urlscan.io logo urlscan.io
SecurityTrails logo

auth.palmetto.com Open in urlscan Pro
2606:4700:4400::6812:2510  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sabal.palmetto.com/
Effective URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJ...
Submission: On December 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 2606:4700:4400::6812:2510, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.palmetto.com.
TLS certificate: Issued by E1 on November 4th 2023. Valid for: 3 months.
This is the only time auth.palmetto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 151.101.130.217 54113 (FASTLY)
2 52.20.211.222 14618 (AMAZON-AES)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 18.239.36.55 16509 (AMAZON-02)
1 13.248.151.210 16509 (AMAZON-02)
4 18.239.94.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:214... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.201.112.186 396982 (GOOGLE-CL...)
3 35.186.194.58 15169 (GOOGLE)
31 15
5    2606:4700:4400::ac40:9b63 (United States)

ASN13335 (CLOUDFLARENET, US)
sabal.palmetto.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
4    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    52.20.211.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-211-222.compute-1.amazonaws.com
events.launchdarkly.com
2    2606:4700:4400::6812:2510 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.palmetto.com
2    18.239.36.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-55.ams58.r.cloudfront.net
widget.intercom.io
1    13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
4    18.239.94.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-93.ams1.r.cloudfront.net
js.intercomcdn.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:214f:a800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    2a00:1450:4001:81c::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
Apex Domain
Subdomains		 Transfer
7 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 603
events.launchdarkly.com — Cisco Umbrella Rank: 952
clientstream.launchdarkly.com — Cisco Umbrella Rank: 1009
1 KB
7 palmetto.com
sabal.palmetto.com
auth.palmetto.com
885 KB
5 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2024
rs.fullstory.com — Cisco Umbrella Rank: 2033
75 KB
4 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2136
548 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 357
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 287
78 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6793
41 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1721
api-iam.intercom.io Failed
6 KB
31 8
Domain Requested by
5 sabal.palmetto.com 2 redirects sabal.palmetto.com
4 js.intercomcdn.com widget.intercom.io
4 app.launchdarkly.com sabal.palmetto.com
3 rs.fullstory.com edge.fullstory.com
2 edge.fullstory.com auth.palmetto.com
edge.fullstory.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.auth0.com auth.palmetto.com
2 widget.intercom.io sabal.palmetto.com
auth.palmetto.com
2 auth.palmetto.com 1 redirects sabal.palmetto.com
2 events.launchdarkly.com sabal.palmetto.com
2 maps.googleapis.com sabal.palmetto.com
maps.googleapis.com
1 storage.googleapis.com auth.palmetto.com
1 fonts.googleapis.com auth.palmetto.com
1 clientstream.launchdarkly.com
0 api-iam.intercom.io Failed js.intercomcdn.com
31 15

This site contains links to these domains. Also see Links.

Domain
palmetto.com
Subject Issuer Validity Valid
palmetto.com
Cloudflare Inc ECC CA-3		 2023-11-20 -
2024-02-18		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh
auth.palmetto.com
E1		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-03-24		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2023-11-10 -
2024-02-08		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Frame ID: 5DA88964F4E2E3D91AFC7E24E7C2188E
Requests: 23 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.15ed3982.js
Frame ID: B7457901BFD47490B276730312F3E478
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.15ed3982.js
Frame ID: 71F3BBD00CC1078DA362C7EF789754D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Palmetto Signup and Logincircle

Page URL History Show full URLs

  1. http://sabal.palmetto.com/ HTTP 301
    https://sabal.palmetto.com/ Page URL
  2. https://sabal.palmetto.com/api/auth/login?state=%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com... HTTP 302
    https://auth.palmetto.com/authorize?client_id=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&scope=openid+offline_ac... HTTP 302
    https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

8
Domains

15
Subdomains

15
IPs

2
Countries

1661 kB
Transfer

5220 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sabal.palmetto.com/ HTTP 301
    https://sabal.palmetto.com/ Page URL
  2. https://sabal.palmetto.com/api/auth/login?state=%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D HTTP 302
    https://auth.palmetto.com/authorize?client_id=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&scope=openid+offline_access+profile+email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&state=fKr2xkT1D7uMLhkE%3A%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D&org=undefined HTTP 302
    https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sabal.palmetto.com/ HTTP 301
  • https://sabal.palmetto.com/

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sabal.palmetto.com/
Redirect Chain
  • http://sabal.palmetto.com/
  • https://sabal.palmetto.com/
1 KB
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d668c066c839e5c7355d43ea62cc8868cfbf118d341f378e8c38ec20ce895c5b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8381b0aa9a350472-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 18:25:46 GMT
last-modified
Fri, 15 Dec 2023 14:17:25 GMT
server
cloudflare
vary
Origin
via
1.1 google
x-cloud-trace-context
e23b20febc96a727c5ca016f21b7f675;o=1

Redirect headers

CF-RAY
8381b0aa2fd59a35-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 19 Dec 2023 18:25:46 GMT
Expires
Tue, 19 Dec 2023 19:25:46 GMT
Location
https://sabal.palmetto.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
js
maps.googleapis.com/maps/api/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDDOhQDz1ta8YbCIsqJEmDY-xRH-0zQ1Ks&libraries=places&callback=googleMapApi
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
86c7fd9c061a9a605a8b5f45a52929411875c65689506c12380344e07f061736
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sabal.palmetto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66715
x-xss-protection
0
main.c4932fb1.js
sabal.palmetto.com/static/js/ 		2 MB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sabal.palmetto.com/static/js/main.c4932fb1.js
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e931250111f1d73eb48bfb4bb9d4c7e39de36fe64ce50b5acf1f870b7fe966ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sabal.palmetto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 22:24:32 GMT
server
cloudflare
etag
W/"181570-18c65481500"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
b88b94b4f42a5d74287b74f577d8a8d6
cache-control
public, max-age=0
cf-ray
8381b0abbc280472-FRA
main.d7f52b42.css
sabal.palmetto.com/static/css/ 		1 MB
458 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sabal.palmetto.com/static/css/main.d7f52b42.css
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4280d307e2056913b85f57b79a88bce90570828a4267bc1c633a29b2327622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sabal.palmetto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 13 Dec 2023 22:24:32 GMT
server
cloudflare
etag
W/"113e5a-18c65481500"
vary
Origin, Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
30348c9582515873903050d6de270d25
cache-control
public, max-age=0
cf-ray
8381b0abbc230472-FRA
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDDOhQDz1ta8YbCIsqJEmDY-xRH-0zQ1Ks&libraries=places&callback=googleMapApi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sabal.palmetto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sabal.palmetto.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
64df75d9cb761613f51a24e6
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/64df75d9cb761613f51a24e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://sabal.palmetto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 19 Dec 2023 18:25:47 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230077-FRA
x-timer
S1703010347.339316,VS0,VE95
64df75d9cb761613f51a24e6
app.launchdarkly.com/sdk/goals/ 		2 B
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/64df75d9cb761613f51a24e6
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.c4932fb1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sabal.palmetto.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Tue, 19 Dec 2023 18:25:47 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-eddf8230077-FRA
x-timer
S1703010347.440938,VS0,VE96
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/ 		1 KB
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.c4932fb1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8e47756e313a6cda54ded46e87fa314df5eb5d39b87666a0631fafc066820ebf

Request headers

Referer
https://sabal.palmetto.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:47 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
268
x-served-by
cache-fra-etou8220097-FRA, cache-fra-eddf8230077-FRA
x-timer
S1703010347.438138,VS0,VE502
etag
"68dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://sabal.palmetto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Tue, 19 Dec 2023 18:25:47 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230077-FRA
x-timer
S1703010347.339305,VS0,VE92
64df75d9cb761613f51a24e6
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/64df75d9cb761613f51a24e6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.20.211.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-211-222.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://sabal.palmetto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Tue, 19 Dec 2023 18:25:47 GMT
strict-transport-security
max-age=31536000
64df75d9cb761613f51a24e6
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/64df75d9cb761613f51a24e6
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.c4932fb1.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.20.211.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-211-222.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sabal.palmetto.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Dec 2023 18:25:47 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
Primary Request login
auth.palmetto.com/
Redirect Chain
  • https://sabal.palmetto.com/api/auth/login?state=%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D
  • https://auth.palmetto.com/authorize?client_id=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&scope=openid+offline_access+profile+email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Faut...
  • https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXY...
30 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.c4932fb1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1f3bfa16027fce73b3fa7d438c15f7d4812af7e626f42f388aa175140e8d9f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sabal.palmetto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8381b0b5fdc603a0-FRA
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 18:25:48 GMT
etag
W/"760b-5TmPLPA8SydouUsrdTQtvp7vK5o"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
5d16ff7a119618f4f463
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1703010349
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8381b0b44ac403a0-FRA
content-length
1160
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 18:25:48 GMT
location
/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
f5e063e9c6a7b4997c07
x-content-type-options
nosniff
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1703010349
z8xpsn9v
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/z8xpsn9v
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.c4932fb1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-55.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sabal.palmetto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8QbhxNym_HSQGLjeFgnvfwux6Ddue2ZU
content-encoding
gzip
via
1.1 809aab597f9b26cadc42a1c11dd373d8.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 18:19:18 GMT
x-amz-cf-pop
AMS58-P2
age
390
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2704
last-modified
Tue, 19 Dec 2023 15:22:14 GMT
server
AmazonS3
etag
"bef4d842e238c8abe2a86d60efd517cd"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
-XqqGfu8NMp_rBJFS8oo2cxzqhNZIT_WujoDyICxJ_DA2LsU9vVpdQ==
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
clientstream.launchdarkly.com/eval/64df75d9cb761613f51a24e6/ 		1 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/64df75d9cb761613f51a24e6/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://sabal.palmetto.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:48 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
1082
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
frame-modern.15ed3982.js
js.intercomcdn.com/ Frame B745 		515 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.15ed3982.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/z8xpsn9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-93.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IXe3GoApOX1d15904RThX25AUQN0f9ix
content-encoding
gzip
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 17:22:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
3810
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145468
last-modified
Tue, 19 Dec 2023 15:20:11 GMT
server
AmazonS3
etag
"ae82f614290cc0b3efcf01fb40bb16f5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
OmkH8GF4wbH2JuU9terbOk80a34NZw2n7U00XYslaQks9pL9bHwV3g==
vendor-modern.fd24ef3b.js
js.intercomcdn.com/ Frame B745 		426 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.fd24ef3b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/z8xpsn9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-93.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MUOzDacNeuojZMfAw7kFCyUM6KNkma7X
content-encoding
gzip
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 17:47:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
2305
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133796
last-modified
Mon, 18 Dec 2023 17:06:05 GMT
server
AmazonS3
etag
"274f07603cdf2b0e0ecdf767a2e42fa9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
EeFrvGoJESWPAROu40oYHIm-phyJ-edXhwfMhNPgrZZZP6d5NAllpA==
ping
api-iam.intercom.io/messenger/web/ Frame B745 		0
0
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 18:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 18:13:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 18:25:48 GMT
auth0.min.js
cdn.auth0.com/js/auth0/9.13/ 		145 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.13/auth0.min.js
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a4107b8670efd983dc8d4c711ad6be5d1f5d9c479052c0224cc9117e88ee950
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
K1k7NsVIEboEoMirLv2.Nv0m7vC62vbW
content-encoding
gzip
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 16:56:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
5339
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 03 Jul 2020 15:28:37 GMT
server
AmazonS3
etag
W/"610f97a8dea9468b009a25d8e887d410"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
x-robots-tag
noindex
x-amz-cf-id
xnu5Bh6rceWFtSY0sGxPH5vWjrtD1XhS7q1ALiPRzRKzy9TuBUXpng==
object-assign.min.js
cdn.auth0.com/js/polyfills/1.0/ 		278 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
date
Tue, 19 Dec 2023 18:17:20 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
556
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
278
last-modified
Thu, 08 Jun 2017 20:30:02 GMT
server
AmazonS3
etag
"4dfaafaab07b1c6c2314bfe79a1baa81"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
ULzHgBO3V2raTjaZabtX-Ol7qAqxc5taF_up4cFoNPkUny1YSWZiSA==
palmetto.png
storage.googleapis.com/alchemy-next-prod/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/alchemy-next-prod/palmetto.png
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
90a9ee7f0d51e8255513cb197516dbb7a569ef51961b863b58b83f170814b314

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:48 GMT
age
0
x-guploader-uploadid
ABPtcPoxFa6F8TkYFuIklGe65LTW_qwbNunEwrOx-PDUiJXrzqUHjjd0e-oIV_s0bvJHvALi5y0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10818
last-modified
Mon, 08 Feb 2021 18:15:05 GMT
server
UploadServer
etag
"4a4964059acfe78872670cd4b338780f"
x-goog-generation
1612808105096626
x-goog-hash
crc32c=Yvlvhw==, md5=SklkBZrP54hyZwzUszh4Dw==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
10818
accept-ranges
bytes
expires
Tue, 19 Dec 2023 19:25:48 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.palmetto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:54:05 GMT
x-content-type-options
nosniff
age
34303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 08:54:05 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://auth.palmetto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:12:00 GMT
x-content-type-options
nosniff
age
90828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:12:00 GMT
fs.js
edge.fullstory.com/s/ 		248 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30

Request headers

Referer
Origin
https://auth.palmetto.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:09:09 GMT
content-encoding
br
age
999
x-guploader-uploadid
ABPtcPp5m4vg9he02GoTGdfXzgsWyexCdTmDp-0Mwvz_iAC6F5dPEWTdYz37IjqXW8kVOVzyhr-GsetBJQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69593
last-modified
Tue, 12 Dec 2023 16:27:20 GMT
server
UploadServer
etag
"20e8f197ce31d0a16939988b0de6f7d0"
vary
Accept-Encoding
x-goog-generation
1702398440850044
x-goog-hash
crc32c=bnuCPg==, md5=IOjxl84x0KFpOZiLDeb30A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
69593
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 19 Dec 2023 19:09:09 GMT
web
edge.fullstory.com/s/settings/P6XKD/v1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/P6XKD/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
654282ba4e4b94d0d018e5c44cc04ebf8fdaf4156f17714d94fa966ac05ff09c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:48 GMT
content-encoding
gzip
age
1
x-guploader-uploadid
ABPtcPrz9qebo0ClzcWVHOS6Q6Q-97zRx0u_rhgf8bZT8hV8N7nZyYSZVMqq_2CJJytZ-DXnCdk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1343
last-modified
Tue, 19 Dec 2023 18:23:23 GMT
server
UploadServer
etag
"952bfe4f8fca21693f9cd357be6f1e5f"
x-goog-generation
1702404803745716
x-goog-hash
crc32c=RTMXyg==, md5=lSv+T4/KIWk/nNNXvm8eXw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1343
accept-ranges
bytes
content-type
application/json
expires
Tue, 19 Dec 2023 18:40:48 GMT
undefined
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/undefined
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SB6dmV6YlJVdV9iMzNqQ01FdDRuNGhGaWZfM0hRTk95SKFupWxvZ2luo3RpZNkgUkdfTDd5cXNSV1NJS3JHclRGOVVXb21fbk16QVFzNGmjY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=viKmSc1NG83IYzg-IZFMCPPOaq6x2tSF_B6EcJrxhmE&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-55.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3f5e4bfb3f576a5a7cfefa8dbc100add2a43fea743aab49c87e43aca4ca3150

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
8QbhxNym_HSQGLjeFgnvfwux6Ddue2ZU
content-encoding
gzip
via
1.1 809aab597f9b26cadc42a1c11dd373d8.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 18:24:19 GMT
x-amz-cf-pop
AMS58-P2
age
106
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2704
last-modified
Tue, 19 Dec 2023 15:22:14 GMT
server
AmazonS3
etag
"bef4d842e238c8abe2a86d60efd517cd"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Sv8FKOlWr0taB_x7P7LGWGMGqRId_KTMJj5GOpDR1jCZNfVk77XbyA==
frame-modern.15ed3982.js
js.intercomcdn.com/ Frame 71F3 		515 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.15ed3982.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-93.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc5fd666dc6411518c78cf426cfe199961caa740b29e76f9a4ae87fe2150ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
IXe3GoApOX1d15904RThX25AUQN0f9ix
content-encoding
gzip
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 17:22:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
3811
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145468
last-modified
Tue, 19 Dec 2023 15:20:11 GMT
server
AmazonS3
etag
"ae82f614290cc0b3efcf01fb40bb16f5"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
pEAt7AC8BJagNlaDiuuZ2kZoFQ7eyjbzpRqmWp62YVjxiPKn9evutw==
vendor-modern.fd24ef3b.js
js.intercomcdn.com/ Frame 71F3 		426 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.fd24ef3b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-93.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8339c637a3a2eabf451ab99b744c3474a0005d8fea01ee1d3bb45e7944bd41a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MUOzDacNeuojZMfAw7kFCyUM6KNkma7X
content-encoding
gzip
via
1.1 1cd1c24523b61d46b093d317bb196d92.cloudfront.net (CloudFront)
date
Tue, 19 Dec 2023 17:47:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
2306
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133796
last-modified
Mon, 18 Dec 2023 17:06:05 GMT
server
AmazonS3
etag
"274f07603cdf2b0e0ecdf767a2e42fa9"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
fJcAZUVopuVwj4gaf4Eornq6FT0V-1BRx7pGeIm5CH705Big7MickQ==
page
rs.fullstory.com/rec/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1cc5516c54ccc2eb3d4ea4e9f782e388e373aa11b42c8e1edc3b7dbbe603a8a3

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 18:25:49 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.palmetto.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1539
integrations
rs.fullstory.com/rec/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=P6XKD
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:25:49 GMT
via
1.1 google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=P6XKD&UserId=bde00c17-ac8f-4a0e-8edf-da38480bc62f&SessionId=6f376aa8-0ffc-49d5-a4b3-1f9a0b1b38b4&PageId=511ae374-24f1-4129-8b3d-e8e5e94a0e3b&Seq=1&PageStart=1703010349241&PrevBundleTime=0&LastActivity=859&IsNewSession=true
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5ad8017d5be80c112ab8fe71770285eaabc6815c901aed1c5275368eee558d09

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://auth.palmetto.com
date
Tue, 19 Dec 2023 18:25:50 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| auth0 function| setupAuth0 function| Intercom boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown function| __intercomAssignLocation function| __intercomReloadLocation string| _fs_rec_settings_host

10 Cookies

Domain/Path Name / Value
auth.palmetto.com/usernamepassword/login Name: _csrf
Value: dh7oi7n5N1n7LtKdJTQQ0ru9
sabal.palmetto.com/ Name: codeVerifier
Value: 45ad0f6187c134582324992b99596802c1a3a177e886d966789eb939
sabal.palmetto.com/ Name: state
Value: fKr2xkT1D7uMLhkE%3A%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D
sabal.palmetto.com/ Name: redirect_url
Value: https%3A%2F%2Fsabal.palmetto.com
auth.palmetto.com/ Name: did
Value: s%3Av0%3A08273ca0-9e9c-11ee-9576-df961c6780bd.snlLdrZN2uAmeRsK9MFsxaRk5Fj4zVF7DTpeZTiDrb4
auth.palmetto.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOl0_jFfWaoAsl2jjnU3gbfCSpIAeSIOYNc0azyd9_cGgJBY2-XQe1uJ44-TYU6nU_bjs_C_XBuX9BRXnlyqDmSmY29va2llg6dleHBpcmVz1_9h_XMAZYXUrK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.2JGDaUSQzD6rbS1qrngaaGUmdii%2F0MmiXrLF8HPc0dg
auth.palmetto.com/ Name: did_compat
Value: s%3Av0%3A08273ca0-9e9c-11ee-9576-df961c6780bd.snlLdrZN2uAmeRsK9MFsxaRk5Fj4zVF7DTpeZTiDrb4
auth.palmetto.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOl0_jFfWaoAsl2jjnU3gbfCSpIAeSIOYNc0azyd9_cGgJBY2-XQe1uJ44-TYU6nU_bjs_C_XBuX9BRXnlyqDmSmY29va2llg6dleHBpcmVz1_9h_XMAZYXUrK5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.2JGDaUSQzD6rbS1qrngaaGUmdii%2F0MmiXrLF8HPc0dg
.palmetto.com/ Name: fs_lua
Value: 1.1703010349240
.palmetto.com/ Name: fs_uid
Value: #P6XKD#bde00c17-ac8f-4a0e-8edf-da38480bc62f:6f376aa8-0ffc-49d5-a4b3-1f9a0b1b38b4:1703010349240::1#/1734546348

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
app.launchdarkly.com
auth.palmetto.com
cdn.auth0.com
clientstream.launchdarkly.com
edge.fullstory.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
maps.googleapis.com
rs.fullstory.com
sabal.palmetto.com
storage.googleapis.com
widget.intercom.io
api-iam.intercom.io
13.248.151.210
151.101.130.217
18.239.36.55
18.239.94.93
2600:9000:214f:a800:10:474e:104a:2961
2606:4700:4400::6812:2510
2606:4700:4400::ac40:9b63
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::201b
35.186.194.58
35.201.112.186
52.20.211.222
1cc5516c54ccc2eb3d4ea4e9f782e388e373aa11b42c8e1edc3b7dbbe603a8a3
1e4280d307e2056913b85f57b79a88bce90570828a4267bc1c633a29b2327622
2dc5fd666dc6411518c78cf426cfe199961caa740b29e76f9a4ae87fe2150ffe
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5ad8017d5be80c112ab8fe71770285eaabc6815c901aed1c5275368eee558d09
654282ba4e4b94d0d018e5c44cc04ebf8fdaf4156f17714d94fa966ac05ff09c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8339c637a3a2eabf451ab99b744c3474a0005d8fea01ee1d3bb45e7944bd41a1
86c7fd9c061a9a605a8b5f45a52929411875c65689506c12380344e07f061736
8a4107b8670efd983dc8d4c711ad6be5d1f5d9c479052c0224cc9117e88ee950
8e47756e313a6cda54ded46e87fa314df5eb5d39b87666a0631fafc066820ebf
90a9ee7f0d51e8255513cb197516dbb7a569ef51961b863b58b83f170814b314
a1f3bfa16027fce73b3fa7d438c15f7d4812af7e626f42f388aa175140e8d9f3
c3f5e4bfb3f576a5a7cfefa8dbc100add2a43fea743aab49c87e43aca4ca3150
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cd138cb8d1483ae8b41c3516e2001b12ac70368c411c9a6a5727d42f7162ab30
d668c066c839e5c7355d43ea62cc8868cfbf118d341f378e8c38ec20ce895c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e931250111f1d73eb48bfb4bb9d4c7e39de36fe64ce50b5acf1f870b7fe966ae
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138