAwfkb6jZOIfYLhXvTuRX-3-H9BMP5g==

GET
H2 200 vendor.js Show response
secure.palmbeachgroup.com/ 558 KB
106 KB 848ms
847ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/vendor.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cb42ed48451fec48eebe0f6a456350b1195238d69627819435825fc421e53c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:47 GMT
via: 1.1 6705fde62c89246795b7b0fe68d664cc.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:38 GMT
server: cloudflare
etag: W/"abfd6847d5991c0a84b4e9cac19a0ef6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7091fd6d1bb65b6e-FRA
x-amz-cf-id: U-0mUUbFq3U02B1MZPo1v1PmWTggvsgTOsqkavLrbRgfnGHUiofyTw==

GET
H2 200 main.js Show response
secure.palmbeachgroup.com/ 3 MB
553 KB 763ms
763ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/main.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e67c0ad03dc12ebfe255a3518ddb632cbb1cb73b836fc6374a790ec0909c3dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:46 GMT
via: 1.1 8b4e911b05f0c34bf3d36e7de31e2172.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:37 GMT
server: cloudflare
etag: W/"b8e7b335166a22e54c0dfb66bf72a4ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 7091fd6d1bb75b6e-FRA
x-amz-cf-id: PeW5dVl6PVVp-8pM3e9LxY58ptvbmZ23ExNTfbVB0YIjIqoP-mMWpg==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 106ms
34ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/mymixpanel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:20:21 GMT
content-encoding: gzip
age: 505
x-guploader-uploadid: ADPycduEV0aoPCiT9Jh9VYbPswUbYAhgJY6BZ4UebcCJmc3YTmLOFuC1oyh3yx8rfsvU_w0cKT5qSjuiagCzXqOEJl1SuYWMloy2
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 10 May 2022 10:30:21 GMT

GET
H2 200 getSiteDetails Show response
secure.palmbeachgroup.com/site/api/v1/ 271 KB
14 KB 887ms
886ms XHR
text/plain 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/site/api/v1/getSiteDetails?cid=MKT583247&eid=MKT632145&chainId=&plcid=PLC140060&preview=false&baseUrl=secure.palmbeachgroup.com
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f3adc55f0cad4cf80f4ff0c350f538d24700acde3f21e970a1fcc533f104b5

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:48 GMT
via: 1.1 84d656e175fe132f88df4f05bc6dc81c.cloudfront.net (CloudFront), 1.1 0570c32dd309ece735b20cdea238c10e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 277447
x-amzn-remapped-date: Tue, 10 May 2022 10:28:48 GMT
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: af066f99-c25e-477a-a403-ba7d5790f858
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-apigw-id: R56vDENpoAMFaCw=
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=ISO-8859-1
cf-ray: 7091fd76f9965b6e-FRA
x-amz-cf-id: B0GYMOkpOYo3At35lQDUmXHmQKHscG1icgp79pArxYoig8bYROCViQ==
x-amzn-remapped-connection: keep-alive

GET
H/1.1 200
OK legacyExternalJs.js Show response
marketingassets.cloudsna.com/prod/javascript/legacy/casey/ 2 KB
1 KB 309ms
276ms Script
application/javascript 2606:4700::6810:f41b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingassets.cloudsna.com/prod/javascript/legacy/casey/legacyExternalJs.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:f41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 01 Feb 2022 15:26:26 GMT
Server: cloudflare
x-amz-request-id: MAPJ2QH3ANZC5SB8
ETag: W/"af69bb3836d13060de7b6c61e0b79782"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
x-amz-version-id: 7E5q.ejfRs58tAIqNZGxszGsyyvAmP02
Content-Type: application/javascript
Connection: keep-alive
CF-RAY: 7091fd7eaf749c12-FRA
x-amz-id-2: VBR+BkcsgjaZndmpa989Ttv02LN3pIQrtZn3mxfCKlD36zVQ7Ni/TZ7XF+vDy59T4/fXpUNrYFo=

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 138ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&family=Rubik:wght@400;600;900&display=swap

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda94645e6dfe6b5abab8d3262d7802f325db5f5eba7cf088f58f365acafaf4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 10 May 2022 10:28:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 10 May 2022 10:28:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 10 May 2022 10:28:49 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 29ms
29ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6135974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgKM%2FQ3BV4pIQJAdQIrHaO%2FiqoIF5shRRDiQPF57idzixXvr0NLbvOpDSfW4FRuncj%2Bj%2FGijP4kzHH6OJoAwp6V%2FXsMQv0XfiPEVqetRsiEz%2FICbbdtjp%2FCdiP4lqbsrCDJaIHqJpIPRD1Fl3zvhFsuj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7091fd7e7a829b55-FRA
expires: Sun, 30 Apr 2023 10:28:49 GMT

GET
H/1.1 200
OK bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ 158 KB
158 KB 39ms
9ms Stylesheet
text/css 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/bootstrap.min.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6702be9b5abcb7f77401607c67f34715ed9e6fa331e941e27702d0ec121756bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 20:05:35 GMT
Via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
Last-Modified: Mon, 02 May 2022 19:43:01 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 53011
ETag: "3313c2852cb0b4e264c407de00f934b3"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 161649
X-Amz-Cf-Id: DvkJjmMi1KVHb-ScDet3YfN2mrTGKybZpWUyQ-mNLPgm-ajARumtOg==

GET
H/1.1 200
OK custom.css
d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/css/ 71 KB
72 KB 53ms
23ms Stylesheet
text/css 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/css/custom.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ee822b62dc3f42b8f8442ef52daca78fab784319a3f7def53f42aa8fed74661

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 12:11:05 GMT
Via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
Last-Modified: Fri, 28 Jan 2022 16:20:39 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 80265
ETag: "af278de227f67482250cecf1874a39f8"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 72710
X-Amz-Cf-Id: SMF7w_fK1UQOKRpJzTwgBlkYgy220SoowqneXI0h0DFAwEoUFkd5fQ==

GET
H/1.1 200
OK 1637699325186.css
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBL/inlinecss/ 433 B
913 B 411ms
116ms Stylesheet
text/css 3.5.6.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBL/inlinecss/1637699325186.css?versionId=dbgOkl6a06HskKr3j.XN6.qQeckx6O07
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.6.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4965a9ae619c0a248a186236a2aee27d1963adef65a94376ea709897c3dd2403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:50 GMT
Content-Encoding: utf8
Last-Modified: Tue, 23 Nov 2021 20:28:46 GMT
Server: AmazonS3
x-amz-request-id: MAPRTD41BAC0FFMV
ETag: "a945992b0b842aa3def2d287b300d7f4"
x-amz-version-id: dbgOkl6a06HskKr3j.XN6.qQeckx6O07
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 433
x-amz-id-2: XHwJI59nMU+a5X6Oj11uHftQom4jVjtIuqnWHzaw634cQzCU98EN/QYgb5KHVx/1uKlFI40lGsfz3H+GJRgeag==

GET
H2 200 versionId=T8euP5qcyZc1mjvfgTDO7yVWF1.JT1n3 Show response
gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/PBL/VideoLandingPage/1634568473644.html/ 7 KB
7 KB 411ms
374ms XHR
application/json 108.157.4.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/PBL/VideoLandingPage/1634568473644.html/versionId=T8euP5qcyZc1mjvfgTDO7yVWF1.JT1n3
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-28.dus51.r.cloudfront.net
Software: /
Resource Hash: 70f123ae18601c8cf650d2bb037c62f03e1b728d65fe974b8c69293ea5a3915d

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amzn-requestid: 080541e8-793a-4eaf-b69f-075f3d16d043
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-627a3e61-43ff537a4233b2da1cd8c21f;Sampled=0
x-amz-apigw-id: R56vPEOgIAMFbxQ=
content-length: 6672
x-amz-cf-id: 7AyOAzDLxdhGLY5T4MlpTd7XRUBFrqusL9s1h91PWkTla2Wr-rRP3g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 431 KB
96 KB 171ms
83ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/mygtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de2f571aa9db8cc6fd38c5f572c5c6b202f40d2d931faae0f0b617f3520c9c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97852
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:49 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 62 KB
20 KB 83ms
12ms Script
text/javascript 108.157.2.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=BrxgIoIXfWCS&v=1
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/listrak.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.2.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-2-11.dus51.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: a1a2c9f5eec6de7541b3a38a307f21a69bc1a1771dbe6c10876926d6ad7bb39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:21:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 420
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 19513
Last-Modified: Thu, 26 Sep 2019 14:35:21 GMT
Server: cloudflare
X-ltk: 4/25/2022 10:31:57 PM
ETag: "E4KO8Z/Ur3VrLu3p7flIiQ=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: DUS51-P2
Accept-Ranges: bytes
CF-RAY: 701be7b93ccd917c-FRA
X-Amz-Cf-Id: t02ueZF2hJgHf4d1J_1xIefgT2ZsRmc3yClktFtqkq4sfrrDDeh9kg==
Expires: Tue, 10 May 2022 11:21:49 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 540ms
167ms Script
text/javascript 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c13d73426844f982024d3b10c28365553a5f6f8591b4f4a1a3a59df48457c8a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:49 GMT
X-Correlation-Id: 85cea0ba-962c-4d86-b378-fc5a3b645f5b
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H2 200 bss-px.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 5 KB
2 KB 506ms
506ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Mon, 09 May 2022 09:23:08 GMT
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: 3028f3a8-1f26-49d5-8a58-5a38fd5bce54
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R2eLeEr7IAMFZOw=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 672096d0d92d3141442f75941c957076.cloudfront.net (CloudFront), 1.1 759fdd9f923ecbc08bad5c12c5d4db9a.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd7e7b315b6e-FRA
x-amz-cf-id: UwomC-dMQpXRx5dFppA6oLpv9RT5MOc_0sbUpGDZZwptHeImOHp2qg==
x-amzn-remapped-connection: keep-alive

POST
H2 200 generic Show response
secure.palmbeachgroup.com/snowflake/ 21 B
357 B 464ms
464ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/generic
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 1957d4cc5292a750b93cc06eb79b023e.cloudfront.net (CloudFront), 1.1 a0c77ad2e3f5bbf63535bc898f348e5a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: 77044a12-e0cd-4b10-a153-c010da29f2a2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-627a3e61-4d7ea25a1a7595366c605e5c
cf-ray: 7091fd7e7b365b6e-FRA
x-amz-apigw-id: R56vPGCsoAMFimQ=
content-length: 21
x-amz-cf-id: HHxjhuHY6ouAUIOoPnS_-9O-662qcVbYOFFsQE3GohkkiYYpMsRiQg==

GET
H2 200 getIds Show response
s1.listrakbi.com/BrxgIoIXfWCS/session/ 175 B
1 KB 161ms
122ms Script
application/x-javascript 104.18.6.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/BrxgIoIXfWCS/session/getIds?callback=ltkCallback6305&gsid=&_sid=&_tid=243866&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=BrxgIoIXfWCS&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.6.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b0524ecec5dfb97cedea605654472847c9797373b6be1333c5b40336a38f2c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 7091fd7f48d49128-FRA
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
37ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 580
date: Tue, 10 May 2022 10:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 10 May 2022 12:19:09 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 64 KB
22 KB 65ms
32ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4a7bb20a9253244cf4ddff2a3ac6aea8ae2bff1c0425f5273d013bb55a7ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3888
content-encoding: br
last-modified: Tue, 10 May 2022 09:24:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mvkFjXPRCnVayy2r96ck4PGjygP0dRotip8VjK2UphxSANVApq3tItNMJ2syr5hOJ%2FDPGsx3i7gNLRgddBNIn7W4CQczlhGqVNuHjhQkDuoXTzerv37W0lCgD3in2F99sN6wN9OpB4%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 7091fd8078bd9226-FRA

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 79ms
21ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: SE13ZYV9G348J14M
x-amz-id-2: dOzGoPrLAoE2KK1TDJ7umMBDyL/cIHSVDfz3FW9JHDknCi+1eqwM7SGjfFGbhRqc0gxhqdcLbgo=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
14 KB 28ms
6ms Script
text/plain 151.101.193.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu/rd96G+MwKyNRYSJ58xIWuc=&emailjobid=5148356&emailname=20220509-LGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
content-encoding: gzip
etag: "47078e63380c6b0cbbfb6d8508b25ee7"
age: 666
x-cache: HIT, HIT
content-length: 14031
x-amz-id-2: Mt5ixruyZQMuz2hyMbp/KTbIH5giRHNsfo1OkmpT5XkJbFR2kZYpxLrrBKhfsMq5S8uY+UYjOac=
x-served-by: cache-iad-kjyo7100114-IAD, cache-hhn4029-HHN
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
x-timer: S1652178529.341818,VS0,VE0
date: Tue, 10 May 2022 10:28:49 GMT
vary: Accept-Encoding
x-amz-request-id: TA3D3A2BNPW868DS
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 1, 207

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 54ms
15ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 497875
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: dd9cbc0a2245d601385e1736c5fa48ef

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 375ms
84ms Image
image/gif 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=006987b21e348a9f544b8e9c5329ce00df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:49 GMT
Cache-Control: no-cache
X-TraceId: 0d69a244d181fc2544d58a182f3ff26a
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/e105368420994e038ee8f447459557ab/ 43 B
422 B 395ms
98ms Image
image/gif 52.72.173.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/e105368420994e038ee8f447459557ab/pixel?j=1&u=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD&tag=ViewContent&ts=1652178529351

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.173.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-173-139.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,2a6e07af24ed966b0e8e0a7e3dca904e,10.0.0.201,3194,185.213.155.162,,29743107951,1,1652178529.695,0.001,,.,0,0,0.000,0.000,-,0,0,197,104,52,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
551 B 134ms
134ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1652178529029&event=gtm.js&gtm.uniqueEventId=17&_ts=1652178529404&_nmob=t&_device=desktop&url=secure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD&_v=3.0.26&_uid=aca6bfdd-10b1-4b71-b207-52112e12b336&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgO6Jm6BaZ9bWa0EdPGO754lAg5FSZmqpXYTj28JN02mhIvYPjZaSx71mtGQsoC8TFxXPZ%2BiX3%2FfRDy9DMKHFsVeZ8lbZmAqDXjkLjZQ4N%2BaxCpjcEVENFM8kRx3mTLgu9bWoWqoMIGC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7091fd80d9af9226-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 10028632.json Show response
s.yimg.com/wi/config/ 2 B
449 B 63ms
20ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10028632.json

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 09:48:59 GMT
x-content-type-options: nosniff
age: 2391
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: BJAZ59309CXYTXSV
x-amz-id-2: w5WdZiE35MKzXXnRi9WqIaJl63t6KqVK0cgwoqxqKgQ7pEtAp5vTwUZjQJtTf9GJVt2mUyraKhg=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H/1.1 200
OK aff_goal Show response
tracking.legacyoffers.com/ Frame 0725 88 B
522 B 140ms
31ms Document
text/html 34.246.99.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.legacyoffers.com/aff_goal?a=l&goal_id=402
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.99.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-99-35.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a62069a41aab6484d03efbadd64f45a860f0d75849acfd7966a23088aff7382d

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: Tune-SDK-Version
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 10 May 2022 10:28:49 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Request-Id: 898b145b722f119dac2c956c46643ca5

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ 79 KB
80 KB 8ms
7ms Script
application/javascript 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/bootstrap.bundle.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 04:44:50 GMT
Via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Jun 2020 13:27:40 GMT
Server: AmazonS3
Age: 20988
ETag: "7fd2f04e75bd7ab1a79d80cdd4c33085"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 81084
X-Amz-Cf-Id: v_0fkV6XypoGNUNlYZQYHUaxm8Qh1qFSXS03bGDCTyYKU_ctsBSOtQ==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5102072647001/0zLsWuD5UW_default/ 676 KB
184 KB 478ms
430ms Script
application/javascript 92.122.144.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.144.81 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-144-81.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: Q_CSnOmrD43lt5GQ4.FnJiRrxgH4vQB2
Content-Encoding: gzip
ETag: "b037efb4398a11d20810bda5ec4664a4"
x-amz-request-id: 531WHAAP2C5K7HKJ
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 188063
x-amz-id-2: qigXMfZVfmGntbpk+/I5WyHeEt2gS5xmGwd0qifo+FGtmCFU4SXJjKElfsobmf7uXqH8FDwX+dg=
X-BCOV-Response-Mode: 1
X-Served-By: cache-lin2290021-LIN
Last-Modified: Fri, 04 Mar 2022 17:13:39 GMT
Server: AmazonS3
X-Timer: S1647859957.559128,VS0,VE445
Date: Tue, 10 May 2022 10:28:49 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=272
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H/1.1 200
OK ouibounce.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ 2 KB
2 KB 8ms
7ms Script
application/javascript 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ouibounce.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 08:44:02 GMT
Via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Apr 2020 20:03:18 GMT
Server: AmazonS3
Age: 6721
ETag: "aa63b6f263c50e0cd2636cce8c794214"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 1626
X-Amz-Cf-Id: kSk-mcZiNCMYVOubn14m7yJYWLDVNIJRzOyLL37yo_YL6daKQHDKSQ==

GET
H/1.1 200
OK lr-data-pb.js Show response
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/ 10 KB
11 KB 24ms
15ms Script
application/javascript 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.0.7/lr-data-pb.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b16866b87b8808c3b0f8669a7246c1896d65c886a06a8e79a65af86017c33b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:49 GMT
Via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
Last-Modified: Wed, 28 Apr 2021 15:11:24 GMT
Server: AmazonS3
Age: 14583
ETag: "65707f62b71fbf9cf4810a78e1c7d536"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 10477
X-Amz-Cf-Id: tGF6oMM_RJHZYwnOP-Fpo68im78BZ9DoMJlBCWAljy3bqjGFEFikow==

GET
H/1.1 200
OK v-zoom-alt.js Show response
d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/js/ 8 KB
8 KB 21ms
10ms Script
application/x-javascript 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/js/v-zoom-alt.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fea6a995f719305ce605045cc3a57bdd0c7115bcfa66b26f0b63ff28f79f3365

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 12:11:05 GMT
Via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jan 2022 18:48:50 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 80264
ETag: "e1a86ac2ebe47094af4c09aba1fe53e8"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 7957
X-Amz-Cf-Id: Z9nFsxmxVjR428Xx8gS1-pTOrVR8BAAyxEaYloyaFh7uHVj_3QCqVg==

GET
H/1.1 200
OK teeka-tiwari-circle.png
d3bjnmbj12697.cloudfront.net/_/headshots/ 71 KB
72 KB 25ms
10ms Image
image/png 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/_/headshots/teeka-tiwari-circle.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5e1837dada0ad7bb636eac26701265690c759923bafd7875a00d9406420224a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 09 May 2022 10:50:50 GMT
Via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
Last-Modified: Wed, 14 Jul 2021 19:17:00 GMT
Server: AmazonS3
Age: 85080
ETag: "8f2ea8683d788c3521d1aed5ae02d1f8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 72845
X-Amz-Cf-Id: R6yad1EC7ALGz-itUoYLRvmFxs8_anKD6RRVzy9VyXwAgB6eprTBLg==

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/e105368420994e038ee8f447459557ab/ 43 B
423 B 386ms
97ms Image
image/gif 52.72.173.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.173.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-173-139.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,f2048f7d01ef5d7add7a54a3727b1e8e,10.0.0.201,29716,185.213.155.162,,29416821098,1,1652178529.784,0.001,,.,0,0,0.000,0.000,-,0,0,197,119,59,10,34729,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK crypto-flag.jpg
d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/img/ 105 KB
106 KB 26ms
12ms Image
image/jpeg 2600:9000:2057:7600:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/p/pbl/2110-american-crypto/img/crypto-flag.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBL/inlinecss/1637699325186.css?versionId=dbgOkl6a06HskKr3j.XN6.qQeckx6O07
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7600:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e127bcfa908eef579a98d6824b52fab529458616c89c4aefaf1703d0a13c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 09:58:21 GMT
Via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
Last-Modified: Mon, 25 Oct 2021 21:04:58 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 1829
ETag: "a90e6f5e0b6731e8e1b1862da5e6663b"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 107676
X-Amz-Cf-Id: aE0AzXFxoL7aD0UNMEVXGye51jW1pLMn8qkTTXsS_5j2pLTBO_bHEw==

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 57ms
37ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 382953
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGMjJB%2BvsxZKftwxk%2FeBsQCrVO0YTvRePRFgOu5JSWShKNYotnK%2B1LxHAdTkM1hd%2B55cltM2xlmvn%2BJnleqdP0IclniCfzcK0hKojO2Gr%2Bj3vYAVvBdIH1s9IAXfjxZGsaveiZy6tile7BK4g2uwb2CG"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7091fd813ffa90c0-FRA
expires: Sun, 30 Apr 2023 10:28:49 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 114ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2010%20May%202022%2010%3A28%3A49%20GMT&n=0&b=Palm%20Beach%20Research%20Group&.yp=10028632&f=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Tue, 10 May 2022 10:28:49 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=740180281&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1983473315&gjid=2035981382&cid=903408390.1652178530&tid=UA-87443958-7&_gid=86485704.1652178530&_r=1&gtm=2wg590PSPS9BF&z=746929292

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 114ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=740180281&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=903408390.1652178530&tid=UA-87443958-7&_gid=86485704.1652178530&gtm=2wg590PSPS9BF&z=1542345943

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 May 2022 23:31:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39455
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aca6bfdd-10b1-4b71-b207-52112e12b336 Show response
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 159 KB
18 KB 159ms
158ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/aca6bfdd-10b1-4b71-b207-52112e12b336?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22aca6bfdd-10b1-4b71-b207-52112e12b336%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22secure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1%22%2C%22_v%22%3A%223.0.26%22%7D&ts=1652178529581&callback=u_818511443944133200

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d4296e70b0fcdaa22feb27d4934acb48370754b51b992945e2f0c1e80daabb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray: 7091fd81ebc59226-FRA
date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AT92VfoEiMEtE71r6KntczmNOT0XvhPWj7wnAM1LNJ4lUnjs8jVvG%2BLN2m0W052bhepDAidf2yg7PAJFJoGYaDY4vrDIfy7W7lsZwE1MWYFLgP9F0asC2aCYGdwTJrjhMHF4WIAUP5pJ"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
313 B 133ms
132ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1652178529568&_nmob=t&_device=desktop&url=secure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&_uid=aca6bfdd-10b1-4b71-b207-52112e12b336&_v=3.0.26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EowSRSaylfRTXdzH6McLs08FBybic27Xs1udLvGXIdIJuhiIFW%2BQqwozWrB07i192Z%2FixSIWw%2BwVunQyyUcYLCtoH0Yrsj63RWpRRt85ZSNhydbA7jCzRQAViMtWlhrovs7iMt%2BET78d"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7091fd81ebca9226-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 2 KB
1 KB 694ms
694ms XHR
text/html 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD&assetId=AST207430&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 713ca272939518d00fa2a777781680ca.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
cf-ray: 7091fd820fb35b6e-FRA
x-cache: Error from cloudfront
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-type: text/html
x-amz-cf-id: jZjSiGosOPs6sZvd3mgsndp6z0iTE1XHEJYS782d9AeogEh7j20ALQ==

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 504ms
167ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: df87aef3314a94ec615fde72011ce11c0d16d24965f9495cd4b393438f1c7871

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
X-Correlation-Id: 99b17f1f-3ca8-4b97-8ac5-02293d5b85ab
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame FDCC 22 KB
22 KB 168ms
168ms Document
text/html 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: f6335ae689dcd5b773e218fbd267dedaa77e1866fbf14e64b018453ceab80827

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Tue, 10 May 2022 10:28:49 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: 2d73910c-5bac-4740-b547-4443d0db9cdf

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
446 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87443958-7&cid=903408390.1652178530&jid=1983473315&gjid=2035981382&_gid=86485704.1652178530&_u=YEBAAEAAAAAAAC~&z=303131963

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 May 2022 10:28:49 GMT
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 46ms
45ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=740180281&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=714475438&gjid=15496560&cid=903408390.1652178530&tid=UA-170962029-3&_gid=86485704.1652178530&_r=1&gtm=2wg590PSPS9BF&z=1966043167

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 64ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B17A11F698F243E995F3A0A31E1AF9F1 Ref B: FRAEDGE1520 Ref C: 2022-05-10T10:28:49Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 10 May 2022 10:28:49 GMT
accept-ranges: bytes
content-length: 11333

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 128ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-474630786

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ecc52ea3ec5df896596575380daad17b5e1d91cd5707c625496bfe485b69acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42233
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:49 GMT

GET
H/1.1 200
OK / Show response
js.trackinggrid.com/lr/ 863 B
1 KB 335ms
109ms Script
application/javascript 209.59.154.196
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://js.trackinggrid.com/lr/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.154.196 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:49 GMT
X-Content-Type-Options: nosniff
X-Original-Content-Length: 1062
Server: nginx
Etag: W/"PSA-aj-JPd0QB94FZ"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2581507
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 863
Expires: Thu, 09 Jun 2022 04:59:28 GMT

GET
H2 200 bss-px.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 5 KB
2 KB 405ms
404ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js?affiliateId=2000&brandId=2003
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD&assetId=AST207430&page=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 10 May 2022 08:02:44 GMT
x-amz-cf-pop: DUS51-P1, TXL50-P3
x-amzn-requestid: 568c6448-897d-474d-9fd3-c12fc2d48c3b
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: R5lVuH3ZIAMF5RA=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront), 1.1 bdb48db5b688ca8c8dee7661b221599a.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 7091fd8308ef5b6e-FRA
x-amz-cf-id: ueM13iw9poYedX52xv_bH_t_XR923zmkvA4il0ryobntWzv6wyqnPQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 41 KB
14 KB 49ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 06:27:13 GMT
server: nginx
etag: W/"626a33c1-a5a0"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 11 May 2022 10:28:49 GMT

POST
H2 200 generic Show response
secure.palmbeachgroup.com/snowflake/ 21 B
315 B 518ms
518ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/generic
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD&assetId=AST207430&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 1957d4cc5292a750b93cc06eb79b023e.cloudfront.net (CloudFront), 1.1 b2373cd296c22c460cd352ec0beb0b2c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: TXL50-P1, TXL50-P3
x-amzn-requestid: 3fdd9c72-4c17-4456-ba7f-04fa8b4a1c3d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-627a3e62-4ed6dbf7596a87004024b9d0
cf-ray: 7091fd8318f95b6e-FRA
x-amz-apigw-id: R56vWHvRIAMFf_A=
content-length: 21
x-amz-cf-id: GIIgKpTTfe56dwMg94pieufgszfCWoMeqn12cZf1EGgbfPS2i6nVYQ==

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
229 B 38ms
15ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3Daca6bfdd-10b1-4b71-b207-52112e12b336%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1652178530.797422,VS0,VE9
x-served-by: cache-hhn4064-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-170962029-3&cid=903408390.1652178530&jid=714475438&gjid=15496560&_gid=86485704.1652178530&_u=aEDAAEABAAAAAC~&z=137612613

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 May 2022 10:28:49 GMT
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 134025694.js Show response
bat.bing.com/p/action/ 0
119 B 211ms
211ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134025694.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81FBB3368EAC4A48986FCDD7CF1DF825 Ref B: FRAEDGE1520 Ref C: 2022-05-10T10:28:49Z
date: Tue, 10 May 2022 10:28:49 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134025694&tm=gtm002&Ver=2&mid=15ea67a6-b40a-4c46-a76f-013acf67641e&sid=fb44de20d04b11eca13423ffe5aeef5e&vid=fb451d50d04b11ec88aaa7cccc931ea5&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Palm%20Beach%20Research%20Group&p=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&r=&lt=2689&evt=pageLoad&msclkid=N&sv=1&rn=800341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE3469A58DAC462EBB46533418DE0ADE Ref B: FRAEDGE1520 Ref C: 2022-05-10T10:28:49Z
date: Tue, 10 May 2022 10:28:49 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 154ms
62ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=903408390.1652178530&jid=714475438&_u=aEDAAEABAAAAAC~&z=790274383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 149ms
62ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=903408390.1652178530&jid=714475438&_u=aEDAAEABAAAAAC~&z=790274383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame E546 0
0 69ms
22ms Document
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD&assetId=AST207430&page=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Tue, 10 May 2022 10:28:49 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 200 77c21d510266169b
pixel.sitescout.com/up/ 43 B
267 B 605ms
558ms Image
image/gif 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 124ms
47ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 May 2022 10:28:50 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame FDCC 0
299 B 167ms
167ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 0d6fabc3-4e2d-42f5-b96f-ec53f45da5d0
Content-Length: 0
Expires: 0

OPTIONS
H2 200 6279058424001
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ Frame 0
0 39ms
7ms Preflight 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6279058424001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://secure.palmbeachgroup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
bcov-debug-cache-stats: unknown
bcov-instance: unknown
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 10 May 2022 10:28:50 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-amz-cf-id: unknown
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4082-HHN
x-timer: S1652178530.078712,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 29ms
6ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-hhn4057-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 6132

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 131ms
47ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 10 May 2022 10:28:50 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 131ms
49ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 10 May 2022 10:28:50 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 6279058424001 Show response
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ 5 KB
5 KB 7ms
7ms XHR
application/json 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6279058424001
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a2afff5109d4c83c954057605a189d8f2092a11a6bb40436b36474289f3df85

Request headers

Accept: application/json;pk=BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

bc-override-client-ip: 213.197.95.10
date: Tue, 10 May 2022 10:28:50 GMT
powered-from: eu-central-1a
bcov-request-id: d6726ddb-e03b-41f4-8566-f6cb98e3ea40
age: 2996
policy-key-accountid: 5102072647001
x-cache: HIT
access-control-allow-origin: *
powered-by: BC
content-length: 4626
x-served-by: cache-hhn4082-HHN
bcov-instance: unknown
policy-key-raw: BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
x-timer: S1652178530.086544,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
bcov-debug-cache-stats: unknown
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-amz-cf-id: unknown
x-cache-hits: 1

GET
BLOB 200
OK f0bf4f12-d6ba-49f3-81b4-eddb14a90eca
https://secure.palmbeachgroup.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/f0bf4f12-d6ba-49f3-81b4-eddb14a90eca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 108ms
47ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=1a9c8c4a6600e6d02b37e8af&account=5102072647001&destination=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&platform_version=6.27.0&player=players.brightcove.com%2F5102072647001%2F0zLsWuD5UW_default&player_name=Marketing%20Player%20-%20No%20autoplay&source=&usage=inpage-embed&event=player_load&time=1652178530062&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=47400000&qos.performance.memory.totalJSHeapSize=53500000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1652178527842&qos.performance.timing.loadEventStart=1652178527842&qos.performance.timing.domComplete=1652178527842&qos.performance.timing.domContentLoadedEventEnd=1652178527842&qos.performance.timing.domContentLoadedEventStart=1652178527841&qos.performance.timing.domInteractive=1652178527841&qos.performance.timing.domLoading=1652178526220&qos.performance.timing.responseEnd=1652178526217&qos.performance.timing.responseStart=1652178526216&qos.performance.timing.requestStart=1652178525651&qos.performance.timing.secureConnectionStart=1652178525629&qos.performance.timing.connectEnd=1652178525651&qos.performance.timing.connectStart=1652178525616&qos.performance.timing.domainLookupEnd=1652178525616&qos.performance.timing.domainLookupStart=1652178525615&qos.performance.timing.fetchStart=1652178525615&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1652178525153&qos.performance.bcInit=52.39999771118164&qos.player.dimensions=%5B%5B1652178530062%2C%22300x150%22%2C%22800x450%22%5D%5D&qos.player.pixelratio=%5B%5B1652178530062%2C1%5D%5D&qos.player.screendimensions=%5B%5B1652178530062%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 10 May 2022 10:28:50 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame FDCC 0
299 B 223ms
168ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 5312ab70-7e41-4415-beac-6777c85f0cb1
Content-Length: 0
Expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/474630786/ 3 KB
2 KB 144ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/474630786/?random=1652178530070&cv=9&fst=1652178530070&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2510b62a672a6419a1b30e01856df7f6d598f3ba03beff5159c3d9c63a1bcb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 79ms
48ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 10 May 2022 10:28:50 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET thumbnail.webvtt
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/ 0
0

GET
H2 200 thumbnail.webvtt Show response
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/ 159 KB
159 KB 13ms
7ms XHR
text/vtt 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/thumbnail.webvtt?fastly_token=NjI3YTllOGRfNjhlMzgwZDcwY2VjN2RiMmNlMDQ2NzBlNjEwMjc2YzZmN2JmMDEzYzI3NWVhZjlhYmIzMzZiMGM5MjdjMzM1ZA%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ad6ed96fa72bd5ee2c468f5c8a4d316d0eb6832beb1d58aefc022a8c83f504bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 varnish
age: 2405
x-powered-by: BC
x-cache: HIT
content-length: 162380
x-served-by: cache-hhn4082-HHN
x-device-group: desktop-chrome
x-timer: S1652178530.114162,VS0,VE0
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/vtt; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/9e90e97a-26ac-43ad-ac4d-ac50fe54c822/1280x720/match/ 145 KB
146 KB 83ms
10ms Image
image/jpeg 143.204.213.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/9e90e97a-26ac-43ad-ac4d-ac50fe54c822/1280x720/match/image.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.213.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-213-109.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 2e4300071c7d7ee2228bc47f31403c8c4c6511f5a0b8bd102df8802d85c43dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:43:19 GMT
Via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 8531131
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: DktuKWRB7CjLIURVJpM_hK749h83RRU7-6qU5FSF3Ch8gQlcFHlhxw==
Expires: Tue, 31 Jan 2023 16:43:19 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/10s/ 7 KB
7 KB 18ms
17ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/10s/master.m3u8?fastly_token=NjI3YTllOGRfNTlhMmExY2NjODkzMmUwMThhZTllYjQ1MWJlMDIyYjczN2NmMWYyNjI1YjMxNzYyNGM2YjI2NmU2Zjc0ZGVhNw%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 99356dc8446fa17f7e3ed97d8bf956429b4f7f1596fae9d6c3c8881aff21aeb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 varnish
age: 2405
x-powered-by: BC
x-cache: HIT
x-bolt-device-group: desktop-chrome
content-length: 7279
x-served-by: cache-hhn4082-HHN
x-device-group: desktop-chrome
x-timer: S1652178530.116813,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
299 B 168ms
168ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 7a73bcb7-5ded-46ec-9d9f-6a980f2fbffc
Content-Length: 0
Expires: 0

GET
BLOB 200
OK 3d5ec058-65b3-4e75-b20c-b018f34fcc6c
https://secure.palmbeachgroup.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/3d5ec058-65b3-4e75-b20c-b018f34fcc6c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-753664851

Requested by

Host: js.trackinggrid.com
URL: https://js.trackinggrid.com/lr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

03bab266dee11b8c2a0ecce7b77546f0529824c1bd00a52bd92717e42c296207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 48ms
48ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/0zLsWuD5UW_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 10 May 2022 10:28:50 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/10s/ 203 KB
203 KB 9ms
8ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/10s/rendition.m3u8?fastly_token=NjI3YWEwZGNfODcwYzI0NDE5NzBlMmJkNzQwODhhZTMyNDFlOWQxMGUwMWY0YWNjODkxNTdmMTJiZTMwZjdjMGQwMWQ3NmFiMQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: d0e2313bdcff05854bc0d822e224ff10edad4859edffdec3db2ca8fe2355908b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 varnish
age: 232
x-powered-by: BC
x-cache: HIT
content-length: 207539
x-served-by: cache-hhn4082-HHN
x-device-group: desktop-chrome
x-timer: S1652178530.159565,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame FDCC 0
299 B 301ms
167ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 800f4631-9a10-48f7-8fb7-04369b35be58
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame FDCC 0
299 B 414ms
167ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 961b3045-938e-4d39-95bd-945716abd45e
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame FDCC 0
299 B 468ms
167ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=b4aed4662ce64477a62673a2e03e6df2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 5869cd48-2a62-4735-bda6-f61905617d99
Content-Length: 0
Expires: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/10s/ 204 KB
204 KB 8ms
8ms XHR
application/x-mpegurl 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/10s/rendition.m3u8?fastly_token=NjI3YWEwZGNfZjc1ZWQzMTc4MWQ4OGM0NWZmMjM0MjBhMDkyOTYwZjQzYzhhM2M0MTkxNDVjNGVlNDAyZjEzYTA4MmY5MTFlMw%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: dcf1251260e42096bdbbf9fe9d116da6f804e275c20516045fe139fd96dac7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 varnish
age: 232
x-powered-by: BC
x-cache: HIT
content-length: 208985
x-served-by: cache-hhn4082-HHN
x-device-group: desktop-chrome
x-timer: S1652178530.192300,VS0,VE1
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 1

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 2 KB
730 B 1062ms
1062ms XHR
text/html 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD&assetId=AST207430&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
via: 1.1 713ca272939518d00fa2a777781680ca.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-build:78c2b29d-130a-4bcd-8639-e2b8e83cc146
cf-ray: 7091fd85ccb15b6e-FRA
x-cache: Error from cloudfront
content-encoding: gzip
x-amz-meta-codebuild-content-md5: ba9a882aec8c4435508a913fdc5e5c83
x-amz-version-id: null
last-modified: Tue, 19 Apr 2022 15:14:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-meta-codebuild-content-sha256: 5f2edbdd7db3e9c49e942639f2ddb1d2ce349bae6aa24a8e015ef6836f4f9df9
content-type: text/html
x-amz-cf-id: R7834DqQgO7izPwwHwqG2ZWFkKSZ2h-LzM3wGgrZthNXOnY4ltarwQ==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D18 14 KB
6 KB 53ms
18ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=secure.palmbeachgroup.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 5884
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 10:28:49 GMT
server-processing-duration-in-ticks: 2109
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
BLOB 200
OK 0707a128-f893-403d-966b-de45316e04a5
https://secure.palmbeachgroup.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/0707a128-f893-403d-966b-de45316e04a5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 1b19a6e5-3416-4143-89bd-84aecc6b14a2 Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/ 16 B
197 B 160ms
160ms XHR
application/octet-stream 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/1b19a6e5-3416-4143-89bd-84aecc6b14a2?fastly_token=NjI3YWE5NWFfMTEzNDdhNjg1ZmJjZWNhZTNjNmY3NjBmOTkzMDBlMjcwMjU5YTg2YmMyZDVhYTJlZjlhMDg0MGUzZTdjZWYwMQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 6d58748d0b000de1d216c553178882ab71d53f37f5c57e50e97d72a79924cf34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 varnish
bcov-request-id: 4751c6cc-d071-4fde-8d6e-2759784f667e
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4082-HHN
x-device-group: desktop-chrome
x-timer: S1652178530.206041,VS0,VE153
x-powered-from: eu-west-1c
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=8769
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/ 2 MB
2 MB 87ms
27ms XHR
video/mp2t 2a02:26f0:3500:7::17d8:4dce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/segment0.ts?akamai_token=exp=1652205914~acl=/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/144b8bcc-31a9-4093-a324-8a75201f8d88/1b19a6e5-3416-4143-89bd-84aecc6b14a2/*~hmac=2af2930b1bb01e7b666da764611768cda9332130093a4f7a6fb1376ca934f398
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:7::17d8:4dce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: ce004d6ba293ddac2a8cfe6c819fc6c222f56c93374fcc8492b68e976018ea2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:50 GMT
X-Amz-Cf-Pop: JFK51-C1
X-Powered-By: BC
Backend-IP: 13.225.231.196
BC-MID: true
Connection: keep-alive
Content-Length: 2322560
X-Served-By: cache-ewr18182-EWR
Expires: Tue, 31 Jan 2023 16:30:18 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1643649528.138059,VS0,VE9
X-Powered-From: gantry
ETag: "c0fe676c34d3742ee75af3c7b016536d"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range
Cache-Control: public, max-age=23004088
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: QVqixBqavoujeg5KhWvIfDSmYaaCPi3Y8-Z-WLPIS0fBvovJVkryYA==
X-Cache-Hits: 1

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 137ms
66ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753664851

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01b0ed865e8a7c2a017ad2758156217cd7cbad1177c418cec1e69bb9f63f4c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38898
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b1308c0f5041867ac927863ae16bf4f1d45178d076645735ecaddc14e9456cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57321
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d52a2d5b39da5531dcb949f9f89a55b6b8cb0ffa9220e5d05f02d8af26ecdca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42249
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 151 KB
56 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-311444767&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40555c14cf094e65253e135a72dc04a56eec38e08c3907993d7b5399c8e52c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57454
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668877205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1ff4acc59cd4a7c0bf006545545fe8dc7c1c7afbece444f0f6cfd0e3819081e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42246
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 89ms
89ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10828766220&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

700f5e71bd5f89095aa8e82934ff98a8e6996df7037bfd0d75d97e1c20a6194a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42329
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 101ms
101ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668474013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5af0100fed3f469db60b6c27d530091341e7217847b65be8f4455be2664e8c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42288
x-xss-protection: 0
last-modified: Tue, 10 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 10:28:50 GMT

GET
BLOB 200
OK 2556d0fd-3699-432f-8691-b6d7f0b1e3ff
https://secure.palmbeachgroup.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/2556d0fd-3699-432f-8691-b6d7f0b1e3ff
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 1b19a6e5-3416-4143-89bd-84aecc6b14a2 Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/ 16 B
107 B 257ms
256ms XHR
application/octet-stream 151.101.2.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/1b19a6e5-3416-4143-89bd-84aecc6b14a2?fastly_token=NjI3YWE5NWFfMTEzNDdhNjg1ZmJjZWNhZTNjNmY3NjBmOTkzMDBlMjcwMjU5YTg2YmMyZDVhYTJlZjlhMDg0MGUzZTdjZWYwMQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 6d58748d0b000de1d216c553178882ab71d53f37f5c57e50e97d72a79924cf34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 varnish
bcov-request-id: 2708d187-92a7-46d3-830e-16b2eacefb5f
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4082-HHN
x-device-group: desktop-chrome
x-timer: S1652178530.228980,VS0,VE249
x-powered-from: eu-west-1c
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=8769
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/ 297 KB
298 KB 60ms
22ms XHR
video/mp2t 2a02:26f0:3500:7::17d8:4dce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/1b19a6e5-3416-4143-89bd-84aecc6b14a2/5x/segment0.ts?akamai_token=exp=1652205914~acl=/media/v1/hls/v4/aes128/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/8566479e-fb69-474c-a17f-3462aafc3525/1b19a6e5-3416-4143-89bd-84aecc6b14a2/*~hmac=5767024215cbd8260590e19ce0d7a641dff86213ef5ca1d7b53fab109a40b4bc
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:7::17d8:4dce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / BC
Resource Hash: 66f66a06a243997049dddb802cb8066b7891379f487a6553836c3e88e218a3d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:50 GMT
X-Amz-Cf-Pop: JFK51-C1
X-Powered-By: BC
Backend-IP: 13.225.231.196
BC-MID: true
Connection: keep-alive
Content-Length: 304192
X-Served-By: cache-ewr18142-EWR
Expires: Tue, 31 Jan 2023 16:23:11 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1643649529.548716,VS0,VE1
X-Powered-From: gantry
ETag: "7be8458ad565ba32687a77024cbd183d"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range
Cache-Control: public, max-age=23003661
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
X-Amz-Cf-Id: MG5j4nA9yaQVv-z95wI3hbFOZ876-UeheKkRTirnU5FvADPYb20NPQ==
X-Cache-Hits: 1

GET
H3 200 /
www.google.com/pagead/1p-user-list/474630786/ 42 B
64 B 136ms
53ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/474630786/?random=1652178530070&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=561495819&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/474630786/ 42 B
64 B 127ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/474630786/?random=1652178530070&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=561495819&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D18
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=palmbeachgroup.com&sn=ChromeSyncframe&so=0&topUrl=secure.palmbeachgroup.com&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=83RzM3xxa214OGdYZFkxM0FzdjlxbDQ2MERzdi9ENm1tZHVidUhZc2JuNE8vZS9jY1hQZ0FhOUlHb1BnMWZkVzkwMWRuZVo3OEhCWDFmSGRFbU1OMzhrOGw0WFdQTXd1NGd5V2J0V2JOSGlSRnJVdmVGMVJVVHVLWkVrQm...

451 B
650 B

140ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=83RzM3xxa214OGdYZFkxM0FzdjlxbDQ2MERzdi9ENm1tZHVidUhZc2JuNE8vZS9jY1hQZ0FhOUlHb1BnMWZkVzkwMWRuZVo3OEhCWDFmSGRFbU1OMzhrOGw0WFdQTXd1NGd5V2J0V2JOSGlSRnJVdmVGMVJVVHVLWkVrQmM1NmF6WTRHWkNEbUZjcVpxMHRYaGxSODZnU3gxZi8wRFhYUmlYQmdDeURueHpzdnVnWHBESzBja2NIdWgzbWtwYnhkeXNIUUd4Slc5eEtmYWQxVlRVY1BzTGJqZHI3U3lzME93dDd5L2RZdHZmMkJmaGdjNmowSFluak1kQXJyV2laT2lwYUgzaDVIQ0pRTWNhTlVkaGYrV3o4U0xGdz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c76384118c466762e8b12eb3bbdf56dbde1a0dd702cf66629f8a0bcb9a4043fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5421
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=83RzM3xxa214OGdYZFkxM0FzdjlxbDQ2MERzdi9ENm1tZHVidUhZc2JuNE8vZS9jY1hQZ0FhOUlHb1BnMWZkVzkwMWRuZVo3OEhCWDFmSGRFbU1OMzhrOGw0WFdQTXd1NGd5V2J0V2JOSGlSRnJVdmVGMVJVVHVLWkVrQmM1NmF6WTRHWkNEbUZjcVpxMHRYaGxSODZnU3gxZi8wRFhYUmlYQmdDeURueHpzdnVnWHBESzBja2NIdWgzbWtwYnhkeXNIUUd4Slc5eEtmYWQxVlRVY1BzTGJqZHI3U3lzME93dDd5L2RZdHZmMkJmaGdjNmowSFluak1kQXJyV2laT2lwYUgzaDVIQ0pRTWNhTlVkaGYrV3o4U0xGdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1349
content-length: 541
expires: 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 52ms
52ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray: 7091fd863bc79226-FRA
date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 09:09:26 GMT
server: cloudflare
age: 4764
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LsjCT829R2YQN9vLhfPLfzrzrJJPbMudJNayldG8QHBGimOtnmCbHvzPzqRKEspU4b114Ez%2BBVs4KWsFTFEOvB6e7Cf8f09GTWSzX%2BF7Uq02%2Buz5fbaETuKgvqpLbhwPXqYayz%2F%2BEkv"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 49ms
48ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=740180281&t=pageview&_s=1&dl=secure.palmbeachgroup.com%2Fhttps%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&ul=en-us&de=UTF-8&dt=lrRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1684186655&gjid=1163643020&cid=903408390.1652178530&tid=UA-137602623-2&_gid=86485704.1652178530&_r=1&gtm=2ou590&z=1411217313

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 581
date: Tue, 10 May 2022 10:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 10 May 2022 12:19:09 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cf-ray: 7091fd86dcde9226-FRA
date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 10 May 2022 08:33:07 GMT
server: cloudflare
age: 6943
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhOC%2BJI1abSnRM2lJTw%2F2zuu4G5tUO%2Fqsf6fSyxHGZo24r0qOmOReUrGDJGgAxoPJIA0%2BeeapjcZofQxaf3TZJYvA0lunLJZv2gZIpBY9xToOB7OQz93VpT5hNaA2RQ3%2Bxe9BneYoDQ2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/ 363 KB
25 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b156f9a55a588d5405c6df60fe29774104066fac4a69843f69d305e3e6dedfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1402
content-encoding: br
last-modified: Tue, 10 May 2022 10:05:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiqOUfuinPLxUgXbYFpIf2YdMoKJjwXDHkJBUyRXHreHCSk7%2FOKF7pROkttkQJO7FxAGT%2BQfWnUdJAaJnU4GNMA0qwTC0OOSuNunwSMT3N5CHp%2BRlZFgOTLg9uQkIpUR97S3v%2FEIWuKy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 7091fd86dcfa9226-FRA

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/ 3 KB
1 KB 173ms
93ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/?random=1652178530373&cv=9&fst=1652178530373&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1289ab81dfd57aba22364cd610a67710adc92d85299e3fb997817ed6522d8883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1254
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 52ms
52ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=94539&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVV...
https://widget.us.criteo.com/event?a=94539&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVV...

8 KB
8 KB

310ms
108ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=94539&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVVrbllPclFEOVN5eE9WTnVKa1ZlRTZYTnJCVlNzRG40MU1sdUhOc0tlT29iSmN4cXViRGx4MWR6anQ4RE96eWFRNjclMkJHWmVYVGllV0RSVUprYTc1WiUyQlUlMkZ6dTVqWVVrSE1vY0trTWg3TkdpVEpsTHhtJTJCRSUyRmlOMkVnJTNE&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&dtycbr=67603

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3cf27e380a7074b526132d404b836fe25f51e2346d06c525fd697d85a2b3c88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:49 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12112308
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=94539&v=5.10.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvp%26p%3D1&p2=e%3Ddis&adce=1&bundle=80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVVrbllPclFEOVN5eE9WTnVKa1ZlRTZYTnJCVlNzRG40MU1sdUhOc0tlT29iSmN4cXViRGx4MWR6anQ4RE96eWFRNjclMkJHWmVYVGllV0RSVUprYTc1WiUyQlUlMkZ6dTVqWVVrSE1vY0trTWg3TkdpVEpsTHhtJTJCRSUyRmlOMkVnJTNE&tld=palmbeachgroup.com&fu=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&dtycbr=67603
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5834802
timing-allow-origin: *
content-length: 0
expires: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/ 3 KB
1 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/?random=1652178530497&cv=9&fst=1652178530497&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

187b3f66a81bf5dcfc994adc140eec114d40395c36e40fabcfe4ce67b6046608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/ 3 KB
1 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/?random=1652178530499&cv=9&fst=1652178530499&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fafd3cb36c91982b16dd8849eb6e1f52ae92cceccb7a5307b8944ba92e3b8896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/ 3 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1652178530500&cv=9&fst=1652178530500&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f943865e49096ad456fe922f798602a74507bedc99751c3ce31f8a9df096d248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/456578300/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1652178530500&cv=9&fst=1652178530500&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
https://www.google.com/pagead/1p-user-list/456578300/?random=1652178530500&cv=9&fst=1652176800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/pagead/1p-user-list/456578300/?random=1652178530500&cv=9&fst=1652176800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
64 B

48ms
48ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/456578300/?random=1652178530500&cv=9&fst=1652176800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1051882287&resp=GooglemKTybQhCsO&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/456578300/?random=1652178530500&cv=9&fst=1652176800000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&is_vtc=1&random=1051882287&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/ 3 KB
1 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1652178530501&cv=9&fst=1652178530501&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

101cdcf6708ef081c068b370b1e74f3565bc673494c0ad214de492ed6dcc47dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/ 3 KB
1 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1652178530502&cv=9&fst=1652178530502&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29a42b472983d7c684f0d4595860d6f6430f5833ccedf90854ba9352742a86e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/753664851/ 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/753664851/?random=1652178530373&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3706707793&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/753664851/ 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/753664851/?random=1652178530373&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3706707793&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668877205/ 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668877205/?random=1652178530500&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=632334580&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668877205/ 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1652178530500&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=632334580&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668474013/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668474013/?random=1652178530497&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=849535228&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668474013/ 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668474013/?random=1652178530497&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=849535228&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/311444767/ 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/311444767/?random=1652178530501&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3972098693&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/311444767/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/311444767/?random=1652178530501&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3972098693&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10828766220/ 42 B
64 B 55ms
55ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10828766220/?random=1652178530502&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=1581379731&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10828766220/ 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10828766220/?random=1652178530502&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=1581379731&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/700588147/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/700588147/?random=1652178530499&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=4075556534&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/700588147/ 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/700588147/?random=1652178530499&cv=9&fst=1652176800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT583247%26eid%3DMKT632145%26step%3Dstart%26plcid%3DPLC140060%26SNAID%3DSAC0019427707%26email%3Dgsheard%40bcbsm.com%26encryptedSnaid%3Dq98udIfbYMnNgBYsF8Zu%252Frd96G%2520MwKyNRYSJ58xIWuc%253D%26emailjobid%3D5148356%26emailname%3D20220509-LGD%26assetId%3DAST207430%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=4075556534&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame CCF6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_cm&google_hm=ay1NSWU0cXMtV3NCWnFURmIxMUdnR3lCXzBhZ19LVWtsR...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_gid=CAESEE-OyDpDQX71ytJsMgx2mO0&google_cver=1&google_ula=913071,0

43 B
370 B

17ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_gid=CAESEE-OyDpDQX71ytJsMgx2mO0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1219051
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&google_gid=CAESEE-OyDpDQX71ytJsMgx2mO0&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame CCF6
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=SslE8jeMcgnPwNBt_EF7M4d9KXbqPqVi

42 B
178 B

104ms
40ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=SslE8jeMcgnPwNBt_EF7M4d9KXbqPqVi
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=SslE8jeMcgnPwNBt_EF7M4d9KXbqPqVi
date: Tue, 10 May 2022 10:28:49 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2760
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame CCF6 0
232 B 126ms
29ms Image
text/html 3.248.113.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ&custom=&tag_format=img&tag_action=sync&custom=&cb=9386f4ec-8a2d-4cca-b8e5-36576446da61
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.113.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-113-119.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame CCF6 42 B
448 B 123ms
39ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-MIe4qs-WsBZqTFb11GgGyB_0ag_KUklGDcqLlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 10:28:50 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 204 v1
ads.yahoo.com/cms/ Frame CCF6 0
47 B 446ms
20ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame CCF6 43 B
291 B 40ms
37ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Tue, 10 May 2022 10:28:50 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame CCF6 0
397 B 51ms
12ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-WKU74s-WsBZqTFb11GgGyB_0ag95DjsNcrzFZA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame CCF6 0
476 B 359ms
86ms Image
text/plain 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-2aAaeM-WsBZqTFb11GgGyB_0ag8tCzULqhmD3Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:51 GMT
Cache-Control: no-cache
X-TraceId: 4fabe2118960794fe8f90da70c3e28e9
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame CCF6 0
427 B 461ms
118ms Image
text/plain 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-pvCNUs-WsBZqTFb11GgGyB_0ag9QaE6sfJb7Cw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 10 May 2022 10:28:51 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame CCF6 0
239 B 62ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-pvCNUs-WsBZqTFb11GgGyB_0ag9QaE6sfJb7Cw&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame CCF6
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-BVjeUc-WsBZqTFb11GgGyB_0ag8kZTZ-2V3AOA&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BVjeUc-WsBZqTFb11GgGyB_0ag8kZTZ-2V3AOA%26seg%3D95287

43 B
1 KB

9ms
9ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BVjeUc-WsBZqTFb11GgGyB_0ag8kZTZ-2V3AOA%26seg%3D95287

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 009e4ee0-9651-4ad3-9cb2-4aa391450865
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ad513caf-6fe1-49ca-a776-d4c423b94760
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-BVjeUc-WsBZqTFb11GgGyB_0ag8kZTZ-2V3AOA%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame CCF6
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3437132892970899307

43 B
371 B

109ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3437132892970899307

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2104433
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:50 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 19e8c833-e59a-4efc-b0ba-0db0599a4070
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3437132892970899307
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame CCF6 42 B
672 B 1354ms
157ms Image
image/gif 104.36.113.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-K4vqQc-WsBZqTFb11GgGyB_0ag9V4ZCp0gi10w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.113.107 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
cache-control: no-store, no-cache, private
x-lat: sfopug012:0:378
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/ Frame CCF6
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-qvltB8-WsBZqTFb11GgGyB_0ag9gyFsa64Ghjg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-qvltB8-WsBZqTFb11GgGyB_0ag9gyFsa64Ghjg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

11ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-qvltB8-WsBZqTFb11GgGyB_0ag9gyFsa64Ghjg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-qvltB8-WsBZqTFb11GgGyB_0ag9gyFsa64Ghjg&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 10 May 2022 10:28:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame CCF6 45 B
784 B 114ms
62ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-BO8QVc-WsBZqTFb11GgGyB_0ag8JBr_RTQYlGw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 10 May 2022 10:28:51 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 10 May 2022 10:28:51 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame CCF6
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g&C=1

43 B
1 KB

49ms
49ms

Image
image/gif

92.122.147.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g&C=1
Protocol: HTTP/1.1
Server: 92.122.147.230 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-147-230.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 May 2022 10:28:51 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Tue, 10 May 2022 10:28:51 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame CCF6 0
238 B 37ms
8ms Image
text/plain 2600:9000:2057:7e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-10lm4s-WsBZqTFb11GgGyB_0ag8TH0bPbvdTNg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: fdCClxiuVjpcRo7y_adEL9bXiaxbmF_7R5PBR1_ZsOmpIkT4u8zRsA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame CCF6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-F3A2dM-WsBZqTFb11GgGyB_0ag9pmfBlVhnZog&expires=30&user_group=5
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F3A2dM-WsBZqTFb11GgGyB_0ag9pmfBlVhnZog&expires=30&user_group=5

43 B
495 B

10ms
9ms

Image
image/gif

18.185.246.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F3A2dM-WsBZqTFb11GgGyB_0ag9pmfBlVhnZog&expires=30&user_group=5
Protocol: HTTP/1.1
Server: 18.185.246.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-F3A2dM-WsBZqTFb11GgGyB_0ag9pmfBlVhnZog&expires=30&user_group=5
Date: Tue, 10 May 2022 10:28:51 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame CCF6 35 B
336 B 93ms
32ms Image
image/gif 34.255.141.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-GcamZM-WsBZqTFb11GgGyB_0ag9d9FR9ClUeQA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.141.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-141-199.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
x-powered-by: Express
content-length: 35
content-type: image/gif

GET
H2 200 um
criteo-sync.teads.tv/ Frame CCF6 23 B
172 B 118ms
54ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-c6F7dc-WsBZqTFb11GgGyB_0ag_8dYp-zvllnA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:51 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 10 May 2022 10:28:51 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CCF6 0
99 B 70ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-I90wGM-WsBZqTFb11GgGyB_0ag8lKG5uicT5Bg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13542

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CCF6 43 B
163 B 116ms
16ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Z_LjMc-WsBZqTFb11GgGyB_0ag_K_gK5hL3FtA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:50 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame CCF6 68 B
262 B 36ms
7ms Image
image/png 3.120.83.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-bDbu4s-WsBZqTFb11GgGyB_0ag_ARcym9UAxyw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.83.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-83-85.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame CCF6
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-247Jx8-WsBZqTFb11GgGyB_0ag8GuE2N2canuQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-247Jx8-WsBZqTFb11GgGyB_0ag8GuE2N2canuQ

43 B
447 B

30ms
30ms

Image
image/gif

52.17.103.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-247Jx8-WsBZqTFb11GgGyB_0ag8GuE2N2canuQ
Protocol: H2
Server: 52.17.103.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-103-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 10:28:51 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-247Jx8-WsBZqTFb11GgGyB_0ag8GuE2N2canuQ
date: Tue, 10 May 2022 10:28:51 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame CCF6
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA&_li_chk=true&previous_uuid=75057f4637e340df99bafd9fc1ae0864
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA

43 B
419 B

524ms
109ms

Image
image/gif

2600:1f18:444a:4602:66c0:1498:bf97:ef60

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:66c0:1498:bf97:ef60 -, , ASN (),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:52 GMT
Cache-Control: no-store
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-hfsics-WsBZqTFb11GgGyB_0ag9p6gaPpSdVpA
Date: Tue, 10 May 2022 10:28:50 GMT
Connection: keep-alive
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame CCF6 43 B
427 B 299ms
97ms Image
image/gif 18.235.141.125

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k-OmxXVs-WsBZqTFb11GgGyB_0ag_Z3gAruBByqg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.141.125 -, , ASN (),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:51 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame CCF6 43 B
183 B 352ms
112ms Image
image/gif 2600:1f18:612b:4232:6e00:7b23:6545:3513

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-IJP9Vs-WsBZqTFb11GgGyB_0ag_3A93EyW_N7g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:6e00:7b23:6545:3513 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 10 May 2022 10:28:51 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame CCF6
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-bNGPuc-WsBZqTFb11GgGyB_0ag_mQZixeTUV5w&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

90ms
14ms

Image
image/gif

2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Tue, 10 May 2022 10:28:51 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1652178531.dop236.am5.t,1652178531.cds143.am5.shn,1652178531.cds143.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1652178531233036-599
Expires: Tue, 10 May 2022 10:28:51 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame CCF6
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6078489531630264675

43 B
370 B

17ms
17ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6078489531630264675

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2273783
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 10 May 2022 10:28:51 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a3c4814b-89ab-4a8a-ab19-a5628dd9930e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6078489531630264675
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame CCF6
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/G05wy98sdcHwt9yN4P6Oj1MtQozd4E2r/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7425947803823899191

43 B
370 B

19ms
18ms

Image
image/gif

178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7425947803823899191

Protocol

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 10:28:50 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3018729
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=7425947803823899191
pragma: no-cache
date: Tue, 10 May 2022 10:28:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: manifest.prod.boltdns.net
URL: http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/thumbnail.webvtt?fastly_token=NjI3YTllOGRfNjhlMzgwZDcwY2VjN2RiMmNlMDQ2NzBlNjEwMjc2YzZmN2JmMDEzYzI3NWVhZjlhYmIzMzZiMGM5MjdjMzM1ZA%3D%3D

Verdicts & Comments Add Verdict or Comment

335 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/BrxgIoIXfWCS	1970-01-23 18:36:37	Name: gsid Value: nSQvEtdYuXJr1s88CXejseCCRtZ2H4oPNN7fQWBx2mBFBs3Bitp3CHS4JlVHETT%2btIVyttOj2W0%3d
.listrakbi.com/BrxgIoIXfWCS	1970-01-20 11:41:54	Name: scasid Value: 4f7c5061-ba6a-4f84-b648-cfb5531bd7f3
secure.palmbeachgroup.com/	1970-01-20 02:56:19	Name: _dd_s Value: logs=1&id=a9dc6949-75cd-4a5a-b69a-e3d6ed368cd6&created=1652178527830&expire=1652179427830
s1.listrakbi.com/	1970-01-20 03:06:23	Name: AWSALBCORS Value: F1nzUIwyHC2N4QH8Rgh1ZdvanJaj/RzHfUbV1TVa03nzIJbdPBGYWlNkk8PBnJ4++Gi9g5xraganJZQUPa8rt6n7bKMlrnrMNrTfHLE86twOb4gTDguoT7sa0WD7
.listrakbi.com/	1970-01-20 05:05:54	Name: usid Value: a4a22611d81145c0819368c4c60334e9
.palmbeachgroup.com/	1970-01-23 18:36:37	Name: GSIDBrxgIoIXfWCS Value: e29952b9-3092-44ed-bada-5dfe166851e4
.palmbeachgroup.com/	1970-01-20 11:41:54	Name: STSID243866 Value: 4f7c5061-ba6a-4f84-b648-cfb5531bd7f3
.secure.palmbeachgroup.com/	1970-01-20 02:56:20	Name: seerses Value: e
.secure.palmbeachgroup.com/	1970-01-23 18:32:18	Name: seerid Value: aca6bfdd-10b1-4b71-b207-52112e12b336
secure.palmbeachgroup.com/	1970-01-20 04:22:42	Name: MKT583247_MKT632145_AST207430 Value: visited
.lytics.io/	1970-01-21 00:32:18	Name: seerid Value: aca6bfdd-10b1-4b71-b207-52112e12b336
.palmbeachgroup.com/	1970-01-20 20:27:30	Name: _ga Value: GA1.2.903408390.1652178530
.palmbeachgroup.com/	1970-01-20 02:57:44	Name: _gid Value: GA1.2.86485704.1652178530
.palmbeachgroup.com/	1970-01-20 02:56:18	Name: _gat_UA-87443958-7 Value: 1
ssl.kaptcha.com/	1970-01-20 05:05:54	Name: k Value: b24b44e225c84a7bb534120dcf8272d2
secure.palmbeachgroup.com/	1970-01-20 11:41:54	Name: lr_cue_2110AMERICANCRYPTOALT_v1 Value: 0
secure.palmbeachgroup.com/	1970-01-23 18:32:18	Name: bssSessionId Value: a99802b2-0274-411d-ae36-e5d924a3f730
.yahoo.com/	1970-01-20 11:42:16	Name: A3 Value: d=AQABBGE-emICEOHGnTzYh38I7Ae6mjtFrLgFEgEBAQGPe2KEYgAAAAAA_eMAAA&S=AQAAAoB4T90a3Q_YwKbDgv9g4Ew
.palmbeachgroup.com/	1970-01-20 05:05:54	Name: _gcl_au Value: 1.1.307181291.1652178530
.palmbeachgroup.com/	1970-01-20 02:56:18	Name: _gat_UA-170962029-3 Value: 1
.bing.com/	1970-01-20 12:17:54	Name: MUID Value: 3A10D11ED1656B57306AC0BED00E6A84
.palmbeachgroup.com/	1970-01-20 02:57:44	Name: _uetsid Value: fb44de20d04b11eca13423ffe5aeef5e
.palmbeachgroup.com/	1970-01-20 12:17:54	Name: _uetvid Value: fb451d50d04b11ec88aaa7cccc931ea5
secure.palmbeachgroup.com/	1970-01-20 11:41:54	Name: cdn.beaconstreetservices.100014.ka.ck Value: 695eb777cc1bbebf1ceac7608ffc2ca3a8983110809e58db3d033cfbb19f76ab30920ef05478e7b381166ec36fc7232fcf08570a5cdeb17050282595ec8bd3f70b9515ee0a85360b696f74fced937bae786af6095fa657d880ba69c8167d00d7d6b5ef8c253533bde52aa09a0c8185e4cdf3b9776ba808736aab82d729d5330107908dadea3bfad8e8a22948ff61ee040d03fd4ca8532d70a2b3
.criteo.com/	1970-01-20 12:17:54	Name: uid Value: a732d435-c4cd-4897-b76b-6e737a53eef9
.palmbeachgroup.com/	1970-01-20 02:56:18	Name: _gat_gtag_UA_137602623_2 Value: 1
.palmbeachgroup.com/	1970-01-20 12:25:42	Name: cto_bundle Value: 80pO519VYW5KemRGU08zc2JyY2FFNEpIaWVGV3hZdzhLaW5GV21QRG96cFFTZW9rQU5IaTQ1YVVrbllPclFEOVN5eE9WTnVKa1ZlRTZYTnJCVlNzRG40MU1sdUhOc0tlT29iSmN4cXViRGx4MWR6anQ4RE96eWFRNjclMkJHWmVYVGllV0RSVUprYTc1WiUyQlUlMkZ6dTVqWVVrSE1vY0trTWg3TkdpVEpsTHhtJTJCRSUyRmlOMkVnJTNE
.doubleclick.net/	1970-01-20 12:17:54	Name: IDE Value: AHWqTUkSznm4tpQ_HGvKQyqmB_m3KUsRJLAbYIvpKv231jv4XRlHco0XvJ9Dpi9X
.analytics.yahoo.com/	1970-01-20 11:41:54	Name: IDSYNC Value: 18zh~24sy
.adnxs.com/	1970-01-20 05:05:54	Name: uuid2 Value: 6078489531630264675
.3lift.com/	1970-01-20 05:05:54	Name: tluid Value: 722265111249933949957
.rlcdn.com/	1970-01-20 11:41:54	Name: rlas3 Value: 2QE1y907FlticcXLEFeIl+q8wUO3wojq13E8l3AKoA0=
.rlcdn.com/	1970-01-20 04:22:42	Name: pxrc Value: CAA=
.media.net/	1970-01-20 11:41:54	Name: visitor-id Value: 2951801318397069000V10
.media.net/	1970-01-20 03:39:30	Name: data-c-ts Value: 1652178531
.media.net/	1970-01-20 03:39:30	Name: data-c Value: k-BO8QVc-WsBZqTFb11GgGyB_0ag8JBr_RTQYlGw~~3
.casalemedia.com/	1970-01-20 11:41:54	Name: CMID Value: Yno.Y54fqFzwdGHPlQiXdQAA
.casalemedia.com/	1970-01-20 05:05:54	Name: CMPS Value: 3267
.bidswitch.net/	1970-01-20 11:41:54	Name: tuuid Value: afad26d0-f232-40f8-841e-bf7a1e55d22c
.bidswitch.net/	1970-01-20 11:41:54	Name: c Value: 1652178531
.bidswitch.net/	1970-01-20 11:41:54	Name: tuuid_lu Value: 1652178531
.revcontent.com/	1970-02-07 08:56:18	Name: __ID Value: 1ad30467eec649ac8a30605276da3c0d
.revcontent.com/	1970-01-20 03:39:30	Name: v1_151 Value: 1
.casalemedia.com/	1970-01-20 05:05:54	Name: CMPRO Value: 1211
.casalemedia.com/	1970-01-20 02:57:44	Name: CMST Value: Yno+Y2J6PmMA
.casalemedia.com/	1970-01-20 11:41:54	Name: CMRUM3 Value: 14627a3e632760k-leZVJM-WsBZqTFb11GgGyB_0ag845aZWPj1h6g
.sharethrough.com/	1970-01-20 03:39:30	Name: stx_user_id Value: b08958d0-06d2-4503-916f-f21c4ba71733
.adnxs.com/	1970-01-20 05:05:54	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2E?apNhSJ!fsuhq8SWo5i@?nrTu!JYL?f'<KGd39[7(%zstv4nzR?^F8]a<80Q9R]G[p5%z0dtUQ!ttbS55D8-@P)[Q]P)j.gWth#q
.outbrain.com/	1970-01-20 05:05:54	Name: obuid Value: 79e472c6-5b37-4d64-b30e-00ea2a1faf1e
.outbrain.com/	1970-01-20 03:25:06	Name: criteo Value: k-2aAaeM-WsBZqTFb11GgGyB_0ag8tCzULqhmD3Q
.360yield.com/	1970-01-20 05:05:54	Name: tuuid Value: eba2b16e-2710-4353-821c-72aaa06b6e72
.360yield.com/	1970-01-20 05:05:54	Name: tuuid_lu Value: 1652178531
.turn.com/	1970-01-20 07:15:30	Name: uid Value: 7425947803823899191
.360yield.com/	1970-01-20 05:05:54	Name: um Value: !38,uBEwDX.27X3uGgTC29asVPLMVwiSCiwBqQSm5ZjWPfCrqEiAeCSYk9fKiTsGnVeV4YC5Up0O,1659954531
.360yield.com/	1970-01-20 05:05:54	Name: umeh Value: !38,0,1714386531,-1
ads.stickyadstv.com/	1970-01-20 03:39:30	Name: UID Value: 5c61b754902493d6e55083fe9a74f32
ads.stickyadstv.com/	1970-01-20 03:39:30	Name: uid-bp-11554 Value: k-bNGPuc-WsBZqTFb11GgGyB_0ag_mQZixeTUV5w
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 51ad425ff9b2f09ea392815e14e7cfb
.addthis.com/	1970-01-20 12:17:54	Name: ouid Value: 627a3e630001b33cd606a664e18d6eddc604607fe04a1bde618a
.addthis.com/	1970-01-20 12:17:54	Name: uid Value: 627a3e63324b9c45
.addthis.com/	1970-01-20 12:17:54	Name: na_id Value: 2022051010285131500566236040
.postrelease.com/	1970-01-20 11:41:54	Name: opt_out Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://secure.palmbeachgroup.com/polyfills.js(Line 117501) Message: Mixed Content: The page at 'https://secure.palmbeachgroup.com/?cid=MKT583247&eid=MKT632145&step=start&plcid=PLC140060&SNAID=SAC0019427707&email=gsheard@bcbsm.com&encryptedSnaid=q98udIfbYMnNgBYsF8Zu%2Frd96G%20MwKyNRYSJ58xIWuc%3D&emailjobid=5148356&emailname=20220509-LGD&assetId=AST207430&page=1' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/c258d7d3-96e0-4b29-8d2e-aef548802e89/a32e67f8-c354-4bbf-97d1-a1017a40955d/thumbnail.webvtt?fastly_token=NjI3YTllOGRfNjhlMzgwZDcwY2VjN2RiMmNlMDQ2NzBlNjEwMjc2YzZmN2JmMDEzYzI3NWVhZjlhYmIzMzZiMGM5MjdjMzM1ZA%3D%3D'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
amplifypixel.outbrain.com
bat.bing.com
bcbolt446c5271-a.akamaihd.net
c.lytics.io
cdn.listrakbi.com
cdn.mxpnl.com
cdn.stickyadstv.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
click.exct.legacyresearch.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
d3bjnmbj12697.cloudfront.net
dis.criteo.com
eb2.3lift.com
edge.api.brightcove.com
fonts.googleapis.com
googleads.g.doubleclick.net
gsdpeazjjf.execute-api.us-east-1.amazonaws.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
jadserve.postrelease.com
js.trackinggrid.com
manifest.prod.boltdns.net
marketingassets.cloudsna.com
match.sharethrough.com
metrics.brightcove.com
mug.criteo.com
partner.mediawallahscript.com
pixel.rubiconproject.com
pixel.sitescout.com
players.brightcove.net
q.quora.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
s1.listrakbi.com
s3.amazonaws.com
secure.adnxs.com
secure.palmbeachgroup.com
simage2.pubmatic.com
sp.analytics.yahoo.com
ssl.kaptcha.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.outbrain.com
tracking.legacyoffers.com
trc.taboola.com
trends.revcontent.com
up.pixel.ad
ups.analytics.yahoo.com
vjs.zencdn.net
widget.us.criteo.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
manifest.prod.boltdns.net
104.18.6.244
104.36.113.107
104.75.88.126
108.157.2.11
108.157.4.28
13.111.45.142
13.248.245.213
141.226.228.48
142.250.185.162
142.250.185.66
143.204.213.109
151.101.193.2
151.101.2.27
178.250.0.157
178.250.0.163
178.250.2.151
178.79.242.16
18.156.0.31
18.185.246.45
18.235.141.125
185.86.137.133
2.18.234.233
2001:4de0:ac18::1:a:3a
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::13
209.59.154.196
212.82.100.181
23.35.228.23
23.35.237.56
2600:1901:0:498c::
2600:1f18:444a:4602:66c0:1498:bf97:ef60
2600:1f18:612b:4232:6e00:7b23:6545:3513
2600:9000:2057:7600:f:75e2:4ac0:21
2600:9000:2057:7e00:1b:5138:8a40:93a1
2606:4700:20::681a:216
2606:4700::6810:1937
2606:4700::6810:f41b
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:810::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c08::9a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:7::17d8:4dce
2a04:4e42:400::729
2a04:4e42::300
3.120.83.85
3.248.113.119
3.5.6.167
34.246.99.35
34.255.141.199
35.172.159.73
35.244.174.68
35.244.232.184
35.81.31.24
37.252.173.22
37.252.173.27
52.17.103.74
52.72.173.139
64.202.112.31
66.155.71.150
69.173.144.138
74.119.119.150
92.122.144.81
92.122.147.230
013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb
01b0ed865e8a7c2a017ad2758156217cd7cbad1177c418cec1e69bb9f63f4c6f
03bab266dee11b8c2a0ecce7b77546f0529824c1bd00a52bd92717e42c296207
0722e77458fcedadb2b7596ee392d9cedf6e69d241d325798759adc50c5599c6
08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e46f811834ce20c231c9fd0c394e68827026b196682cb6d1bd84fd4f5233d76
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
101cdcf6708ef081c068b370b1e74f3565bc673494c0ad214de492ed6dcc47dd
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
1289ab81dfd57aba22364cd610a67710adc92d85299e3fb997817ed6522d8883
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
17d4296e70b0fcdaa22feb27d4934acb48370754b51b992945e2f0c1e80daabb
187b3f66a81bf5dcfc994adc140eec114d40395c36e40fabcfe4ce67b6046608
1aed9bf2527a71a02eb69ac0e018a55b034067c67efcff7df6a428eac923dfe5
1b1308c0f5041867ac927863ae16bf4f1d45178d076645735ecaddc14e9456cb
1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f4f5fdffaf00193968ce7061b79f50ecb891aa19d6303cfca92ee57ef0d5fb7
21d93ac5a388df10b961801cce44bd72d8e612f9c5305c769ef2602b9b0480eb
2510b62a672a6419a1b30e01856df7f6d598f3ba03beff5159c3d9c63a1bcb11
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13
29a42b472983d7c684f0d4595860d6f6430f5833ccedf90854ba9352742a86e0
2e4300071c7d7ee2228bc47f31403c8c4c6511f5a0b8bd102df8802d85c43dbc
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37e127bcfa908eef579a98d6824b52fab529458616c89c4aefaf1703d0a13c7c
40555c14cf094e65253e135a72dc04a56eec38e08c3907993d7b5399c8e52c8c
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
4965a9ae619c0a248a186236a2aee27d1963adef65a94376ea709897c3dd2403
4b156f9a55a588d5405c6df60fe29774104066fac4a69843f69d305e3e6dedfa
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5af0100fed3f469db60b6c27d530091341e7217847b65be8f4455be2664e8c88
5cb42ed48451fec48eebe0f6a456350b1195238d69627819435825fc421e53c6
5cc82b6dc651cd71361f7da0d6cc98c685f093aeb9d57ae99069aba15409a024
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899
65f3adc55f0cad4cf80f4ff0c350f538d24700acde3f21e970a1fcc533f104b5
66f66a06a243997049dddb802cb8066b7891379f487a6553836c3e88e218a3d2
6702be9b5abcb7f77401607c67f34715ed9e6fa331e941e27702d0ec121756bf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d58748d0b000de1d216c553178882ab71d53f37f5c57e50e97d72a79924cf34
700f5e71bd5f89095aa8e82934ff98a8e6996df7037bfd0d75d97e1c20a6194a
70f123ae18601c8cf650d2bb037c62f03e1b728d65fe974b8c69293ea5a3915d
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
752451b4f3129531782a28b360e5a8dc6404fd33c490580ac3a24b43ad2bf8fd
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7ecc52ea3ec5df896596575380daad17b5e1d91cd5707c625496bfe485b69acc
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d00f62116fbc5872b6ca0d58ad7ad4b9a1e9ac18309b81cf75ece010fd60a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8717eadc3b97c75e83d74067e6e042bbca4febc6b6dc4e267b536fb76571b2b5
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2afff5109d4c83c954057605a189d8f2092a11a6bb40436b36474289f3df85
8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8
8ee822b62dc3f42b8f8442ef52daca78fab784319a3f7def53f42aa8fed74661
98ad7e002b19264473dc3d4d79fb88278f950c24780982674c0ac1738b8b9614
98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2
99356dc8446fa17f7e3ed97d8bf956429b4f7f1596fae9d6c3c8881aff21aeb9
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9f91c1388dbe365f97266d27ba1552f59cfbd080290b31a58b1e6c615e9fae1c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a2c9f5eec6de7541b3a38a307f21a69bc1a1771dbe6c10876926d6ad7bb39b
a62069a41aab6484d03efbadd64f45a860f0d75849acfd7966a23088aff7382d
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
ad6ed96fa72bd5ee2c468f5c8a4d316d0eb6832beb1d58aefc022a8c83f504bc
ae4a7bb20a9253244cf4ddff2a3ac6aea8ae2bff1c0425f5273d013bb55a7ab5
b0524ecec5dfb97cedea605654472847c9797373b6be1333c5b40336a38f2c42
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16866b87b8808c3b0f8669a7246c1896d65c886a06a8e79a65af86017c33b15
b1ff4acc59cd4a7c0bf006545545fe8dc7c1c7afbece444f0f6cfd0e3819081e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c13d73426844f982024d3b10c28365553a5f6f8591b4f4a1a3a59df48457c8a9
c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0
c76384118c466762e8b12eb3bbdf56dbde1a0dd702cf66629f8a0bcb9a4043fe
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273
ce004d6ba293ddac2a8cfe6c819fc6c222f56c93374fcc8492b68e976018ea2d
d0e2313bdcff05854bc0d822e224ff10edad4859edffdec3db2ca8fe2355908b
d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd
d52a2d5b39da5531dcb949f9f89a55b6b8cb0ffa9220e5d05f02d8af26ecdca2
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dcf1251260e42096bdbbf9fe9d116da6f804e275c20516045fe139fd96dac7ed
dda94645e6dfe6b5abab8d3262d7802f325db5f5eba7cf088f58f365acafaf4e
de2f571aa9db8cc6fd38c5f572c5c6b202f40d2d931faae0f0b617f3520c9c9c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df87aef3314a94ec615fde72011ce11c0d16d24965f9495cd4b393438f1c7871
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf27e380a7074b526132d404b836fe25f51e2346d06c525fd697d85a2b3c88
e67c0ad03dc12ebfe255a3518ddb632cbb1cb73b836fc6374a790ec0909c3dc4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f155b4555f250e1524df719787be037245690fba6218bb64b0e111f7ccab840b
f5e1837dada0ad7bb636eac26701265690c759923bafd7875a00d9406420224a
f6335ae689dcd5b773e218fbd267dedaa77e1866fbf14e64b018453ceab80827
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f943865e49096ad456fe922f798602a74507bedc99751c3ce31f8a9df096d248
fafd3cb36c91982b16dd8849eb6e1f52ae92cceccb7a5307b8944ba92e3b8896
fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada
fea6a995f719305ce605045cc3a57bdd0c7115bcfa66b26f0b63ff28f79f3365

secure.palmbeachgroup.com Open in urlscan Pro 2606:4700::6810:1937 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

177 Requests

89 %HTTPS

37 %IPv6

56 Domains

74 Subdomains

65 IPs

9 Countries

6755 kBTransfer

17681 kBSize

62 Cookies

0 Outgoing links

Page URL History

Redirected requests

177 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.palmbeachgroup.com Open in urlscan Pro
2606:4700::6810:1937 Public Scan

Screenshot
Live screenshot

Full Image

177
Requests

89 %
HTTPS

37 %
IPv6

56
Domains

74
Subdomains

65
IPs

9
Countries

6755 kB
Transfer

17681 kB
Size

62
Cookies

177 HTTP transactions
6 data transactions