secure.palmbeachgroup.com Open in urlscan Pro
2606:4700::6810:1937 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.brownstoneresearch.com/?qs=ef388379b4d7edf9ebe5a342b1a88dac74bf3f2b546c7741936502d0ea22edaeabaacbe56bf9303e407f0df2dbaa...
Effective URL:
https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@groupo...
Submission: On August 23 via manual (August 23rd 2022, 12:52:24 pm UTC) from IL — Scanned from DE

Summary HTTP 164 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 42 domains to perform 164 HTTP transactions. The main IP is 2606:4700::6810:1937, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.palmbeachgroup.com. The Cisco Umbrella rank of the primary domain is 865935.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2022. Valid for: a year.

This is the only time secure.palmbeachgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.151.172 13.111.151.172	22606 (EXACT-7) (EXACT-7)
21	2606:4700::68... 2606:4700::6810:1937	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.237.220 104.111.237.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
9	2600:1f18:24e... 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6810:f51b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
10	2600:9000:225... 2600:9000:225e:f800:f:75e2:4ac0:21	16509 (AMAZON-02) (AMAZON-02)
1	52.216.33.48 52.216.33.48	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.108 52.222.236.108	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
9	54.148.115.137 54.148.115.137	16509 (AMAZON-02) (AMAZON-02)
1	104.18.7.244 104.18.7.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:316	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.242.16 178.79.242.16	22822 (LLNW) (LLNW)
1	70.42.32.223 70.42.32.223	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	52.2.147.16 52.2.147.16	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	23.35.237.37 23.35.237.37	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
2 4	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	209.59.154.196 209.59.154.196	32244 (LIQUIDWEB) (LIQUIDWEB)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	3.251.27.103 3.251.27.103	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.17.214.109 52.17.214.109	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	151.101.194.27 151.101.194.27	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
5	35.244.232.184 35.244.232.184	15169 (GOOGLE) (GOOGLE)
1	13.32.99.38 13.32.99.38	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:1496	() ()
164	48

1 13.111.151.172 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.e.brownstoneresearch.com

click.e.brownstoneresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6810:1937 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.palmbeachgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.220 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-237-220.deploy.static.akamaitechnologies.com

static.zuora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f51b (United States)

ASN13335 (CLOUDFLARENET, US)

marketingassets.cloudsna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:225e:f800:f:75e2:4ac0:21 (United States)

ASN16509 (AMAZON-02, US)

d3bjnmbj12697.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.33.48 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-108.fra56.r.cloudfront.net

gsdpeazjjf.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.148.115.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-137.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:316 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.16 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-16.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.223 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.147.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-147-16.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-37.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.149 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.59.154.196 (United States)

ASN32244 (LIQUIDWEB, US)

js.trackinggrid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.251.27.103 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-27-103.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.214.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-214-109.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
manifest.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

vjs.zencdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.232.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.232.244.35.bc.googleusercontent.com

metrics.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-38.fra60.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:1496 (None, )

ASN- ()

bcbolt446c5271-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	palmbeachgroup.com secure.palmbeachgroup.com — Cisco Umbrella Rank: 865935	409 KB
10	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	11 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	549 KB
10	cloudfront.net d3bjnmbj12697.cloudfront.net	475 KB
9	google.de www.google.de — Cisco Umbrella Rank: 6076	1013 B
9	google.com www.google.com — Cisco Umbrella Rank: 9	1013 B
9	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 9290	32 KB
9	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 3481
7	boltdns.net manifest.prod.boltdns.net — Cisco Umbrella Rank: 4657 Failed cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 4672	588 KB
7	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 4990 metrics.brightcove.com — Cisco Umbrella Rank: 4009	7 KB
7	lytics.io c.lytics.io — Cisco Umbrella Rank: 5202	115 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	40 KB
4	sitescout.com 2 redirects pixel.sitescout.com — Cisco Umbrella Rank: 3370	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 346	12 KB
3	quora.com a.quora.com — Cisco Umbrella Rank: 7143 q.quora.com — Cisco Umbrella Rank: 2797	15 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	105 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	105 KB
2	akamaihd.net bcbolt446c5271-a.akamaihd.net	4 MB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 464	617 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	31 KB
2	gstatic.com fonts.gstatic.com	41 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 391	7 KB
2	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 9376 s1.listrakbi.com — Cisco Umbrella Rank: 9661	21 KB
2	amazonaws.com s3.amazonaws.com gsdpeazjjf.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 231397	9 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2338 t.paypal.com — Cisco Umbrella Rank: 3136	6 KB
1	zencdn.net vjs.zencdn.net — Cisco Umbrella Rank: 5169	7 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 310	98 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 728	266 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1030	172 B
1	trackinggrid.com js.trackinggrid.com — Cisco Umbrella Rank: 600266	902 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 707	376 B
1	brightcove.net players.brightcove.net — Cisco Umbrella Rank: 3748	185 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1067	633 B
1	outbrain.com amplifypixel.outbrain.com — Cisco Umbrella Rank: 11056	256 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9413	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
1	cloudsna.com marketingassets.cloudsna.com — Cisco Umbrella Rank: 126799	1 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3388	18 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2094	235 KB
1	zuora.com static.zuora.com — Cisco Umbrella Rank: 50178	7 KB
1	brownstoneresearch.com 1 redirects click.e.brownstoneresearch.com — Cisco Umbrella Rank: 362414	421 B
164	42

	Domain	Requested by
21	secure.palmbeachgroup.com	secure.palmbeachgroup.com www.googletagmanager.com
10	www.googletagmanager.com	secure.palmbeachgroup.com www.googletagmanager.com js.trackinggrid.com
10	d3bjnmbj12697.cloudfront.net	secure.palmbeachgroup.com s3.amazonaws.com
9	www.google.de
9	www.google.com
9	ssl.kaptcha.com	secure.palmbeachgroup.com ssl.kaptcha.com
9	rum.browser-intake-datadoghq.com	secure.palmbeachgroup.com
8	googleads.g.doubleclick.net	www.googleadservices.com
7	c.lytics.io	secure.palmbeachgroup.com c.lytics.io
6	manifest.prod.boltdns.net	secure.palmbeachgroup.com
6	www.google-analytics.com	www.googletagmanager.com secure.palmbeachgroup.com
5	metrics.brightcove.com	players.brightcove.net
4	pixel.sitescout.com	2 redirects secure.palmbeachgroup.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	cdnjs.cloudflare.com	secure.palmbeachgroup.com cdnjs.cloudflare.com
3	code.jquery.com	secure.palmbeachgroup.com
2	bcbolt446c5271-a.akamaihd.net	secure.palmbeachgroup.com
2	edge.api.brightcove.com	secure.palmbeachgroup.com
2	pixel.tapad.com	1 redirects
2	dpm.demdex.net	1 redirects
2	www.googleadservices.com	www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	stats.g.doubleclick.net	secure.palmbeachgroup.com
2	q.quora.com
2	s.yimg.com	secure.palmbeachgroup.com
1	cf-images.us-east-1.prod.boltdns.net
1	vjs.zencdn.net	players.brightcove.net
1	idsync.rlcdn.com
1	sync.crwdcntrl.net
1	sync.teads.tv
1	js.trackinggrid.com	secure.palmbeachgroup.com
1	trc.taboola.com
1	players.brightcove.net	secure.palmbeachgroup.com
1	sp.analytics.yahoo.com
1	amplifypixel.outbrain.com
1	up.pixel.ad	www.googletagmanager.com
1	a.quora.com	secure.palmbeachgroup.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	cdn.listrakbi.com	secure.palmbeachgroup.com
1	gsdpeazjjf.execute-api.us-east-1.amazonaws.com	secure.palmbeachgroup.com
1	s3.amazonaws.com	secure.palmbeachgroup.com
1	fonts.googleapis.com	secure.palmbeachgroup.com
1	marketingassets.cloudsna.com	secure.palmbeachgroup.com
1	t.paypal.com	secure.palmbeachgroup.com
1	www.paypal.com	www.paypalobjects.com
1	cdn.mxpnl.com	secure.palmbeachgroup.com
1	www.paypalobjects.com	secure.palmbeachgroup.com
1	static.zuora.com	secure.palmbeachgroup.com
1	click.e.brownstoneresearch.com	1 redirects
164	49

This site contains links to these domains. Also see Links.

Domain
www.palmbeachgroup.com
beaconstreet-privacy.my.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-17` - `2023-06-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.zuora.com Sectigo RSA Organization Validation Secure Server CA	`2022-05-10` - `2023-05-10`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-25` - `2023-04-25`	a year	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-09-23` - `2022-10-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2022-07-28` - `2023-07-27`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-07-25` - `2022-09-14`	2 months	crt.sh
quora.com R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.quora.com R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
players.brightcove.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-07-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
js.trackinggrid.com cPanel, Inc. Certification Authority	`2022-08-22` - `2022-11-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
vjs.zencdn.net GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-11-26` - `2022-12-28`	a year	crt.sh
metrics.brightcove.com GTS CA 1D4	`2022-08-11` - `2022-11-09`	3 months	crt.sh
*.prod.boltdns.net Amazon	`2021-11-18` - `2022-12-17`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Frame ID: 1AE1CB37DFF4C228BE9B6F8B6696AA05
Requests: 157 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Frame ID: ADFA06AAB23D65CD5CF6296724E3F9BD
Requests: 6 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Frame ID: 94CD8626DE33B0F48087D32D20CA0423
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Palm Beach Research Group

Page URL History Show full URLs

https://click.e.brownstoneresearch.com/?qs=ef388379b4d7edf9ebe5a342b1a88dac74bf3f2b546c7741936502d0ea22edaeabaacbe5... HTTP 302
https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

164
Requests

95 %
HTTPS

44 %
IPv6

42
Domains

49
Subdomains

48
IPs

7
Countries

6818 kB
Transfer

12470 kB
Size

36
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.palmbeachgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.palmbeachgroup.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.palmbeachgroup.com/privacy-policy/?choice=adchoice
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://beaconstreet-privacy.my.onetrust.com/webform/c246f198-7123-4766-b29c-917342eff0f7/c41a21a1-775d-4893-91aa-75538cae14b8
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.brownstoneresearch.com/?qs=ef388379b4d7edf9ebe5a342b1a88dac74bf3f2b546c7741936502d0ea22edaeabaacbe56bf9303e407f0df2dbaac8e1a9caacd263e977b2a9691704dd64e32e HTTP 302
https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 77

https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID HTTP 302
https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID

Request Chain 93

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=

Request Chain 94

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858

164 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.palmbeachgroup.com/
Redirect Chain

https://click.e.brownstoneresearch.com/?qs=ef388379b4d7edf9ebe5a342b1a88dac74bf3f2b546c7741936502d0ea22edaeabaacbe56bf9303e407f0df2dbaac8e1a9caacd263e977b2a9691704dd64e32e
https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPT...

2 KB
1 KB

543ms
513ms

Document
text/html

2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7541c599d2a1861ef29b8dc828f6affd2d0c4f3ca4458ddbab989b460769b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 73f3fc0f3e4f9066-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 23 Aug 2022 12:52:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
via: 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront)
x-amz-cf-id: Nz72xQi-bOnI8mnkQspV826oeJMq1Am4A9DVes2mJXPwPJP-jpy_8g==
x-amz-cf-pop: DUS51-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
x-amz-version-id: null
x-cache: Miss from cloudfront

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 395
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Aug 2022 12:52:18 GMT
Location: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 102ms
70ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1661259139.dop101.fr8.t,1661259139.cds156.fr8.hn,1661259139.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jsencrypt.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/ 55 KB
16 KB 32ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jsencrypt/2.3.1/jsencrypt.min.js

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1099837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15539
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-db4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fTWlFTkJOWZG8qkvIhGIgTTMEMUBp17NnKAkHjr3qnF82%2FVEu%2Fy7mU%2FzF7j6rX7AxL30li2YiUuEYjXffP5hYW4vWykiZLPPzt%2Fiet4G6S6rc0S2SnbupXcHu61gOzlqU56CcfgpZMDgOW5Hh3CveDl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f3fc13fb959bf2-FRA
expires: Sun, 13 Aug 2023 12:52:19 GMT

GET
H/1.1 200
OK zuora-min.js Show response
static.zuora.com/Resources/libs/hosted/1.3.1/ 18 KB
7 KB 61ms
14ms Script
application/javascript 104.111.237.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.zuora.com/Resources/libs/hosted/1.3.1/zuora-min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.237.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-237-220.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 07:47:44 GMT
Server: nginx
ETag: "62f0bfa0-4724"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6646

GET
H2 200 postToIframe.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 2 KB
1003 B 429ms
425ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/postToIframe.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 11:17:23 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: 79625789-8903-4e91-9abf-437e6ad6f57c
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XUGSiG0NoAMFohQ=
content-length: 607
last-modified: Sat, 22 Sep 2018 10:04:10 GMT
server: cloudflare
etag: W/"3934dce8d049fb2790a29e7de331d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: jcZd1q0X4PG.0tDIV.AM4TZ5jHnAmWBj
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 e8640ab30463560abfb6a2665bafb392.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec2b9066-FRA
x-amz-cf-id: V5Hhy8OOEu0FNKf_YiQbq7HUmzAntCBHECyAuwacXvHTCDMbC54VyA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 encryption_util.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 6 KB
2 KB 437ms
434ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/encryption_util.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:34:29 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: f8cd14ea-c793-4e9e-b492-5280d2624045
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XURlZFfYoAMFrRg=
content-length: 1539
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"a4562de2bcce9e6631abf61e5a04728b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: .RXPgt8IOHDC5kcSlGGlyGGq.lruUQic
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 e8640ab30463560abfb6a2665bafb392.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec2d9066-FRA
x-amz-cf-id: mtWJlkT_IelGC8Ku7UY3F48_zVjerixHLw05omBTL9IE6m9AiNMc_Q==
x-amzn-remapped-connection: keep-alive

GET
H2 200 HPM2Security-min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 44 KB
14 KB 427ms
424ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/HPM2Security-min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:34:29 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: f78aa5b3-8dee-4377-bbb4-9cac126e14a6
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XURlXHTjoAMFwTw=
content-length: 13495
last-modified: Thu, 20 Sep 2018 10:42:47 GMT
server: cloudflare
etag: W/"5c56f33a7d1fcd065fa2bd0fa7758d42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: F1zb.i6q7MEDZAdQsvHFruscv_FKHXVQ
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec2f9066-FRA
x-amz-cf-id: e00Ft1Epi8SqVcCX0YOZmxEStMpLGGgvh1QjVKg1KGxN5SXh2EeGtA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery.payment.min.js Show response
secure.palmbeachgroup.com/store/PROD/plugins/jquery-payment/ 8 KB
3 KB 427ms
425ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/plugins/jquery-payment/jquery.payment.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:34:29 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: b68f9ada-bce2-49cc-ade4-bd4e776a9c14
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XURlXFlLIAMFvxg=
content-length: 2713
last-modified: Wed, 21 Aug 2019 20:18:01 GMT
server: cloudflare
etag: W/"2ccb4360a6b212383716224d0b56bd21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: uVxF0OX6Rj_lsOZHo0OKGG0I2eVEXwcB
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 a608f2055229f2ea193f6b8f15267a70.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec309066-FRA
x-amz-cf-id: 0wjiLvsj5gVve0waMDLUgVpit6hpEkME_lx82qxN_WshBlKbkGdYhw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.13.1/themes/base/ 35 KB
8 KB 100ms
69ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.1/themes/base/jquery-ui.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
server: nginx
etag: W/"620cd700-8d03"
vary: Accept-Encoding
x-hw: 1661259139.dop101.fr8.t,1661259139.cds156.fr8.hn,1661259139.cds141.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8356

GET
H2 200 store.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/revampstore/ 121 KB
17 KB 414ms
411ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/revampstore/store.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: add2ae6e587488a3ee7c774b8e6f9e8bff4b92789c8d8fda0f362293ad990a09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:34:29 GMT
x-amz-cf-pop: FRA2-C1, DUS51-C1
x-amzn-requestid: c626812c-097e-466e-9694-866453f2929d
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XURlZFVeIAMF2KQ=
content-length: 17270
last-modified: Tue, 28 Jun 2022 17:20:05 GMT
server: cloudflare
etag: W/"de144bfd85261d853fc7b20105b482e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: Bu.Hj2c4C4X5HRpsJSHZAoQ3FylbzZBo
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront), 1.1 414a05dee9c365a2a2079013f9d53670.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec319066-FRA
x-amz-cf-id: LKiRvvu4LuF7AsgpZG0SdaKloG9t5PPIDbBdiHazeOPPn0Uw96ZJAA==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mygtm.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 474 B
683 B 437ms
435ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/mygtm.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:34:29 GMT
x-amz-cf-pop: FRA53-C1, DUS51-C1
x-amzn-requestid: ceb0ad50-d292-4f7e-9e8f-1b04e1f590bb
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XURlXEyKoAMFbqA=
content-length: 338
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"f01dbb5bc4745bf1f386572cdf22c8c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: 4.dw3bbUWT3wk0yaqGtXbpSm9ui25xti
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront), 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec329066-FRA
x-amz-cf-id: IXNVobxWhwRPN6zHR9JdFiraL1gOtYkbc1P7ptGSu9OMAHTswkVXGg==
x-amzn-remapped-connection: keep-alive

GET
H2 200 listrak.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 1 KB
1 KB 240ms
238ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/listrak.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:34:29 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: 1e211e0e-69f7-419a-a5da-d361adef1354
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XURlZEhioAMFWPA=
content-length: 506
last-modified: Thu, 28 Jun 2018 20:46:57 GMT
server: cloudflare
etag: W/"cd9f94dd71125cb7fda1e1088aa19ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: W46Q95OyRSSEl7u8xZsbwfK4bzk35Yt_
via: 1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront), 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec349066-FRA
x-amz-cf-id: e1X2oZv97nwqVk8VgO2fH65GO6rhjj8UQc-sHtCwehutGSd9HKVbCw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 mymixpanel.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 2 KB
1 KB 470ms
468ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/mymixpanel.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:27:39 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: 206b87f6-ae9f-4ee5-8a9e-cf363ac2bcf6
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XUQlPFRdoAMFvRA=
content-length: 778
last-modified: Thu, 19 Nov 2020 00:44:24 GMT
server: cloudflare
etag: W/"52928b3325fc59cf3a4b91c0e7b59c52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: kgR13lhzSsVCRIE0MlY3UBQ0EPNv4JeB
via: 1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc13ec359066-FRA
x-amz-cf-id: SMqCyhNWhMx0JaXSaI8RWG9xboyZMd4eXJuA6kvr-6CFZEYFgwx4OQ==
x-amzn-remapped-connection: keep-alive

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.13.1/ 249 KB
66 KB 108ms
78ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.13.1/jquery-ui.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 14:12:59 GMT
server: nginx
etag: W/"61e96deb-3e46a"
vary: Accept-Encoding
x-hw: 1661259139.dop101.fr8.t,1661259139.cds156.fr8.hn,1661259139.cds146.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67637

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
235 KB 246ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frd/E2D9) /

Resource Hash

507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: cce7ed295e7f4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
content-length: 239948
last-modified: Mon, 25 Apr 2022 17:04:48 GMT
server: ECAcc (frd/E2D9)
etag: "6266d4b0-16d23e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 24 Aug 2022 12:52:19 GMT

GET
H2 200 runtime-es2015.js Show response
secure.palmbeachgroup.com/ 1 KB
1 KB 507ms
506ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/runtime-es2015.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 852efa9c5c678757dbd43e9dd9db2d0716656995bd8db701c15248634b2eca47

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: DUS51-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
etag: W/"193974daff264d8d7d9a789f91c41d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 73f3fc13ec369066-FRA
x-amz-cf-id: XUBPi098aG_sI27e2DK1czO9Tb2PGZwD5YZpn0NTOdRFOLchgB5Vtw==

GET
H2 200 polyfills-es2015.js Show response
secure.palmbeachgroup.com/ 772 KB
211 KB 721ms
720ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfebf58d935986f47bb3dcfd71241ec01472a5995c37c58ae0094238461f3327

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
via: 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: DUS51-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
etag: W/"d5682aa68c78318fb29bc868b563803d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 73f3fc13ec379066-FRA
x-amz-cf-id: xEpCszcRGpuSe1SeJsE26z6aAvlFPgHdf7ohm_kO4jTzktxjk8Br-A==

GET
H2 200 main-es2015.js Show response
secure.palmbeachgroup.com/ 495 KB
142 KB 711ms
710ms Script
application/x-javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/main-es2015.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a761974ea449b3fa737f6ad2bee59176aefc3572a6a79984f830bbaeafa6ebaa

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:19 GMT
via: 1.1 3e9b9356decf1aa720af0bc92acc0586.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: DUS51-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:52 GMT
server: cloudflare
etag: W/"0b510fcaf411469e8287be40c7a65565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript
cf-ray: 73f3fc13fc409066-FRA
x-amz-cf-id: WvQWN5slIwdqes4UdylbB6waZajRCOX8zaaUhYRgffKlHCcrE2aZ9w==

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 29ms
8ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/mymixpanel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:42:24 GMT
content-encoding: gzip
age: 595
x-guploader-uploadid: ADPycduqYVuExxb7alh-tJe8CjLhuYlQFoM_F6dUGf9GTJEJZ_ysqvfF-FOAEaQGvpxbEeppnOI54OOkc6uByghvS6Wlb7C_NnaM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Aug 2022 12:52:24 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 233ms
200ms Script
application/x-javascript 151.101.1.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=secure.palmbeachgroup.com&source=checkoutjs&t=xo&v=4.0.336

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-zwIEluxJhqW9kUm14/6SJXw9nWaZ+WKzXZgIYqEaURAzumQp' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-zwIEluxJhqW9kUm14/6SJXw9nWaZ+WKzXZgIYqEaURAzumQp' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: HIT
paypal-debug-id: f151312dae597
server-timing: "traceparent;desc="00-0000000000000000000f151312dae597-d53ac073d2241411-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4051-HHN
traceparent: 00-0000000000000000000f151312dae597-eb23d7c9c4960967-01
x-timer: S1661259140.762095,VS0,VE193
x-frame-options: SAMEORIGIN
date: Tue, 23 Aug 2022 12:52:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 styles.css
secure.palmbeachgroup.com/ 55 B
228 B 499ms
498ms Stylesheet
text/css 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/styles.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c506082fa68431a459024b440e5e418c769f3e2803cbb9cdb296ae7b6cae2d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:20 GMT
via: 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: DUS51-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:742663695247:build/BSS-DevOps-Codebuild-Custom-v1-static-builder:483c06dd-e5c7-4fef-a74c-4df95ded73c0
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-sha256: 3529f5dfca368fc1d7588f1065457d19603660e2f2adc4392468ce839d52b510
content-encoding: gzip
x-amz-meta-codebuild-content-md5: edb4b9b521ce135381349fe0d6b53ef9
x-amz-version-id: null
last-modified: Mon, 01 Aug 2022 16:16:53 GMT
server: cloudflare
etag: W/"2f35a3d2f42282a4b66d4237a5ea0a2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
cf-ray: 73f3fc1749699066-FRA
x-amz-cf-id: 0Dt6tr7vlQSL-KCD-61JmD4FTnphI19CJwhydAxC8ukPf1o2m8jlFQ==

GET
H2 200 ts
t.paypal.com/ 42 B
805 B 207ms
171ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1661259139962&g=0&completeurl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2BDTL%2F%2Bte0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:20 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 391dca2e67ae0
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4031-HHN
pragma: no-cache
traceparent: 00-0000000000000000000391dca2e67ae0-fb6baabe0943409d-01
x-timer: S1661259140.001358,VS0,VE164
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:52:20 GMT

GET
H2 200 getSiteDetails Show response
secure.palmbeachgroup.com/site/api/v1/ 116 KB
7 KB 1454ms
1454ms XHR
text/plain 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/site/api/v1/getSiteDetails?cid=MKT622338&eid=MKT633431&chainId=&plcid=PLC139720&preview=false&baseUrl=secure.palmbeachgroup.com
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7020d66b4092308022cb260d9c84c286501e3b3bb3dfe1bcac40b95ff7e45b8f

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:21 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 118346
x-amzn-remapped-date: Tue, 23 Aug 2022 12:52:21 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: d3f6bcd8-d166-436c-b23e-aa7da00d6a60
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-apigw-id: XUUMwG9KIAMFhpg=
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=ISO-8859-1
cf-ray: 73f3fc1b0e689066-FRA
x-amz-cf-id: fF9msxJNCwk2Ql8y20HGCVM0efp4QDwKh_ueqYoIMScH7wAt8yr8wA==
x-amzn-remapped-connection: keep-alive

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 415ms
213ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=d95a853f-6049-479a-826a-56dd890157bc&batch_time=1661259140348
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK legacyExternalJs.js Show response
marketingassets.cloudsna.com/prod/javascript/legacy/casey/ 2 KB
1 KB 525ms
238ms Script
application/javascript 2606:4700::6810:f51b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingassets.cloudsna.com/prod/javascript/legacy/casey/legacyExternalJs.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:f51b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:22 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Last-Modified: Tue, 01 Feb 2022 15:26:26 GMT
Server: cloudflare
x-amz-request-id: 0EEHS26CAQ2EKWRN
ETag: W/"af69bb3836d13060de7b6c61e0b79782"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding: chunked
x-amz-version-id: 7E5q.ejfRs58tAIqNZGxszGsyyvAmP02
Content-Type: application/javascript
Connection: keep-alive
CF-RAY: 73f3fc27180b913d-FRA
x-amz-id-2: ERHxjDAG5VoYW/froZwXA3IQxS1mAspTgJPE98r/aRX85MgQM1Ms1nF/3ZtekIuKOF9epq5oMkY=

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 305ms
19ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Be+Vietnam+Pro:ital,wght@0,200;0,400;0,700;0,900;1,200;1,400;1,700;1,900&family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf8c5b70415e0ec8f7a72630426243ddef0caf4479bb4204f86c829d095f8747

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:52:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Aug 2022 12:52:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Aug 2022 12:52:22 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/ 58 KB
11 KB 14ms
13ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9555260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10391
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-e637"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wODeLy%2FCLSJ3bXe5HEIVqka5hCsNiXhYlYvp1w9ute4QFaURSsL4hNOCVn%2BO7NJRISD8VI3DF0Szo044ZmoCKcIIwfWgfdxsZ30FzKuV4J6d7nvVIaZRMfzah1dwKV6EPUjwo8JGZfv34a7R36%2Bl6E4z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f3fc254e159bf2-FRA
expires: Sun, 13 Aug 2023 12:52:21 GMT

GET
H/1.1 200
OK bootstrap.min.css
d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/ 158 KB
158 KB 292ms
8ms Stylesheet
text/css 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/css/bootstrap/4.5.0/bootstrap.min.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fadadc49b4ca3c49a69a4ce2c17d56cab0a8b52af6b3fae5296ae1a9f56ed453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 10:51:33 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Last-Modified: Wed, 18 May 2022 14:44:35 GMT
Server: AmazonS3
x-amz-meta-user-agent-id: efiorani@s-c2cd08720a404b138
Age: 7302
ETag: "14e3036e583d9d5910ed515b6ebebb00"
x-amz-meta-user-agent: AWSTransfer
X-Cache: Hit from cloudfront
Content-Type: text/css
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 161736
X-Amz-Cf-Id: Vqac2m_gpc7nc1yX_N9JvdVPqjcad0MFOy_N8q9MKK7EaEwlVzQ29A==

GET
H/1.1 200
OK custom.css
d3bjnmbj12697.cloudfront.net/pb/22/pbv/2203-bigt-summit/css/ 83 KB
83 KB 705ms
421ms Stylesheet
text/css 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/22/pbv/2203-bigt-summit/css/custom.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4c20bca3446c73992193c05facfc083992990ab7d87fcb6bce3dadb1856b1fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:23 GMT
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Mar 2022 17:56:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4
ETag: "5247fd99ee9f7423c0b320c56f7a2f78"
X-Cache: RefreshHit from cloudfront
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 84667
X-Amz-Cf-Id: fQlQds9CEMfISgLTy_12Tb1d5pyB7uASBNlXZJD0-6qwLw18RibWRA==

GET
H/1.1 200
OK 11995309e276a8a5a39e6c8422f08f54.css
s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBV/inlinecss/ 396 B
864 B 525ms
145ms Stylesheet
text/css 52.216.33.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBV/inlinecss/11995309e276a8a5a39e6c8422f08f54.css
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.33.48 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 361de8847d477a4aa1b825c01c179573336ca81b0a9a6a41aca4428d516ec02c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:23 GMT
Content-Encoding: utf8
Last-Modified: Fri, 25 Mar 2022 18:07:10 GMT
Server: AmazonS3
x-amz-request-id: 0EEMK0DR0M3ZXG86
ETag: "92c018edb93364c557281376877d1c6f"
x-amz-version-id: OrnbeXxlwZl2Fm_lOg40SU__rxuu2sZh
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: text/css
Content-Length: 396
x-amz-id-2: 7IQirBYK2yV/mF/DT3dLdO3H1gfkzTlCVJxMftckMYez77KVcovDbka3ZMOjWIKtqNd9Y/nEKg8=

GET
H2 200 versionId=gJ_hWreSerDs2vfXDcoUBUcwgjSq8wPH Show response
gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/PBV/VideoLandingPage/8fbe0aa7e774a5fa85a140b2469d1800.html/ 8 KB
8 KB 656ms
374ms XHR
application/json 52.222.236.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gsdpeazjjf.execute-api.us-east-1.amazonaws.com/prod/assets/asset/PBV/VideoLandingPage/8fbe0aa7e774a5fa85a140b2469d1800.html/versionId=gJ_hWreSerDs2vfXDcoUBUcwgjSq8wPH
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-108.fra56.r.cloudfront.net
Software: /
Resource Hash: 8e1663d8c94c35e9d197509c59d98431ef72bd4167fd8ada04e1d80ebdbe2640

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amzn-requestid: d10b33e4-820b-414e-9733-1b167d4c7333
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6304cd86-480df848629b638f087b4d0f;Sampled=0
x-amz-apigw-id: XUUNCEEioAMFnfQ=
content-length: 7693
x-amz-cf-id: 7oRUlq-10QdkmT2UeM8-lszewss8kD4il_ZKnafmLD9-f0UW69ZAZQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 452 KB
102 KB 343ms
62ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/mygtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e553840d45d1a1e614f0311e22c8442f215e93a632db86f731c2626b520bc184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103741
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:22 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 62 KB
20 KB 296ms
13ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=BrxgIoIXfWCS&v=1
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/store/PROD/js/listrak.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: a1a2c9f5eec6de7541b3a38a307f21a69bc1a1771dbe6c10876926d6ad7bb39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:22 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 323
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 19513
Last-Modified: Thu, 26 Sep 2019 14:35:21 GMT
Server: cloudflare
X-ltk: 8/23/2022 1:01:28 AM
ETag: "E4KO8Z/Ur3VrLu3p7flIiQ=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 73f14a5a8c89bb8f-FRA
X-Amz-Cf-Id: uP98wDS67T2BLFbYDOCTjJnd-x4dEggTQ-a6LwU5R7SoNn7mKBcqaQ==
Expires: Tue, 23 Aug 2022 13:46:59 GMT

GET
H/1.1 200
OK sdk Show response
ssl.kaptcha.com/collect/ 5 KB
6 KB 562ms
176ms Script
text/javascript 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7651dd597cbfc8496cc17e8e09a1a5c8ebf9a11cdef6c6bd0e3090d40524d9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:22 GMT
X-Correlation-Id: 97417d6f-7522-4946-a127-4f26a7463d3d
Transfer-Encoding: chunked
P3p: CP=CAO PSA OUR
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0

GET
H2 200 bss-px.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 5 KB
2 KB 194ms
194ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 11:22:03 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: d4730eb5-df1e-4a3f-8aa5-8aca5902841e
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XUG-YHFBIAMF6Qw=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 a608f2055229f2ea193f6b8f15267a70.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc255cd69066-FRA
x-amz-cf-id: ubgnwIfe6BJqVNSbF_Z8dfI5bq7fiw4ogkHlj1PNi71ZR_cwG5RdNQ==
x-amzn-remapped-connection: keep-alive

POST
H2 200 generic Show response
secure.palmbeachgroup.com/snowflake/ 21 B
372 B 246ms
246ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/generic
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront), 1.1 414a05dee9c365a2a2079013f9d53670.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA53-C1, DUS51-C1
x-amzn-requestid: 06a1c263-a6cf-449d-a31f-e0f117f9e3d8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6304cd86-6060b36c6b5c5ef2209567fd
cf-ray: 73f3fc255cdd9066-FRA
x-amz-apigw-id: XUUM_EuGoAMFY1w=
content-length: 21
x-amz-cf-id: gnYEIP1kG90RLhyjeDetpH1BmjISrGQJkzjz9iyb44sbiIl_Lz7Cpw==

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 21 B
269 B 319ms
319ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 e8640ab30463560abfb6a2665bafb392.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: DUS51-C1
x-amzn-requestid: 81cb7382-1b09-4995-bd3e-490d9b3d799c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6304cd86-0f478f145c489b362b90209a
cf-ray: 73f3fc271f489066-FRA
x-amz-apigw-id: XUUNBEMYCYcFkjA=
content-length: 21
x-amz-cf-id: bXRy_f4nd9aOTEzQ37jPLK9LkG9DjE93MFmss5Q7W2uKVgb0xdqxqw==

GET
H2 200 getIds Show response
s1.listrakbi.com/BrxgIoIXfWCS/session/ 175 B
1 KB 141ms
112ms Script
application/x-javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/BrxgIoIXfWCS/session/getIds?callback=ltkCallback1989&gsid=&_sid=&_tid=243866&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=BrxgIoIXfWCS&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7b841b5259d95babf9d1053887cd12c72574698f62a33261a7cb63a22fd62c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 73f3fc276ad268fe-FRA
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6385
date: Tue, 23 Aug 2022 11:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Aug 2022 13:05:57 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/ 64 KB
22 KB 45ms
16ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1895
content-encoding: br
last-modified: Tue, 23 Aug 2022 12:20:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpYDWnSnO5X8UHcbEG%2BVwQYXw4alTgUrlQOKnfgYB0F9hHHmkllDEOQ%2BMOq%2B5SRjIMzIMuzrG5PSE7pFbgOX3dkswzsfZ0%2F%2B%2BxfsP8kxFP0msSFYaSldtRIZKZjAfvxB1ASj8KE4lEn3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 73f3fc27fee79974-FRA

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 62ms
18ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5929
x-amz-id-2: gFqgjQpoYHQg3Q7PF/tQwRfi3dpTLZGNa7HiCvfoAZQmp1ni7aKsLJac+xFbeBAnSv2zAhE6MmQ=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 3H1HKGCVFWQ6FRFA
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
15 KB 50ms
22ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha+DTL/+te0Kl0vg49YdWxuBxjzamR3O03dtPPTc=&emailjobid=5147497&emailname=20220507-TBE-PAID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1672335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ABWFWAK2P6Z86ST7
x-amz-id-2: Lo6V6sS9dollZm991E+r9QS5ilIWlcul705lMiga2oQnz8bnT95jaa4X7qyu2MPUU2YNcD20ek4=
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
cf-ray: 73f3fc27fcba695b-FRA
expires: Tue, 23 Aug 2022 16:52:22 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 88ms
18ms Script
application/javascript 178.79.242.16
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.16 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-16.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 473771
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: 200e33bf663199d5ffc7702837072170

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 384ms
91ms Image
image/gif 70.42.32.223
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=006987b21e348a9f544b8e9c5329ce00df
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:22 GMT
Cache-Control: no-cache
X-TraceId: 17b657a72dac1efdca60d79d207a0ab0
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=267304621&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=179075559&gjid=1105759369&cid=634359137.1661259142&tid=UA-87443958-7&_gid=2084865361.1661259142&_r=1&gtm=2wg8m0PSPS9BF&z=845110380

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
554 B 136ms
136ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?gtm.start=1661259141968&event=gtm.js&gtm.uniqueEventId=1&_ts=1661259142425&_nmob=t&_device=desktop&url=secure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID&_v=3.0.27&_uid=9ef96c59-996d-43b5-9d7d-fd05b80a9c8b&_getid=t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFxxsFqbr88EDx%2FImxclVrQe%2F4B1wu7IS%2FMQB5WiWorPllhPzJXK6scphXoWxtcwSSwXNe1w2R3qK8%2FcrQ4obXwMRONxnpYlwvocDCbqH41NKYjSZoAcOZavHDWHTWgCDrpn%2Bpxym2Zn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 73f3fc283f459974-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/e105368420994e038ee8f447459557ab/ 43 B
421 B 393ms
97ms Image
image/gif 52.2.147.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/e105368420994e038ee8f447459557ab/pixel?j=1&u=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID&tag=ViewContent&ts=1661259142432

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.147.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-147-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,4060f4272ef89281480ca5bdf6e424c5,10.0.0.247,9024,138.199.38.133,,54799130485,1,1661259142.776,0.002,,.,0,0,0.004,0.004,-,0,0,197,118,59,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 10028632.json Show response
s.yimg.com/wi/config/ 2 B
450 B 55ms
19ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10028632.json

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:16:58 GMT
x-content-type-options: nosniff
age: 2124
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 3168ABMQY025VRPT
x-amz-id-2: 26v1b9EtFlDMiPiqMXz7RJmT86jxRQwDMJ9sFAgSuKV3mP+IrXrYQ2BmWeFRxk/XBaXVbqAtrkk=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 244ms
244ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=2b3e9754-fba3-404c-9af1-f89cc385d6a2&batch_time=1661259142439
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
446 B 52ms
17ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87443958-7&cid=634359137.1661259142&jid=179075559&gjid=1105759369&_gid=2084865361.1661259142&_u=YEBAAEAAAAAAAC~&z=1578039594

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Aug 2022 12:52:22 GMT
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 138ms
44ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2023%20Aug%202022%2012%3A52%3A22%20GMT&n=0&b=Palm%20Beach%20Research%20Group&.yp=10028632&f=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:22 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Tue, 23 Aug 2022 12:52:22 GMT

GET
H/1.1 200
OK bg-flag-3.jpg
d3bjnmbj12697.cloudfront.net/pb/22/pbv/2203-bigt-summit/img/bg/ 73 KB
73 KB 405ms
404ms Image
image/jpeg 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/22/pbv/2203-bigt-summit/img/bg/bg-flag-3.jpg
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/marketingassets.cloudsna.com/prod/common/PBV/inlinecss/11995309e276a8a5a39e6c8422f08f54.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 500b1cc0cde5ed863c841d7a5cd062b90f09e9284d261d8ebf9a33d5737c9398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:23 GMT
Via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Mar 2022 15:03:02 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4
ETag: "f61ddddffcc3c35d48067afa7bb4e1cf"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74688
X-Amz-Cf-Id: RJp1Mjpnu3tNjx2jM_ifNOrtKFZjlI3a-fmS32T1jddlZKahL8hK-A==

GET
H2 200 9ef96c59-996d-43b5-9d7d-fd05b80a9c8b Show response
c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/ 244 KB
27 KB 177ms
176ms Script
application/json 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/6754fc8577b0e933befa552acea53d64/user/_uid/9ef96c59-996d-43b5-9d7d-fd05b80a9c8b?segments=true&mergestate=true&state=%7B%22_uid%22%3A%229ef96c59-996d-43b5-9d7d-fd05b80a9c8b%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22secure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1661259142523&callback=u_783154280546228000

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de3e31e50a5c63853a2f1c4ebcef1d7a6691d1a16a6ca86788e31c1233b2bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f3fc28c80a9974-FRA
date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2Fvax9H2lHDf%2Fuf%2F1kOeOjy7hQF%2FE6HDh1kXZ6W6eDZVLlUn6RAXGUsqamA8j6mKeMVRJSFJOhrfC%2F9PtXO82QLp56yWo8i%2ByiBk4Fv1p5IVlSMLoWmr7C2AB%2BwyMz4l%2BMxTXxVSW3sb"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 6754fc8577b0e933befa552acea53d64
c.lytics.io/c/ 35 B
313 B 132ms
131ms Image
image/gif 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/6754fc8577b0e933befa552acea53d64?_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1661259142521&_nmob=t&_device=desktop&url=secure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID&_uid=9ef96c59-996d-43b5-9d7d-fd05b80a9c8b&_v=3.0.27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oA6tJ3MBXHk2ru84Hn1DwVTicjPf4GTcNn2FzjWSyE7JPFVmewGfUAnVuNFrjwBF4iNM%2BIdQ7AKFnq5jjs54Ho%2Fm7izWHIQ2TqQH15oS6DLFY100vmDXNB3zIC2tniMf%2B96wPvAd8rD4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 73f3fc28c80f9974-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

POST
H/1.1 200
OK kasupport Show response
ssl.kaptcha.com/collect/ 2 KB
2 KB 524ms
175ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/kasupport
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3ba6b46bbb7dd7ce6eb0171c4b38c49164969021d629e20fcd7dece5e8e3fc5e

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:22 GMT
X-Correlation-Id: dbf99f8b-d437-41ae-acb7-59e38381f8bf
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame ADFA 22 KB
22 KB 176ms
176ms Document
text/html 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/collect/sdk?m=100014
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 6de0627804e1990e403b4a0df327373446691baf87185c06bbd483583f069e23

Request headers

Referer: https://secure.palmbeachgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Tue, 23 Aug 2022 12:52:22 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: a12c8746-52e2-4457-811e-31f8f2f98af7

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/ 78 KB
79 KB 23ms
14ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7836638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80148
timing-allow-origin: *
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f0f47d3-13914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihVCnhoRgHpdP9U5385a6J5oI2Jub0k91XqnO2jKkFsTwwvA%2B0Y7RsEaFhx11PHalWwILoBb%2FxQ9QIGGs2fRG5icez87HbFBpZjbGdulwISJeCJy421GM4nayD0F0cIanVswgCCHrXKXQvPdUTIxo3Ky"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73f3fc298dc1996c-FRA
expires: Sun, 13 Aug 2023 12:52:22 GMT

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/ 79 KB
80 KB 22ms
8ms Script
application/javascript 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/bootstrap/4.5.0/bootstrap.bundle.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 08:19:52 GMT
Via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
Last-Modified: Mon, 29 Jun 2020 13:27:40 GMT
Server: AmazonS3
Age: 16442
ETag: "7fd2f04e75bd7ab1a79d80cdd4c33085"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 81084
X-Amz-Cf-Id: JS9MEAaJfdKq7fCz3KRgLrYsU3NhFVY51lHTqJWUyV7oztDzlmxRjw==

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5102072647001/lLJeax0GGw_default/ 677 KB
185 KB 765ms
732ms Script
application/javascript 23.35.237.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-37.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 04ee48acc08117bc211b853f9fca1ec46ad9bd03c34efe6fb7a754867086306d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: _KGiGELTfu1zw.STxypE95jk09_XRexo
Content-Encoding: gzip
ETag: "948edc203e3f81e25839de6463fafcd1"
x-amz-request-id: 7GYQVS6HGQJWVHHD
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 188249
x-amz-id-2: bWucFnc/GseLpqZ2Cq6ICSjQRQyDARbWFwky9zI3sDVzlbfoEGovhtIcD02ABv58qzBxCQQuTAo=
X-BCOV-Response-Mode: 1
X-Served-By: cache-hhn4044-HHN
Last-Modified: Fri, 04 Mar 2022 17:13:22 GMT
Server: AmazonS3
X-Timer: S1658056888.204212,VS0,VE709
Date: Tue, 23 Aug 2022 12:52:23 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=272
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK ouibounce.min.js Show response
d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ 2 KB
2 KB 22ms
7ms Script
application/javascript 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/ouibounce/ouibounce.min.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 05:39:36 GMT
Via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 Apr 2020 20:03:18 GMT
Server: AmazonS3
Age: 36369
ETag: "aa63b6f263c50e0cd2636cce8c794214"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 1626
X-Amz-Cf-Id: -bwVnPwmE0QO0FpGnSVVdYsgPI8ei_XAtHwiB0WgEC2FiHmzYJjw1Q==

GET
H/1.1 200
OK lr-data-pb.js Show response
d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.1.5/ 13 KB
13 KB 25ms
8ms Script
application/javascript 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/lr-data/1.1.5/lr-data-pb.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48d233d91a05f922549923e3295edb2d404f9119d8dba0b63dbb15bb6ae23672

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 22:34:59 GMT
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Aug 2022 18:26:49 GMT
Server: AmazonS3
Age: 51444
ETag: "5e914e11a18a1739722495f5ad17338c"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 13050
X-Amz-Cf-Id: 1qEz10z7RvcZ_2bA_3WtDumJ3hlaIH4dc-EGiYqNPPIO5RyFn7_-DQ==

GET
H/1.1 200
OK c.js Show response
d3bjnmbj12697.cloudfront.net/_/js/countdown/1.0.4/ 6 KB
7 KB 29ms
7ms Script
application/javascript 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/countdown/1.0.4/c.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b614b1552fa5262616309af625a8c4e81abc641f0c94915331e86849f1cfc026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 10:47:00 GMT
Via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Last-Modified: Thu, 27 Jan 2022 19:49:38 GMT
Server: AmazonS3
Age: 7523
ETag: "89e2374fe926be1a864d990ad3cf251b"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 6279
X-Amz-Cf-Id: 5d7CPinlYJCEFih-muKeo1owu6sKxUQJgB7VXdhwJ8qudy9iJ1d4lw==

GET
H/1.1 200
OK v.js Show response
d3bjnmbj12697.cloudfront.net/_/js/video/1.0.1/ 9 KB
9 KB 8ms
8ms Script
application/javascript 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3bjnmbj12697.cloudfront.net/_/js/video/1.0.1/v.js
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec28922ebf7c32e774061e61d02e1f084cedb890dfae738bb510b5f44e3cf876

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 07:21:58 GMT
Via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified: Fri, 28 Jan 2022 21:48:23 GMT
Server: AmazonS3
Age: 19825
ETag: "df55061cb31d5888954d6a94df8aa5aa"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 8906
X-Amz-Cf-Id: E_CzXoZwmjBGOGijvYGJJPZgCBDg5ubPQ0EBQLHBoQTyZqjHhaC9_Q==

GET
H/1.1 200
OK PBV-logo.png
d3bjnmbj12697.cloudfront.net/pb/22/pbv/2203-bigt-summit/img/ 21 KB
22 KB 21ms
10ms Image
image/png 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/pb/22/pbv/2203-bigt-summit/img/PBV-logo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfef493b74a7c8a39c6631195df6c348fb08172c4b36b04ac48e37060880a74f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 01:32:31 GMT
Via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
Last-Modified: Tue, 15 Mar 2022 19:26:20 GMT
Server: AmazonS3
Age: 40792
ETag: "5ff5f1466429abc4c3017aa6d728d94e"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P4
Accept-Ranges: bytes
Content-Length: 21794
X-Amz-Cf-Id: ei_rxYsIU6C2ZzfJLH1cn68mvldGXvC1gu1EmpD6vr79j9ybDFA7yA==

GET
H/1.1 200
OK teeka-tiwari-8347.800x800.jpg
d3bjnmbj12697.cloudfront.net/_/headshots/ 27 KB
28 KB 422ms
421ms Image
image/jpeg 2600:9000:225e:f800:f:75e2:4ac0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3bjnmbj12697.cloudfront.net/_/headshots/teeka-tiwari-8347.800x800.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:f800:f:75e2:4ac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fecf49ee5500b0d2fd65869cb54d7dee531c5b119a2760abf42ffeddbbd52963

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:24 GMT
Via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 14:32:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4
ETag: "399d19fd15dff0b73ac5b923c64dd0b4"
X-Cache: RefreshHit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27749
X-Amz-Cf-Id: UqHZjUEZXiiITyiOuBdpp5IqW6CMh23qNqHDkxsaqF8nRVNjEuyVOg==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=267304621&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=634359137.1661259142&tid=UA-87443958-7&_gid=2084865361.1661259142&gtm=2wg8m0PSPS9BF&z=1465741410

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 15:41:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76262
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/e105368420994e038ee8f447459557ab/ 43 B
421 B 244ms
98ms Image
image/gif 52.2.147.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.147.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-147-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,ddd34a64b5bc85c4c922aef17d58b7c0,10.0.0.247,9222,138.199.38.133,,54799130872,1,1661259142.875,0.002,,.,0,0,0.000,0.004,-,0,0,197,128,64,10,34729,,,,,,-,
Content-Type: image/gif

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 20 KB
20 KB 39ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVPSTAyLFyeg_IDWvOJmVES_Hw3BXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Be+Vietnam+Pro:ital,wght@0,200;0,400;0,700;0,900;1,200;1,400;1,700;1,900&family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:42:19 GMT
x-content-type-options: nosniff
age: 493803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20136
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:13:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:42:19 GMT

GET
H2 200 QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2
fonts.gstatic.com/s/bevietnampro/v10/ 21 KB
21 KB 35ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bevietnampro/v10/QdVMSTAyLFyeg_IDWvOJmVES_HSMIG81Rb0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2b36199292fd0a66f42de265cbbcaaefce6ebacb6b6a116beebc4e61e8ae8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 18:00:14 GMT
x-content-type-options: nosniff
age: 67928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21024
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 18:00:14 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 135ms
134ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=3034bffc-f3a0-4282-a870-cc2eb8b43c67&batch_time=1661259142748
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 cm
trc.taboola.com/sg/lytics/1/ 43 B
376 B 36ms
15ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lytics/1/cm?redirect=https%3A%2F%2Fc.lytics.io%2Fc%2Fprovider%2Ftaboola%3Ftaboola_id%3D%3CTUID%3E%26_uid%3D9ef96c59-996d-43b5-9d7d-fd05b80a9c8b%26account_id%3D6754fc8577b0e933befa552acea53d64
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 23 Aug 2022 12:52:22 GMT
via: 1.1 varnish
server: nginx
x-timer: S1661259143.794346,VS0,VE9
x-served-by: cache-hhn4021-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame ADFA 0
299 B 177ms
176ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:22 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 0557a0ac-696b-4e9c-9b5b-d8ee3753b9e9
Content-Length: 0
Expires: 0

GET
H2

200

asyncPixelSync Show response
pixel.sitescout.com/dmp/ Frame 94CD
Redirect Chain

https://pixel.sitescout.com/dmp/asyncPixelSync
https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

1 KB
2 KB

23ms
23ms

Document
text/html

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: cbb4179d73f235c644a4cf9fb06b04908e3178b804e7ac3b766f01d5edbc1677

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
content-length: 1135
content-type: text/html;charset=UTF-8
date: Tue, 23 Aug 2022 12:52:22 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

Redirect headers

content-length: 0
date: Tue, 23 Aug 2022 12:52:22 GMT
location: https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1
server: AC1.1

GET
H2

200

77c21d510266169b
pixel.sitescout.com/up/
Redirect Chain

https://pixel.sitescout.com/up/77c21d510266169b?cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26...
https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC000...

43 B
417 B

21ms
21ms

Image
image/gif

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID
Protocol: H2
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:22 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/up/77c21d510266169b?cookieQ=1&cntr_url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID
date: Tue, 23 Aug 2022 12:52:22 GMT
server: AC1.1
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=267304621&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&ul=en-us&de=UTF-8&dt=Palm%20Beach%20Research%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=799364400&gjid=522590397&cid=634359137.1661259142&tid=UA-170962029-3&_gid=2084865361.1661259142&_r=1&gtm=2wg8m0PSPS9BF&z=4804192

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 60ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 272F885CEE3C4E4BBED733A928671E6D Ref B: FRA31EDGE0716 Ref C: 2022-08-23T12:52:23Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 23 Aug 2022 12:52:22 GMT
accept-ranges: bytes
content-length: 11367

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 37ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-474630786

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32e2c39537115cd4c3cacb5b3ac9c6456fe1059d49dabe4ff69a400fdadc3f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45655
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H/1.1 200
OK / Show response
js.trackinggrid.com/lr/ 863 B
902 B 360ms
115ms Script
application/javascript 209.59.154.196
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://js.trackinggrid.com/lr/

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.59.154.196 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Original-Content-Length: 1062
Server: nginx
Etag: W/"PSA-aj-JPd0QB94FZ"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2587362
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Sep 2022 06:36:57 GMT

GET
H2 200 bss-px.min.js Show response
secure.palmbeachgroup.com/store/PROD/js/ 5 KB
2 KB 233ms
233ms Script
application/javascript 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/store/PROD/js/bss-px.min.js?affiliateId=2000&brandId=2003
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amzn-remapped-date: Tue, 23 Aug 2022 12:03:02 GMT
x-amz-cf-pop: FRA60-P1, DUS51-C1
x-amzn-requestid: 283ed9d6-fefd-4049-91ec-53ae0d91165a
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-apigw-id: XUM-jECFIAMFodg=
content-length: 2052
last-modified: Tue, 01 Jun 2021 15:08:33 GMT
server: cloudflare
etag: W/"3ee3506660c2ef343d6c68a229cd42be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-amz-version-id: fGaHECtcp1774Apxw3QoOeW87E1iGAd2
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 e8640ab30463560abfb6a2665bafb392.cloudfront.net (CloudFront)
x-amzn-remapped-server: cloudflare
cf-ray: 73f3fc2bbd919066-FRA
x-amz-cf-id: qEZQbgzSmwh9N8UTI79K82dj5OhHex9DrhYAuQUUV_2uedo4TRTang==
x-amzn-remapped-connection: keep-alive

POST
H2 200 generic Show response
secure.palmbeachgroup.com/snowflake/ 21 B
300 B 459ms
458ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/generic
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Accept: application/json, text/plain, */*
Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: g5wZnpMOAV6d3DVWjACKU9Pz86tj10Es39Avoa3n
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront), 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA53-C1, DUS51-C1
x-amzn-requestid: ce7d5d07-f148-47a1-9950-714c2e1d0b2e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6304cd87-5d1784aa291b35e7736d8aab
cf-ray: 73f3fc2bcd999066-FRA
x-amz-apigw-id: XUUNKGhQIAMF2BQ=
content-length: 21
x-amz-cf-id: hYxCTPta2Yu2tkkhAM780rMoOQkJ3qyo4ekJewqE5jMcmJBfPtBfHw==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 58ms
17ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-170962029-3&cid=634359137.1661259142&jid=799364400&gjid=522590397&_gid=2084865361.1661259142&_u=aEDAAEABAAAAAC~&z=1488685264

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Aug 2022 12:52:23 GMT
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame ADFA 0
299 B 215ms
176ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 7d3c4bd6-e8ee-48dc-ae92-0387ab80d031
Content-Length: 0
Expires: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 139ms
104ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-474630786

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15668
x-xss-protection: 0
server: cafe
etag: 17682506513748322061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H2 204 134025694.js Show response
bat.bing.com/p/action/ 0
120 B 314ms
314ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/134025694.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A55AD5BFC3AA4D2EA5D158C2855F064B Ref B: FRA31EDGE0716 Ref C: 2022-08-23T12:52:23Z
date: Tue, 23 Aug 2022 12:52:22 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=134025694&tm=gtm002&Ver=2&mid=0e197c98-c561-46d9-be73-f33712938460&sid=6e85f7f022e211edac061d7ea3818812&vid=6e863fb022e211ed9e6613a849a8422c&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Palm%20Beach%20Research%20Group&p=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&r=&lt=2416&evt=pageLoad&sv=1&rn=284065

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BE4782B5C2E46B79196092BA0644120 Ref B: FRA31EDGE0716 Ref C: 2022-08-23T12:52:23Z
date: Tue, 23 Aug 2022 12:52:22 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 116ms
115ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=bcc187df-d55b-4a18-9a77-4eb548046aea&batch_time=1661259143062
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK cookiestore Show response
ssl.kaptcha.com/collect/ 0
299 B 174ms
174ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/collect/cookiestore
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: f092c083-d682-443a-a298-776a3357e33e
Content-Length: 0
Expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 69ms
44ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=634359137.1661259142&jid=799364400&_u=aEDAAEABAAAAAC~&z=190323609

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 68ms
44ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-170962029-3&cid=634359137.1661259142&jid=799364400&_u=aEDAAEABAAAAAC~&z=190323609

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 94CD
Redirect Chain

https://dpm.demdex.net/ibs:dpid=82530&dpuuid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=

42 B
942 B

129ms
129ms

Image
image/gif

3.251.27.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-251-27-103.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v038-052908483.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: F2oMZOrQRhI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v038-0729fb8fe.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jAOJQVZxTqQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 94CD
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858

95 B
113 B

26ms
16ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858
date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 um
sync.teads.tv/ Frame 94CD 23 B
172 B 77ms
42ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=73&uid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 23 Aug 2022 12:52:23 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 94CD 49 B
266 B 100ms
28ms Image
image/gif 52.17.214.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.214.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-214-109.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.20.144
content-type: image/gif
content-length: 49
expires: 0

GET
H2 451 384136.gif
idsync.rlcdn.com/ Frame 94CD 0
98 B 43ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/384136.gif?partner_uid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pixel.sitescout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame ADFA 0
299 B 332ms
176ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 26602f68-d023-47ba-aaa9-ed6cedfdd5d4
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame ADFA 0
299 B 468ms
175ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 6a902970-9467-48dc-ab05-698ece46721f
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame ADFA 0
299 B 508ms
176ms XHR
text/plain 54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=100014&s=8f2913951f20473ca7e4e6d19abc1c43
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 23 Aug 2022 12:52:23 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 5daf5a90-c2c0-42e7-87b4-12951c6a6202
Content-Length: 0
Expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/474630786/ 3 KB
2 KB 75ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/474630786/?random=1661259143192&cv=9&fst=1661259143192&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f76d835d1551983f7a8d3a857eb3a27f448b468631a8e9ab09ee6ac4aa5157b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 21 B
250 B 741ms
740ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: DUS51-C1
x-amzn-requestid: cbcbc2a5-ace5-4cda-972d-e986f240b7dd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6304cd87-0395a79476cbf5b36e9a4e14
cf-ray: 73f3fc2d3f5d9066-FRA
x-amz-apigw-id: XUUNOHSIiYcFTHw=
content-length: 21
x-amz-cf-id: eNrBmMXXhvYbufrx2htrnX0vInELivcnwIv-iIAmHnD4jLk6aGPzXQ==

POST
H2 200 logger Show response
secure.palmbeachgroup.com/snowflake/ 21 B
249 B 300ms
299ms XHR
application/json 2606:4700::6810:1937
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.palmbeachgroup.com/snowflake/logger
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:1937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899

Request headers

Referer: https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-api-key: O1I1d31dqY5iHR07pLHrf7rKAOxDeMhQ2JsWck8c
Content-Type: application/json

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: DUS51-C1
x-amzn-requestid: 76d926bc-3a97-425b-8a92-d12358caa5ae
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6304cd87-4c0cde0135f848ac25e54191
cf-ray: 73f3fc2d5f859066-FRA
x-amz-apigw-id: XUUNLH2FCYcFvqQ=
content-length: 21
x-amz-cf-id: QPa0DCDKdWeSsM0Z_HfdhNtxJlgG8fj-SUvyUt_15c1wZU3emiuh5Q==

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 32ms
31ms Script
text/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f3fc2d6ef19974-FRA
date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 12:32:41 GMT
server: cloudflare
age: 1182
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94K4HertO2%2BHUVWOZpqA%2FjDGkcMpO9MmoHVOg5CYKLdtz9VMrMiUpV%2FB%2BRnMgmdIaGBVM5ppkqIFwD0Mrv9NBc86lc2MdH2%2B2QCpBaBeQE0YDl3%2B42gWjc9eGKOf4O3jd41Bnn%2BONHqk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H3 200 /
www.google.com/pagead/1p-user-list/474630786/ 42 B
64 B 38ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/474630786/?random=1661259143192&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=1312125968&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/474630786/ 42 B
64 B 51ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/474630786/?random=1661259143192&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=1312125968&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73f3fc2daf5d9974-FRA
date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 23 Aug 2022 11:25:45 GMT
server: cloudflare
age: 5198
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRl7FEJFG%2FhXEFeSPeAe%2BiS4rW6hfZvRMwKzpGX5AP2MeejcqAAr2KqEHUbWnZn1VrqFCub3zxzhh4OC0%2BFZ2CZSnc58vEWywESk4aXx2FAMpmdyloZUk9OoKNzbZ7SJks8QM1Mz6Ujn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/ 576 KB
40 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:316
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/6754fc8577b0e933befa552acea53d64/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/6754fc8577b0e933befa552acea53d64/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:316 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b3842cbdf122e045b7d2a203ea16a99acd6a246e55f1dc031c24fa9a5ba199

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6143
content-encoding: br
last-modified: Tue, 23 Aug 2022 11:10:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH%2Bj0yPbr%2F3rSs3VwzKuyrfBiXic%2BtxtDR2HmDpwX5ZFv8jaGN1kpzqvpwbypt4yBsg475ILa2EMVob30C8uE85mm3WregW33dcTTRxYK9haA3BW0Y3DYeZN2EmPgEX67%2BZ307oJK%2FrJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 73f3fc2daf6b9974-FRA

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 105ms
105ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=d1717da5-c25f-46e7-afbd-30b42625d2f9&batch_time=1661259143323
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-753664851

Requested by

Host: js.trackinggrid.com
URL: https://js.trackinggrid.com/lr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

117c5b2053512b3ad44dee782459bcd4cc7e7467b9b12da3887b25f83bf75b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62354
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 78ms
61ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-753664851

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15668
x-xss-protection: 0
server: cafe
etag: 17682506513748322061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

733422c9624204cf256bfc25165a06eb9fb8e058d3c79e2c25349bcf8d2a1360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42058
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456578300&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a9625238f9b78c4ef509cf9905f2d4490e68b8e37647b851d9c7401548b1d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62321
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-700588147&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b911b207010d54fdf289d6ce2ae8c425189c041c767826dad5b32e020d92bd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45751
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
61 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-311444767&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2fdbfb150ffae0c2f646f2711ed1091771ca2a2faeb95460ad2c7d7078cca4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62363
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668877205&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a2f4186ce02314b3f5af5a0d4f118aa4863f00600a0ac51cd0d178081c9ee34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45751
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10828766220&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4927c66a212bf3c348f8e724c303523ea09351fe420cc938f2a51b0f6fc7a185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45651
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-668474013&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PSPS9BF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6791133f337c94d8b138de5e2e572c8b65f19a7baca146b16d99c75fafa80b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45678
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Aug 2022 12:52:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=267304621&t=pageview&_s=1&dl=secure.palmbeachgroup.com%2Fhttps%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&ul=en-us&de=UTF-8&dt=lrRemJS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1457647353&gjid=1392979943&cid=634359137.1661259142&tid=UA-137602623-2&_gid=2084865361.1661259142&_r=1&gtm=2ou8m0&z=1500485698

Requested by

Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.palmbeachgroup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137602623-2&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6386
date: Tue, 23 Aug 2022 11:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 23 Aug 2022 13:05:57 GMT

OPTIONS
H2 200 6301727172001
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ Frame 0
0 39ms
7ms Preflight 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6301727172001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://secure.palmbeachgroup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 23 Aug 2022 12:52:23 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4029-HHN
x-timer: S1661259144.626835,VS0,VE0

GET
H2 200 vtt.global.min.js Show response
vjs.zencdn.net/vttjs/0.12.5/ 20 KB
7 KB 31ms
7ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
Requested by: Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
last-modified: Thu, 31 Aug 2017 21:04:55 GMT
etag: "f30dac97e5c2aaa10a7695b93cc66699"
x-served-by: cache-hhn4043-HHN
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 7231
x-cache-hits: 2061

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 45ms
22ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 23 Aug 2022 12:52:23 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
207 B 42ms
21ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 23 Aug 2022 12:52:23 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 6301727172001 Show response
edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/ 6 KB
6 KB 115ms
115ms XHR
application/json 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5102072647001/videos/6301727172001
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319230b640f8898f0dd1a982c35e85993961a891d28b9f70b86afbb8ec9567d5

Request headers

Accept: application/json;pk=BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

bc-override-client-ip: 138.199.38.133
date: Tue, 23 Aug 2022 12:52:23 GMT
powered-from: eu-central-1b
bcov-request-id: 4158eddb-e319-49ed-b278-ff455832e4c2
age: 0
policy-key-accountid: 5102072647001
x-cache: MISS
powered-by: BC
content-length: 6015
via: 1.1 varnish
x-served-by: cache-hhn4029-HHN
policy-key-raw: BCpkADawqM18bNrtg81z9CsS9ERCN71x-_ntsRN4hc5BEWiBt_JPwrFbQmEhXcLwtFCOpiegWE1GyczMOqn0hOz53TOClK3WOZTkP8UO9EaZuG74hAr14nnF-80NEsEO-EsGv7v4OiLJqGyY
x-timer: S1661259144.634432,VS0,VE108
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b

Request headers

Referer
Origin: https://secure.palmbeachgroup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
BLOB 200
OK bf08a1bf-bf9d-4500-943c-fae9eacdd0e3
https://secure.palmbeachgroup.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/bf08a1bf-bf9d-4500-943c-fae9eacdd0e3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H2 200 tracker
metrics.brightcove.com/v2/ 35 B
94 B 21ms
21ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.brightcove.com/v2/tracker?domain=videocloud&platform=video-js&session=ba77f78785012c362bcfb229&account=5102072647001&destination=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&platform_version=6.27.0&player=players.brightcove.com%2F5102072647001%2FlLJeax0GGw_default&player_name=Marketing%20Player%20-%20Autoplay&source=&usage=inpage-embed&event=player_load&time=1661259143616&qos.performance.memory.jsHeapSizeLimit=3760000000&qos.performance.memory.usedJSHeapSize=37300000&qos.performance.memory.totalJSHeapSize=42100000&qos.performance.navigation.redirectCount=0&qos.performance.navigation.type=0&qos.performance.navigation.directedMigration=false&qos.performance.timing.loadEventEnd=1661259140351&qos.performance.timing.loadEventStart=1661259140351&qos.performance.timing.domComplete=1661259140351&qos.performance.timing.domContentLoadedEventEnd=1661259140333&qos.performance.timing.domContentLoadedEventStart=1661259140332&qos.performance.timing.domInteractive=1661259139730&qos.performance.timing.domLoading=1661259139177&qos.performance.timing.responseEnd=1661259138951&qos.performance.timing.responseStart=1661259138951&qos.performance.timing.requestStart=1661259138438&qos.performance.timing.secureConnectionStart=1661259138423&qos.performance.timing.connectEnd=1661259138437&qos.performance.timing.connectStart=1661259138417&qos.performance.timing.domainLookupEnd=1661259138417&qos.performance.timing.domainLookupStart=1661259138408&qos.performance.timing.fetchStart=1661259138408&qos.performance.timing.redirectEnd=0&qos.performance.timing.redirectStart=0&qos.performance.timing.unloadEventEnd=0&qos.performance.timing.unloadEventStart=0&qos.performance.timing.navigationStart=1661259137935&qos.performance.bcInit=50.20000076293945&qos.player.dimensions=%5B%5B1661259143616%2C%22300x150%22%2C%221015.08x570.969%22%5D%5D&qos.player.pixelratio=%5B%5B1661259143616%2C1%5D%5D&qos.player.screendimensions=%5B%5B1661259143616%2C%221600x1200%22%5D%5D&seq=2

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 23 Aug 2022 12:52:23 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 129ms
129ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=d2b136b3-f6ef-49b2-b913-b07016497b87&batch_time=1661259143618
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/ 3 KB
1 KB 48ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10828766220/?random=1661259143621&cv=9&fst=1661259143621&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dd2d3b4f0fc148a60873d4bb79634c6d1ca9f4231e058fd9cf68efaad6b099a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/ 3 KB
1 KB 83ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456578300/?random=1661259143623&cv=9&fst=1661259143623&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f041e0d9dc527689743f12acc751be749882d935559ed403b16a111f92c5cc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/ 3 KB
1 KB 41ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668877205/?random=1661259143625&cv=9&fst=1661259143625&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d6f767307411f14cc6b48448f436b79ea3bf0eaad05ee67ee8a0f0af9cd38f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/ 3 KB
1 KB 104ms
91ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753664851/?random=1661259143626&cv=9&fst=1661259143626&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a41c0098c711cbf96dc79eb299fa53a1e67497a3759a43b7c889d8bc567cde75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/ 3 KB
1 KB 189ms
177ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/700588147/?random=1661259143627&cv=9&fst=1661259143627&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b021621f865bd5be078f16f06ef10c685962d16642769421465fafb679f20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1241
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/ 3 KB
1 KB 71ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/311444767/?random=1661259143628&cv=9&fst=1661259143628&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff68a697510a0de8151fae286b302dc618cba31215343887418866a0f55b47b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/ 3 KB
1 KB 38ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/668474013/?random=1661259143629&cv=9&fst=1661259143629&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&auid=1850770457.1661259143&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068b90d487d0d5b6be359c27de623f50d7e8081e987ecdcfa65c9290947b0475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1241
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668877205/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668877205/?random=1661259143625&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=783614677&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668877205/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668877205/?random=1661259143625&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=783614677&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/668474013/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/668474013/?random=1661259143629&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=2429762346&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/668474013/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/668474013/?random=1661259143629&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=2429762346&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10828766220/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10828766220/?random=1661259143621&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=4286139&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10828766220/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10828766220/?random=1661259143621&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=4286139&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 148ms
148ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=30606bc5-6e00-4b43-a22a-faf7e0b89193&batch_time=1661259143695
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/311444767/ 42 B
64 B 25ms
25ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/311444767/?random=1661259143628&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=1912468178&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/311444767/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/311444767/?random=1661259143628&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=1912468178&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456578300/ 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456578300/?random=1661259143623&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=212758127&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/456578300/ 42 B
64 B 43ms
43ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/456578300/?random=1661259143623&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=212758127&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/753664851/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/753664851/?random=1661259143626&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3476615472&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/753664851/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/753664851/?random=1661259143626&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config%3Btransport_type%3Dbeacon&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=3476615472&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 162ms
160ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=cf061b53-f2a0-4361-b117-5816163775de&batch_time=1661259143747
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 38ms
21ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 23 Aug 2022 12:52:23 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET thumbnail.webvtt
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/00237ab9-7145-4ab5-ae62-4a12518a90f9/ 0
0

GET
H2 200 thumbnail.webvtt Show response
manifest.prod.boltdns.net/thumbnail/v1/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/00237ab9-7145-4ab5-ae62-4a12518a90f9/ 131 KB
132 KB 117ms
110ms XHR
text/vtt 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/00237ab9-7145-4ab5-ae62-4a12518a90f9/thumbnail.webvtt?fastly_token=NjMwNTM2MDhfMDNkY2FiMGI5MmJkNjc3MDU0NzUwODRlNGQ3ZDgzNjE1NzMzM2Y1YzhkNmIzNzUzY2Y3MmNiODRkNjJkNDNkNA%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: ffaa479b4ef57c4a979b25b5f0b33fd2d822e09e69b20c263fa812bf8f1c6d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 134470
x-served-by: cache-hhn4029-HHN
x-device-group: desktop-chrome
x-timer: S1661259144.770854,VS0,VE103
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/vtt; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/10468400-b2d5-40f4-89f4-5bf1af174245/1280x720/match/ 109 KB
110 KB 71ms
9ms Image
image/jpeg 13.32.99.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/10468400-b2d5-40f4-89f4-5bf1af174245/1280x720/match/image.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-38.fra60.r.cloudfront.net
Software: / BC
Resource Hash: 96742390a593f2ce44eb0ebdc6ff34c4d3e1e94da13d9c87c7c8c9e379e84498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 08 Jul 2022 20:05:27 GMT
Via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
Age: 3948416
X-Powered-From: gantry
X-Powered-By: BC
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: NDy8ClPJ-1vmMxUNGHm6ErLW-GBKvjXtRk8Kj3SOPw63C82vVE1nKQ==
Expires: Sat, 08 Jul 2023 20:05:27 GMT

GET
H2 200 master.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/10s/ 8 KB
8 KB 100ms
100ms XHR
application/x-mpegurl 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/10s/master.m3u8?fastly_token=NjMwNTM2MDhfYmNiZmYzODE3ZDVmYjFlNmZmZTVkNGI3NDI1NmQ2NzEyZmNjODI4MTkzYjU4YjM3MmVkM2NiMjlhNzM3OGRkZg%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 58248eb24e8e9c717a757c6ed3b6bb078de0aebbcccdae0fdaa1022977b799e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:23 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
x-bolt-device-group: desktop-chrome
content-length: 7838
x-served-by: cache-hhn4029-HHN
x-device-group: desktop-chrome
x-timer: S1661259144.777645,VS0,VE94
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK 38ec1a6b-4d3c-49d5-9db8-4ae4bbe85488
https://secure.palmbeachgroup.com/ 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/38ec1a6b-4d3c-49d5-9db8-4ae4bbe85488
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 5922
Content-Type: application/javascript

POST
H3 200 tracker
metrics.brightcove.com/v2/ 35 B
49 B 21ms
21ms Ping
image/gif 35.244.232.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: players.brightcove.net
URL: https://players.brightcove.net/5102072647001/lLJeax0GGw_default/index.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.232.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.232.244.35.bc.googleusercontent.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
via: 1.1 google
date: Tue, 23 Aug 2022 12:52:23 GMT
cache-control: must-revalidate,no-cache,no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 147ms
147ms Ping
application/json 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.8.0%2Cenv%3APROD%2Cservice%3Acampaign-ui-prod%2Cversion%3A1.0.0&dd-api-key=pub5a93a2e41f99bb3b57d467276cf7c1f0&dd-evp-origin-version=4.8.0&dd-evp-origin=browser&dd-request-id=61d86b94-69a2-4a2c-b436-252870c51188&batch_time=1661259143818
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/main-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:fc86:11e5:7cb3:38c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.palmbeachgroup.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 /
www.google.com/pagead/1p-user-list/700588147/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/700588147/?random=1661259143627&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=2923304142&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/700588147/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/700588147/?random=1661259143627&cv=9&fst=1661256000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8m0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsecure.palmbeachgroup.com%2F%3Fcid%3DMKT622338%26eid%3DMKT633431%26step%3Dstart%26plcid%3DPLC139720%26SNAID%3DSAC0005726833%26email%3Dpjordan%40grouponesir.com%26encryptedSnaid%3Diyhha%2520DTL%252F%2520te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%253D%26emailjobid%3D5147497%26emailname%3D20220507-TBE-PAID%26assetId%3DAST232923%26page%3D1&tiba=Palm%20Beach%20Research%20Group&async=1&fmt=3&is_vtc=1&random=2923304142&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Aug 2022 12:52:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/619c95c7-fa60-455c-8e5e-c3931b1e0379/10s/ 169 KB
169 KB 323ms
322ms XHR
application/x-mpegurl 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/619c95c7-fa60-455c-8e5e-c3931b1e0379/10s/rendition.m3u8?fastly_token=NjMwNTM2MDhfODljODQ1ZjZhYjUxZDFiYjU3NGM5NzViZmQ2YzI1NTYwNjA1Y2Y3MmUwMTEzN2U2Y2JkZTRjNWI5NDg2Njk2Yg%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: b8036da78c89ce8af06ed66943acee7cbc088cbd030e632321e27f523db8a814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:24 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 172611
x-served-by: cache-hhn4029-HHN
x-device-group: desktop-chrome
x-timer: S1661259144.886117,VS0,VE312
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
H2 200 rendition.m3u8 Show response
manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/f7b76ce0-38a2-4108-9bc2-20212c4b0b43/10s/ 170 KB
170 KB 193ms
193ms XHR
application/x-mpegurl 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/manifest/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/f7b76ce0-38a2-4108-9bc2-20212c4b0b43/10s/rendition.m3u8?fastly_token=NjMwNTM2MDhfODdiYWYyNDAyZmI0NTg0YjY0MzRhM2I2ZTY5Y2NiZjE0ZDY1NzllNDIxNDcwMzVlNGJmMGJiN2NmMjM4Yjk2ZQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 8eac869e2e225cfa3bd7dedc2a9f1dfb6052c8ce706fa7070a6e7411c9635bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:24 GMT
via: 1.1 varnish
age: 0
x-powered-by: BC
x-cache: MISS
content-length: 173660
x-served-by: cache-hhn4029-HHN
x-device-group: desktop-chrome
x-timer: S1661259144.219111,VS0,VE186
x-powered-from: gantry
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-expose-headers: Server,Range,Content-Length,Content-Range
cache-control: s-maxage=10800, max-age=10800
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer
x-cache-hits: 0

GET
BLOB 200
OK 48f85b5d-d1d4-4883-8fa8-d98c21954a5e
https://secure.palmbeachgroup.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/48f85b5d-d1d4-4883-8fa8-d98c21954a5e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 646131cb40166bdb7b46e7d83c0c27d5f64a81b0bb7183efbfaae326ca2ff44f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 3138f95e-3d38-46ed-8cba-75f6b25fb0f1 Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/ 16 B
189 B 136ms
136ms XHR
application/octet-stream 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/3138f95e-3d38-46ed-8cba-75f6b25fb0f1?fastly_token=NjMwNTM2MDlfZjNhNjBhOGNkZTNlNzFjNGI1ZjU3YzhjNGU2MWEwMWZlZWRkNWIyNTE3N2IzYjhmNjhjYmNmZmIyN2I5NWRlZQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 8f34a65a8819017341d6add7966f93339c1c20b995fafd8e8f61ffd295efde84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:24 GMT
via: 1.1 varnish
bcov-request-id: ee3052b9-159e-4015-b980-f18ea03594fb
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4029-HHN
x-device-group: desktop-chrome
x-timer: S1661259144.308375,VS0,VE129
x-powered-from: eu-west-1c
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=7290
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/619c95c7-fa60-455c-8e5e-c3931b1e0379/3138f95e-3d38-46ed-8cba-75f6b25fb0f1/5x/ 3 MB
3 MB 166ms
117ms XHR
video/mp2t 2a02:26f0:3500:16::215:1496

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/619c95c7-fa60-455c-8e5e-c3931b1e0379/3138f95e-3d38-46ed-8cba-75f6b25fb0f1/5x/segment0.ts?akamai_token=exp=1661285896~acl=/media/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/619c95c7-fa60-455c-8e5e-c3931b1e0379/3138f95e-3d38-46ed-8cba-75f6b25fb0f1/*~hmac=664ed80f7422878181e4fafcf03ed673de924088745caca39e716e22fccd29db
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:16::215:1496 -, , ASN (),
Reverse DNS
Software: / BC
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:24 GMT
X-Amz-Cf-Pop: JFK50-P1
X-Powered-By: BC
Backend-IP: 108.139.46.132
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 3576896
X-Served-By: cache-ewr18123-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1661259144.403791,VS0,VE18
X-Powered-From: gantry
ETag: "610323a3ac28e5c54c9f9263869d8363"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=31181389
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: 4S6ILstrgXVNycwy93HOiYdD6nGwaIN45W92838WKsNXXiW4s4s6ow==
Expires: Sat, 19 Aug 2023 10:22:13 GMT
X-Cache-Hits: 1

GET
BLOB 200
OK 22412f21-4bd1-4966-a53c-574425465441
https://secure.palmbeachgroup.com/ 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.palmbeachgroup.com/22412f21-4bd1-4966-a53c-574425465441
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 646131cb40166bdb7b46e7d83c0c27d5f64a81b0bb7183efbfaae326ca2ff44f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 70120
Content-Type: application/javascript

GET
H2 200 3138f95e-3d38-46ed-8cba-75f6b25fb0f1 Show response
manifest.prod.boltdns.net/license/v1/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/ 16 B
107 B 145ms
144ms XHR
application/octet-stream 151.101.194.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://manifest.prod.boltdns.net/license/v1/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/3138f95e-3d38-46ed-8cba-75f6b25fb0f1?fastly_token=NjMwNTM2MDlfZjNhNjBhOGNkZTNlNzFjNGI1ZjU3YzhjNGU2MWEwMWZlZWRkNWIyNTE3N2IzYjhmNjhjYmNmZmIyN2I5NWRlZQ%3D%3D
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / BC
Resource Hash: 8f34a65a8819017341d6add7966f93339c1c20b995fafd8e8f61ffd295efde84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 12:52:24 GMT
via: 1.1 varnish
bcov-request-id: ec339b6f-7fe4-4426-b6c2-e8043ab02287
x-powered-by: BC
x-cache: MISS
x-hosted-on: Gantry
content-length: 16
x-served-by: cache-hhn4029-HHN
x-device-group: desktop-chrome
x-timer: S1661259144.426192,VS0,VE137
x-powered-from: eu-west-1c
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=7290
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK segment0.ts Show response
bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/f7b76ce0-38a2-4108-9bc2-20212c4b0b43/3138f95e-3d38-46ed-8cba-75f6b25fb0f1/5x/ 277 KB
278 KB 25ms
12ms XHR
video/mp2t 2a02:26f0:3500:16::215:1496

General

Check archive.org

Show headers Download Go to

Full URL: https://bcbolt446c5271-a.akamaihd.net/media/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/f7b76ce0-38a2-4108-9bc2-20212c4b0b43/3138f95e-3d38-46ed-8cba-75f6b25fb0f1/5x/segment0.ts?akamai_token=exp=1661285897~acl=/media/v1/hls/v4/aes128/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/f7b76ce0-38a2-4108-9bc2-20212c4b0b43/3138f95e-3d38-46ed-8cba-75f6b25fb0f1/*~hmac=bdc99e00227f36de42d7a5b2e97396bb3503b866357475c81fb08a3e4c9dde69
Requested by: Host: secure.palmbeachgroup.com
URL: https://secure.palmbeachgroup.com/polyfills-es2015.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:16::215:1496 -, , ASN (),
Reverse DNS
Software: / BC
Resource Hash: 6ce2012119a5b86a463f1a8edbbcce231be41057064256a4adb43366aa2fc8b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.palmbeachgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 23 Aug 2022 12:52:24 GMT
X-Amz-Cf-Pop: EWR52-C4
X-Powered-By: BC
Backend-IP: 99.84.47.105
BC-MID: true
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 283136
X-Served-By: cache-ewr18134-EWR
Akamai-Mon-Iucid-Del: 1315351
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Timer: S1657538241.736362,VS0,VE1
X-Powered-From: gantry
ETag: "71a73fec3a4214287f24a5810b59b467"
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,Range,Content-Length,Content-Range,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control: public, max-age=29904002
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With,Origin,Range,Accept-Encoding,Referer,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
X-Amz-Cf-Id: jFQ6HS-p56SJuZdPKuFLHIP374b_6vBEVTcSTrLoS7n3V3maES7MOg==
Expires: Fri, 04 Aug 2023 15:32:26 GMT
X-Cache-Hits: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: manifest.prod.boltdns.net
URL: http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/00237ab9-7145-4ab5-ae62-4a12518a90f9/thumbnail.webvtt?fastly_token=NjMwNTM2MDhfMDNkY2FiMGI5MmJkNjc3MDU0NzUwODRlNGQ3ZDgzNjE1NzMzM2Y1YzhkNmIzNzUzY2Y3MmNiODRkNjJkNDNkNA%3D%3D

Verdicts & Comments Add Verdict or Comment

508 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.listrakbi.com/BrxgIoIXfWCS	1970-01-20 15:03:39	Name: gsid Value: v%2faLANhSQSWbxB3rt9O1vqD5cWkyprC0I8sd8cMm16YYo0UtBubTFz%2fMLepaymwlBrbmzhu5l8k%3d
.listrakbi.com/BrxgIoIXfWCS	1970-01-20 14:13:15	Name: scasid Value: af784752-559e-448e-9e0c-53b837328569
.paypal.com/	1970-01-20 15:03:39	Name: ts Value: vreXpYrS%3D1755953540%26vteXpYrS%3D1661260940%26vr%3Dcac2cbf91820a6230810e1f8ffffffff%26vt%3Dcac2cbf91820a6230810e1f8fffffffe
.paypal.com/	1970-01-20 15:03:39	Name: ts_c Value: vr%3Dcac2cbf91820a6230810e1f8ffffffff%26vt%3Dcac2cbf91820a6230810e1f8fffffffe
secure.palmbeachgroup.com/	1970-01-20 15:03:39	Name: bssSessionId Value: 64b5eb41-6ca5-49da-82dd-646c97e5fb94
.palmbeachgroup.com/	1970-01-20 15:03:39	Name: _ga Value: GA1.2.634359137.1661259142
.palmbeachgroup.com/	1970-01-20 05:29:05	Name: _gid Value: GA1.2.2084865361.1661259142
.palmbeachgroup.com/	1970-01-20 05:27:39	Name: _gat_UA-87443958-7 Value: 1
s1.listrakbi.com/	1970-01-20 05:37:43	Name: AWSALBCORS Value: oyP9Ic1eohXqSg+9hJyNUHazBwIOfQRxmbsXPrMm0WcPXunes0jENjZD+XxI64ps20csvD1B3rOJ3d1EI5NyLvXOMkxu0YVlIoTFFWmysJz9fUX51/BZBn8Nkpl7
.listrakbi.com/	1970-01-20 07:37:15	Name: usid Value: 77e5e8146a2543ee9014da0c50dc6235
.quora.com/	1970-01-20 05:27:40	Name: __cf_bm Value: ne3DeaPtD4SG0DFQS1486mJ_D6k_BsVY5_HKUGvzLY4-1661259142-0-Acg7a/hXTS4jyy+6bXISJXWWG2zu1Fk4zfVnbyyvKm9V9FZVmxbhMuYMzuLiGLif/T7X8KotouitAchF47wxZwE=
.secure.palmbeachgroup.com/	1970-01-20 05:27:40	Name: seerses Value: e
.secure.palmbeachgroup.com/	1970-01-20 15:03:39	Name: seerid Value: 9ef96c59-996d-43b5-9d7d-fd05b80a9c8b
.palmbeachgroup.com/	1970-01-20 15:03:39	Name: GSIDBrxgIoIXfWCS Value: 7eae4fb8-d0ff-4470-b799-641e3a8233a4
.palmbeachgroup.com/	1970-01-20 14:13:15	Name: STSID243866 Value: af784752-559e-448e-9e0c-53b837328569
ssl.kaptcha.com/	1970-01-20 07:37:15	Name: k Value: ba8764baf6af4086b214637317ec4fed
.lytics.io/	1970-01-20 15:03:39	Name: seerid Value: 9ef96c59-996d-43b5-9d7d-fd05b80a9c8b
.yahoo.com/	1970-01-20 14:13:36	Name: A3 Value: d=AQABBIbNBGMCEHkbBmIR3P-vcVoamRIHEzIFEgEBAQEfBmMOYwAAAAAA_eMAAA&S=AQAAAi9DiBui5BJA5_aYY7lTFlE
secure.palmbeachgroup.com/	1970-01-20 06:54:03	Name: MKT622338_MKT633431_AST232923 Value: visited
secure.palmbeachgroup.com/	1970-01-20 14:13:15	Name: lr_cue_MKT622338_MKT633431 Value: 0
.palmbeachgroup.com/	1970-01-20 07:37:15	Name: _gcl_au Value: 1.1.1850770457.1661259143
.palmbeachgroup.com/	1970-01-20 05:27:39	Name: _gat_UA-170962029-3 Value: 1
.sitescout.com/	1970-01-20 14:13:15	Name: ssi Value: 99c7381c-3761-49e6-99f6-a1335919a4f9#1661259143034
.bing.com/	1970-01-20 14:49:15	Name: MUID Value: 0C76DE2EC0B76A9901BACC27C11B6B33
.palmbeachgroup.com/	1970-01-20 05:29:05	Name: _uetsid Value: 6e85f7f022e211edac061d7ea3818812
.palmbeachgroup.com/	1970-01-20 14:49:15	Name: _uetvid Value: 6e863fb022e211ed9e6613a849a8422c
secure.palmbeachgroup.com/	1970-01-20 14:13:15	Name: cdn.beaconstreetservices.100014.ka.ck Value: 7c62cadd53c38f1d08661fd23df4c710d11a02c5840cf9bf139e04d82392199c09b55d08c1f458052028f22c0419483b644bf623d391f586d43b56513591f0ba39e86aba677adf26cfbfc81878dd0b01184745352c0df9db6b66676ca20170f4b7514a4b9dcc089163d3f1353c225d105563dd468387d5c06753c7758031fecc2a8f81e36f02ef1bc20fc5d7c37b73434225db335f82ebbbb7035c
.sitescout.com/	1970-01-20 06:10:51	Name: _ssuma Value: eyIzNCI6MTY2MTI1OTE0MzA1OCwiMiI6MTY2MTI1OTE0MzA1OCwiMzkiOjE2NjEyNTkxNDMwNTgsIjciOjE2NjEyNTkxNDMwNTgsIjgiOjE2NjEyNTkxNDMwNTh9
.tapad.com/	1970-01-20 06:54:03	Name: TapAd_TS Value: 1661259143114
.tapad.com/	1970-01-20 06:54:03	Name: TapAd_DID Value: 19d7f1fa-d0de-47b8-bbb1-fdf0387a2c76
.tapad.com/	1970-01-20 06:54:03	Name: TapAd_3WAY_SYNCS Value:
secure.palmbeachgroup.com/	1970-01-20 05:27:40	Name: _dd_s Value: logs=1&id=b4cc1727-f1b4-4774-b512-18a514f19ea3&created=1661259140304&expire=1661260040309&rum=1
.palmbeachgroup.com/	1970-01-20 05:27:39	Name: _gat_gtag_UA_137602623_2 Value: 1
.demdex.net/	1970-01-20 09:46:51	Name: demdex Value: 64425256374489755193507626223307152182
.dpm.demdex.net/	1970-01-20 09:46:51	Name: dpm Value: 64425256374489755193507626223307152182
.doubleclick.net/	1970-01-20 14:49:15	Name: IDE Value: AHWqTUnXVdo-bO8HndkaDWy8LO_jutE8W2Y5t3EazEmWAjOgcewpHruLN15ERs5e

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/384136.gif?partner_uid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=99c7381c-3761-49e6-99f6-a1335919a4f9-6304cd87-5858&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://secure.palmbeachgroup.com/polyfills-es2015.js Message: Mixed Content: The page at 'https://secure.palmbeachgroup.com/?cid=MKT622338&eid=MKT633431&step=start&plcid=PLC139720&SNAID=SAC0005726833&email=pjordan@grouponesir.com&encryptedSnaid=iyhha%20DTL%2F%20te0Kl0vg49YdWxuBxjzamR3O03dtPPTc%3D&emailjobid=5147497&emailname=20220507-TBE-PAID&assetId=AST232923&page=1' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://manifest.prod.boltdns.net/thumbnail/v1/5102072647001/6899b76a-6323-482f-b07b-6fe327121638/00237ab9-7145-4ab5-ae62-4a12518a90f9/thumbnail.webvtt?fastly_token=NjMwNTM2MDhfMDNkY2FiMGI5MmJkNjc3MDU0NzUwODRlNGQ3ZDgzNjE1NzMzM2Y1YzhkNmIzNzUzY2Y3MmNiODRkNjJkNDNkNA%3D%3D'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
amplifypixel.outbrain.com
bat.bing.com
bcbolt446c5271-a.akamaihd.net
c.lytics.io
cdn.listrakbi.com
cdn.mxpnl.com
cdnjs.cloudflare.com
cf-images.us-east-1.prod.boltdns.net
click.e.brownstoneresearch.com
code.jquery.com
d3bjnmbj12697.cloudfront.net
dpm.demdex.net
edge.api.brightcove.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gsdpeazjjf.execute-api.us-east-1.amazonaws.com
idsync.rlcdn.com
js.trackinggrid.com
manifest.prod.boltdns.net
marketingassets.cloudsna.com
metrics.brightcove.com
pixel.sitescout.com
pixel.tapad.com
players.brightcove.net
q.quora.com
rum.browser-intake-datadoghq.com
s.yimg.com
s1.listrakbi.com
s3.amazonaws.com
secure.palmbeachgroup.com
sp.analytics.yahoo.com
ssl.kaptcha.com
static.zuora.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.teads.tv
t.paypal.com
trc.taboola.com
up.pixel.ad
vjs.zencdn.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
manifest.prod.boltdns.net
104.111.237.220
104.111.242.245
104.18.7.244
13.111.151.172
13.32.99.38
142.250.186.66
151.101.1.21
151.101.194.27
151.101.65.35
162.159.152.17
178.79.242.16
18.66.130.11
192.229.221.25
2001:4de0:ac18::1:a:1b
209.59.154.196
212.82.100.181
23.35.237.37
2600:1901:0:bc29::
2600:1f18:24e6:b902:fc86:11e5:7cb3:38c
2600:9000:225e:f800:f:75e2:4ac0:21
2606:4700:20::681a:316
2606:4700::6810:1937
2606:4700::6810:f51b
2606:4700::6811:190e
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c1b::9d
2a02:26f0:3500:16::215:1496
2a04:4e42:600::729
2a04:4e42::300
3.251.27.103
35.227.248.159
35.244.174.68
35.244.232.184
52.17.214.109
52.2.147.16
52.216.33.48
52.222.236.108
54.148.115.137
66.155.71.149
70.42.32.223
013050e8e5ab5ca56b6344fe09502a82fc4ced559a155646ff286b4af3545eeb
04ee48acc08117bc211b853f9fca1ec46ad9bd03c34efe6fb7a754867086306d
068b90d487d0d5b6be359c27de623f50d7e8081e987ecdcfa65c9290947b0475
08cb0f46ed2415058019966967713095ef16ce83d54c74a5f52a61846dbe2399
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
117c5b2053512b3ad44dee782459bcd4cc7e7467b9b12da3887b25f83bf75b0a
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14bf8292ae1e1ac698da2f2155f00ab24d5eda73e0c3e1e25e368a905759283b
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1ebf6a2710236762178861bf15fa6074bd5e61502c1811551099ebe3754e0c83
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
28e7a175bbbb2d42cd553a6f0ec8135cfe0ddb6fc2e21975d01e5cd0bafdff13
2de3e31e50a5c63853a2f1c4ebcef1d7a6691d1a16a6ca86788e31c1233b2bbb
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
319230b640f8898f0dd1a982c35e85993961a891d28b9f70b86afbb8ec9567d5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e2c39537115cd4c3cacb5b3ac9c6456fe1059d49dabe4ff69a400fdadc3f8d
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
361de8847d477a4aa1b825c01c179573336ca81b0a9a6a41aca4428d516ec02c
3ba6b46bbb7dd7ce6eb0171c4b38c49164969021d629e20fcd7dece5e8e3fc5e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41d6f767307411f14cc6b48448f436b79ea3bf0eaad05ee67ee8a0f0af9cd38f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48d233d91a05f922549923e3295edb2d404f9119d8dba0b63dbb15bb6ae23672
4927c66a212bf3c348f8e724c303523ea09351fe420cc938f2a51b0f6fc7a185
500b1cc0cde5ed863c841d7a5cd062b90f09e9284d261d8ebf9a33d5737c9398
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58248eb24e8e9c717a757c6ed3b6bb078de0aebbcccdae0fdaa1022977b799e0
58a6f49e92f7d2fd1246d98c568c2ac7d6be832ddfece67ec9f7ef3332766adf
5a0be406a1bdf94a25a9d142d4124e3dccbdeb5593cd78fb0bd234df89dd7389
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b2b36199292fd0a66f42de265cbbcaaefce6ebacb6b6a116beebc4e61e8ae8c
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
646131cb40166bdb7b46e7d83c0c27d5f64a81b0bb7183efbfaae326ca2ff44f
64a1ca8c093b60d9abfe26d042cfaacf464c5d928c26e7ce6e5528f1cb1d6899
6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce2012119a5b86a463f1a8edbbcce231be41057064256a4adb43366aa2fc8b3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6de0627804e1990e403b4a0df327373446691baf87185c06bbd483583f069e23
7020d66b4092308022cb260d9c84c286501e3b3bb3dfe1bcac40b95ff7e45b8f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
733422c9624204cf256bfc25165a06eb9fb8e058d3c79e2c25349bcf8d2a1360
73567000b57fdfed5825cd324d4e8b9bcf59317eed6076ad05c7f95427a420ca
7651dd597cbfc8496cc17e8e09a1a5c8ebf9a11cdef6c6bd0e3090d40524d9b5
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
793cb14b4ae48e92c4a35eae5d34b4b95092e3cd7995ce342b6895a560ef7526
7a9625238f9b78c4ef509cf9905f2d4490e68b8e37647b851d9c7401548b1d63
7c506082fa68431a459024b440e5e418c769f3e2803cbb9cdb296ae7b6cae2d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852efa9c5c678757dbd43e9dd9db2d0716656995bd8db701c15248634b2eca47
8a2f4186ce02314b3f5af5a0d4f118aa4863f00600a0ac51cd0d178081c9ee34
8a60672efd62862adb750cf0d1ba8916744490d764cb2807c8114353f6aae6c8
8e1663d8c94c35e9d197509c59d98431ef72bd4167fd8ada04e1d80ebdbe2640
8eac869e2e225cfa3bd7dedc2a9f1dfb6052c8ce706fa7070a6e7411c9635bbc
8f34a65a8819017341d6add7966f93339c1c20b995fafd8e8f61ffd295efde84
8f76d835d1551983f7a8d3a857eb3a27f448b468631a8e9ab09ee6ac4aa5157b
96742390a593f2ce44eb0ebdc6ff34c4d3e1e94da13d9c87c7c8c9e379e84498
98c2a74405e978d753625e97a0cb1c2eab250a9444d82dd75e1bce82cb437ae2
9c214017962f2b403ee2f8a0dd51333b467aa3f082c5fc93fdb86f0b3d90a19b
9dd2d3b4f0fc148a60873d4bb79634c6d1ca9f4231e058fd9cf68efaad6b099a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a2c9f5eec6de7541b3a38a307f21a69bc1a1771dbe6c10876926d6ad7bb39b
a394fd65fe8013eb58e146ddccbf749fd875c291cb8ea9e2d4144c80caf65182
a41c0098c711cbf96dc79eb299fa53a1e67497a3759a43b7c889d8bc567cde75
a5b021621f865bd5be078f16f06ef10c685962d16642769421465fafb679f20f
a761974ea449b3fa737f6ad2bee59176aefc3572a6a79984f830bbaeafa6ebaa
a7b3842cbdf122e045b7d2a203ea16a99acd6a246e55f1dc031c24fa9a5ba199
aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d
add2ae6e587488a3ee7c774b8e6f9e8bff4b92789c8d8fda0f362293ad990a09
afba0a9e71e6bf5b89cb8ea73a331d6f16d8ad0d9059fd5270e424c2b372da82
b614b1552fa5262616309af625a8c4e81abc641f0c94915331e86849f1cfc026
b7b841b5259d95babf9d1053887cd12c72574698f62a33261a7cb63a22fd62c2
b8036da78c89ce8af06ed66943acee7cbc088cbd030e632321e27f523db8a814
b911b207010d54fdf289d6ce2ae8c425189c041c767826dad5b32e020d92bd37
bfef493b74a7c8a39c6631195df6c348fb08172c4b36b04ac48e37060880a74f
c2fdbfb150ffae0c2f646f2711ed1091771ca2a2faeb95460ad2c7d7078cca4e
c71014fdfc6e16f4d67c3c1ce51f661beb63cf9eaa923ed0e46d56cc675b55a0
cbb4179d73f235c644a4cf9fb06b04908e3178b804e7ac3b766f01d5edbc1677
cc29bdfa5e510b47aa7faf5ec6ddac2b91581060cc56aaa19153575f72431273
cf8c5b70415e0ec8f7a72630426243ddef0caf4479bb4204f86c829d095f8747
d3f7c0ed14b5b7347b93e0e91f558238b0c0542501b484de714eef38e9e236fd
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7fe7a95be52af9780b34bb34d7c6e4801e77fda4be41f7b0676e671543023e9
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
db7541c599d2a1861ef29b8dc828f6affd2d0c4f3ca4458ddbab989b460769b3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfebf58d935986f47bb3dcfd71241ec01472a5995c37c58ae0094238461f3327
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c20bca3446c73992193c05facfc083992990ab7d87fcb6bce3dadb1856b1fe
e553840d45d1a1e614f0311e22c8442f215e93a632db86f731c2626b520bc184
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ec28922ebf7c32e774061e61d02e1f084cedb890dfae738bb510b5f44e3cf876
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f041e0d9dc527689743f12acc751be749882d935559ed403b16a111f92c5cc3b
f6791133f337c94d8b138de5e2e572c8b65f19a7baca146b16d99c75fafa80b0
f67cffc3d7cf57726b094dbd689a455b70158027abf6771c95583d15cdb373fd
fadadc49b4ca3c49a69a4ce2c17d56cab0a8b52af6b3fae5296ae1a9f56ed453
fb37413b7c8e7e66a05f145a6af367f5d593b358a3c45f2b294a9438997a4ada
fecf49ee5500b0d2fd65869cb54d7dee531c5b119a2760abf42ffeddbbd52963
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff68a697510a0de8151fae286b302dc618cba31215343887418866a0f55b47b4
ffaa479b4ef57c4a979b25b5f0b33fd2d822e09e69b20c263fa812bf8f1c6d37

secure.palmbeachgroup.com Open in urlscan Pro 2606:4700::6810:1937 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

164 Requests

95 %HTTPS

44 %IPv6

42 Domains

49 Subdomains

48 IPs

7 Countries

6818 kBTransfer

12470 kBSize

36 Cookies

4 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.palmbeachgroup.com Open in urlscan Pro
2606:4700::6810:1937 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

95 %
HTTPS

44 %
IPv6

42
Domains

49
Subdomains

48
IPs

7
Countries

6818 kB
Transfer

12470 kB
Size

36
Cookies

164 HTTP transactions
6 data transactions