urlscan.io logo urlscan.io
SecurityTrails logo

auth.palmetto.com Open in urlscan Pro
172.64.150.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sabal.palmetto.com/
Effective URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRG...
Submission: On May 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 9 domains to perform 36 HTTP transactions. The main IP is 172.64.150.240, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is auth.palmetto.com.
TLS certificate: Issued by E1 on April 29th 2024. Valid for: 3 months.
This is the only time auth.palmetto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.106 15169 (GOOGLE)
4 151.101.130.217 54113 (FASTLY)
2 3.223.165.9 14618 (AMAZON-AES)
1 2 172.64.150.240 13335 (CLOUDFLAR...)
2 54.230.228.26 16509 (AMAZON-02)
1 3.33.235.18 16509 (AMAZON-02)
4 18.173.187.31 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:26d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.201.112.186 396982 (GOOGLE-CL...)
3 35.186.194.58 15169 (GOOGLE)
36 16
5    2606:4700::6812:11b5 (United States)

ASN13335 (CLOUDFLARENET, US)
sabal.palmetto.com
palmetto.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f106.1e100.net
maps.googleapis.com
4    151.101.130.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
2    3.223.165.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-165-9.compute-1.amazonaws.com
events.launchdarkly.com
2    172.64.150.240 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
auth.palmetto.com
2    54.230.228.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-26.muc50.r.cloudfront.net
widget.intercom.io
1    3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com
clientstream.launchdarkly.com
4    18.173.187.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-31.muc50.r.cloudfront.net
js.intercomcdn.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:26db:b200:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)
cdn.auth0.com
1    2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
Apex Domain
Subdomains		 Transfer
7 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 736
events.launchdarkly.com — Cisco Umbrella Rank: 907
clientstream.launchdarkly.com — Cisco Umbrella Rank: 886
1 KB
7 palmetto.com
sabal.palmetto.com
auth.palmetto.com
palmetto.com — Cisco Umbrella Rank: 995751
1 MB
5 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2197
rs.fullstory.com — Cisco Umbrella Rank: 2240
79 KB
4 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2114
290 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 361
fonts.googleapis.com — Cisco Umbrella Rank: 33
storage.googleapis.com — Cisco Umbrella Rank: 353
93 KB
2 gstatic.com
fonts.gstatic.com
30 KB
2 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6742
41 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1597
api-iam.intercom.io Failed
6 KB
0 browser-intake-datadoghq.com Failed
browser-intake-datadoghq.com Failed
36 9
Domain Requested by
4 js.intercomcdn.com widget.intercom.io
4 app.launchdarkly.com sabal.palmetto.com
4 sabal.palmetto.com 1 redirects sabal.palmetto.com
3 rs.fullstory.com edge.fullstory.com
2 edge.fullstory.com auth.palmetto.com
edge.fullstory.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.auth0.com auth.palmetto.com
2 widget.intercom.io sabal.palmetto.com
auth.palmetto.com
2 auth.palmetto.com 1 redirects sabal.palmetto.com
2 events.launchdarkly.com sabal.palmetto.com
2 maps.googleapis.com sabal.palmetto.com
maps.googleapis.com
1 palmetto.com
1 storage.googleapis.com auth.palmetto.com
1 fonts.googleapis.com auth.palmetto.com
1 clientstream.launchdarkly.com
0 api-iam.intercom.io Failed js.intercomcdn.com
0 browser-intake-datadoghq.com Failed sabal.palmetto.com
36 17

This site contains links to these domains. Also see Links.

Domain
palmetto.com
Subject Issuer Validity Valid
palmetto.com
Cloudflare Inc ECC CA-3		 2024-01-19 -
2024-12-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh
auth.palmetto.com
E1		 2024-04-29 -
2024-07-28		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
*.auth0.com
Amazon RSA 2048 M03		 2024-01-25 -
2025-02-22		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-05-03 -
2024-08-01		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-05-02 -
2024-07-31		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Frame ID: F4480EC22E01C6962E69DD704E9EA586
Requests: 28 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3e87f8c0.js
Frame ID: 7F636F4E9E080AAA225F95B887071D82
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3e87f8c0.js
Frame ID: 74CA8921D9C32EBBC225632623140E64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Palmetto Signup and Login

Page URL History Show full URLs

  1. http://sabal.palmetto.com/ HTTP 307
    https://sabal.palmetto.com/ Page URL
  2. https://sabal.palmetto.com/api/auth/login?state=%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com... HTTP 302
    https://auth.palmetto.com/authorize?client_id=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&scope=openid+offline_ac... HTTP 302
    https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3Rp... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

36
Requests

86 %
HTTPS

40 %
IPv6

9
Domains

17
Subdomains

16
IPs

2
Countries

1920 kB
Transfer

6707 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sabal.palmetto.com/ HTTP 307
    https://sabal.palmetto.com/ Page URL
  2. https://sabal.palmetto.com/api/auth/login?state=%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D HTTP 302
    https://auth.palmetto.com/authorize?client_id=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&scope=openid+offline_access+profile+email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&state=N0E5mXrzQ79kkqkb%3A%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D&org=undefined HTTP 302
    https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sabal.palmetto.com/ HTTP 307
  • https://sabal.palmetto.com/

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sabal.palmetto.com/
Redirect Chain
  • http://sabal.palmetto.com/
  • https://sabal.palmetto.com/
1 KB
936 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:11b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211e132efa4918fa0f209e69e3baeffbaf6ffb463b2b929bc1a97d2610fcc3ba

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
880cf99abf9c65ba-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 May 2024 22:44:33 GMT
last-modified
Wed, 08 May 2024 22:00:57 GMT
server
cloudflare
vary
Origin
via
1.1 google
x-cloud-trace-context
431aec0213bd8a82fcbf67d683da4a9f

Redirect headers

Location
https://sabal.palmetto.com/
Non-Authoritative-Reason
HttpsUpgrades
js
maps.googleapis.com/maps/api/ 		245 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDDOhQDz1ta8YbCIsqJEmDY-xRH-0zQ1Ks&libraries=places&callback=googleMapApi
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
fd24d6bcda4b2e3df11eedfaa2f0cc62e9626e8f7a39006f652e2fae69a36e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sabal.palmetto.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81882
x-xss-protection
0
main.48f74783.js
sabal.palmetto.com/static/js/ 		2 MB
562 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sabal.palmetto.com/static/js/main.48f74783.js
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:11b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1385e02d460c4706fd5153542cb6b1c4cb4bbf60c744b704da1ad47c89052a7a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sabal.palmetto.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 May 2024 20:54:50 GMT
server
cloudflare
etag
W/"22a752-18f54d66d90"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
52058e4ce773a58c2b8880b28c449c78
cache-control
public, max-age=0
cf-ray
880cf99bc85865ba-FRA
main.17641638.css
sabal.palmetto.com/static/css/ 		2 MB
779 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sabal.palmetto.com/static/css/main.17641638.css
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:11b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbe06ab36d3d535f2ab90123a53818a2b91b9736479215f86bf1219cb561568

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sabal.palmetto.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 May 2024 20:54:50 GMT
server
cloudflare
etag
W/"1a618e-18f54d66d90"
vary
Origin, Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-cloud-trace-context
72ebdfb72a87a9750a5802c1b199c262
cache-control
public, max-age=0
cf-ray
880cf99bc85665ba-FRA
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDDOhQDz1ta8YbCIsqJEmDY-xRH-0zQ1Ks&libraries=places&callback=googleMapApi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sabal.palmetto.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sabal.palmetto.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
64df75d9cb761613f51a24e6
app.launchdarkly.com/sdk/goals/ 		2 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/64df75d9cb761613f51a24e6
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.48f74783.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.3.0
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://sabal.palmetto.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.2.0
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 varnish
date
Wed, 08 May 2024 22:44:34 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220101-FRA
x-timer
S1715208274.030638,VS0,VE101
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/ 		3 KB
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.48f74783.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6426e6e16d2b74530337fea15518874ec523bcc20c1ed390fa066677c77037df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.3.0
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://sabal.palmetto.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.2.0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:34 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
466
x-served-by
cache-fra-etou8220062-FRA, cache-fra-etou8220101-FRA
x-timer
S1715208274.026321,VS0,VE491
etag
"12dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
64df75d9cb761613f51a24e6
events.launchdarkly.com/events/diagnostic/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/64df75d9cb761613f51a24e6
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.48f74783.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.223.165.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-165-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.3.0
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://sabal.palmetto.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.2.0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
64df75d9cb761613f51a24e6
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/64df75d9cb761613f51a24e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://sabal.palmetto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Wed, 08 May 2024 22:44:34 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220101-FRA
x-timer
S1715208274.921418,VS0,VE102
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/64df75d9cb761613f51a24e6/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://sabal.palmetto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Wed, 08 May 2024 22:44:34 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220101-FRA
x-timer
S1715208274.921490,VS0,VE97
64df75d9cb761613f51a24e6
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/64df75d9cb761613f51a24e6
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.223.165.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-165-9.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://sabal.palmetto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Wed, 08 May 2024 22:44:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
favicon.ico
sabal.palmetto.com/ 		0
0
Primary Request login
auth.palmetto.com/
Redirect Chain
  • https://sabal.palmetto.com/api/auth/login?state=%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D
  • https://auth.palmetto.com/authorize?client_id=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&scope=openid+offline_access+profile+email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Faut...
  • https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXY...
30 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.48f74783.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.240 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9336d9b803784e97b5837dd1e49778eb04d2184fd6d1e915df587d288cca357
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sabal.palmetto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
880cf9a72bcf9c01-FRA
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Wed, 08 May 2024 22:44:35 GMT
etag
W/"760b-KRwT9VBe7uwIug0FmlK+EjsijqY"
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-requestid
fd43d842fc9978486fb6
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1715208276
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
880cf9a5ba6b9c01-FRA
content-length
1160
content-type
text/html; charset=utf-8
date
Wed, 08 May 2024 22:44:35 GMT
location
/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-requestid
cd624f7704943c69730e
x-content-type-options
nosniff
x-ratelimit-limit
500
x-ratelimit-remaining
499
x-ratelimit-reset
1715208275
z8xpsn9v
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/z8xpsn9v
Requested by
Host: sabal.palmetto.com
URL: https://sabal.palmetto.com/static/js/main.48f74783.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sabal.palmetto.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kcZTVwECxVhxUg3KFU8lcte74M2xQpJy
content-encoding
gzip
via
1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 22:40:57 GMT
x-amz-cf-pop
MUC50-P5
age
233
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2706
last-modified
Wed, 08 May 2024 16:22:02 GMT
server
AmazonS3
etag
"1facb8482538013a6b7db5fb91ad0503"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
7TLAhf9G7GH66Yj6K2CPjQTYfVSzt1iOW9NR9843HVCnVlEwKdSoUg==
620e4b23-57c6-4361-9921-2a4d262b5743
https://sabal.palmetto.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://sabal.palmetto.com/620e4b23-57c6-4361-9921-2a4d262b5743
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
25814
Content-Type
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
clientstream.launchdarkly.com/eval/64df75d9cb761613f51a24e6/ 		3 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/64df75d9cb761613f51a24e6/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6InVua25vd24tdXNlci1rZXkifQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.235.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa1ba9bef7b18c265.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://sabal.palmetto.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
1928
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
replay
browser-intake-datadoghq.com/api/v2/ 		0
0
frame-modern.3e87f8c0.js
js.intercomcdn.com/ Frame 7F63 		516 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3e87f8c0.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/z8xpsn9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-31.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
j_OnRUn4gTPreaoPzyAh92aqqPnlv2dn
content-encoding
gzip
via
1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 22:22:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P4
age
1350
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145111
last-modified
Wed, 08 May 2024 16:19:28 GMT
server
AmazonS3
etag
"78f5573b31f8d4e0137ddb5c544e016c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Nruv8tMO3iWDKF5p_Es7G7zvr2eioj1MdXccWAo2TrAMwsZDLd3LnA==
vendor-modern.07772018.js
js.intercomcdn.com/ Frame 7F63 		482 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.07772018.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/z8xpsn9v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-31.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Z8b.UgOf5y8qLndlF0faMc8TwhstO8UF
content-encoding
gzip
via
1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 20:45:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P4
age
7163
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150799
last-modified
Fri, 03 May 2024 15:32:05 GMT
server
AmazonS3
etag
"b27b573e6b04daed0b4144a6e206ba93"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
XV583u9FjICXwMhWlduX1ADqg-JzTueoq9qS8H2VI2qD8MqGzBa0aQ==
ping
api-iam.intercom.io/messenger/web/ Frame 7F63 		0
0
rum
browser-intake-datadoghq.com/api/v2/ 		0
0
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 22:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 May 2024 22:29:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 May 2024 22:44:35 GMT
auth0.min.js
cdn.auth0.com/js/auth0/9.13/ 		145 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/auth0/9.13/auth0.min.js
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:b200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a4107b8670efd983dc8d4c711ad6be5d1f5d9c479052c0224cc9117e88ee950
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
K1k7NsVIEboEoMirLv2.Nv0m7vC62vbW
content-encoding
gzip
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 21:30:49 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
4427
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 03 Jul 2020 15:28:37 GMT
server
AmazonS3
etag
W/"610f97a8dea9468b009a25d8e887d410"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
x-robots-tag
noindex
x-amz-cf-id
VvgeCXH1_CdrqpcZI7fsTQhwnWiukQtGhyyroNBSLl9Pr5vlVjOg5g==
object-assign.min.js
cdn.auth0.com/js/polyfills/1.0/ 		278 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:b200:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
date
Wed, 08 May 2024 20:15:22 GMT
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-cf-pop
MUC50-P3
age
8962
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
278
last-modified
Thu, 08 Jun 2017 20:30:02 GMT
server
AmazonS3
etag
"4dfaafaab07b1c6c2314bfe79a1baa81"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=10800,public
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
9kk610oHTqRYkAZuz2wwimvXhqdPwFr0oY-KLgG-p6xMkdUvfq-7uA==
palmetto.png
storage.googleapis.com/alchemy-next-prod/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/alchemy-next-prod/palmetto.png
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
90a9ee7f0d51e8255513cb197516dbb7a569ef51961b863b58b83f170814b314

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:35 GMT
age
0
x-guploader-uploadid
ABPtcPrNr_gGysrzbqWxxB0mOrKv79JhU6tBpPI9MtIWdRB6X3UqADW8h-n-0rhlTFZz74SVFWcKO3syqQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10818
last-modified
Mon, 08 Feb 2021 18:15:05 GMT
server
UploadServer
etag
"4a4964059acfe78872670cd4b338780f"
x-goog-generation
1612808105096626
x-goog-hash
crc32c=Yvlvhw==, md5=SklkBZrP54hyZwzUszh4Dw==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
10818
accept-ranges
bytes
expires
Wed, 08 May 2024 23:44:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth.palmetto.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:46:51 GMT
x-content-type-options
nosniff
age
140264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:46:51 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth.palmetto.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:56:25 GMT
x-content-type-options
nosniff
age
139690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:56:25 GMT
fs.js
edge.fullstory.com/s/ 		270 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f790bb4c8aab0ba674aa0590ba1b0c29ddbd1ea3c6005491fafd343be6772dd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://auth.palmetto.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:30:42 GMT
content-encoding
br
age
833
x-guploader-uploadid
ABPtcPolUuW1uZg7t7YTTBFS_ltYlcxChxafG3Bz11ktjvKhyGfZv_fuSLfAomEmc5aUhXi_6Yc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74565
last-modified
Mon, 06 May 2024 14:27:39 GMT
server
UploadServer
etag
"4c5d1aaa6a2849a014e2b9ba869f3a6b"
vary
Accept-Encoding
x-goog-generation
1715005659222125
x-goog-hash
crc32c=Qb22Nw==, md5=TF0aqmooSaAU4rm6hp86aw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
74565
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 08 May 2024 23:30:42 GMT
web
edge.fullstory.com/s/settings/P6XKD/v1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/P6XKD/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d268a1659693f4679ebbfd59e8ea648114a152d94db47c9b13c535c9d3c455eb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:35 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPqMcZ_XaKjbNq0KKVIyiwsMLLbEVdjRiUiOtwrUJdAKHtbDTw2fj54ipw3lu5s25idcG-M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1324
last-modified
Wed, 08 May 2024 22:43:23 GMT
server
UploadServer
etag
"1a598a3b0d22b4322f56563afb59d0ef"
x-goog-generation
1715017103749462
x-goog-hash
crc32c=S1MO4w==, md5=GlmKOw0itDIvVlY6+1nQ7w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1324
accept-ranges
bytes
content-type
application/json
expires
Wed, 08 May 2024 22:59:35 GMT
undefined
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/undefined
Requested by
Host: auth.palmetto.com
URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-26.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15bfc7c29dc7d08e2b972c81e7c9424d2dadc10d09a89fa2b9946b28ced0c41b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kcZTVwECxVhxUg3KFU8lcte74M2xQpJy
content-encoding
gzip
via
1.1 258e5fe72bfca83e099f880853f68ab4.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 22:40:57 GMT
x-amz-cf-pop
MUC50-P5
age
233
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2706
last-modified
Wed, 08 May 2024 16:22:02 GMT
server
AmazonS3
etag
"1facb8482538013a6b7db5fb91ad0503"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
94-bkRBGWD8IlzlW8TBsajQAcgJ3rV9HpzhCUkcOC5qSmblQO1jZfA==
favicon.ico
palmetto.com/ 		15 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://palmetto.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:11b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
348e944115066b740b98afafb6ffa213c9ed36b641681fd692ab16bfe5cf81a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:35 GMT
via
1.1 google, 1.1 google
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 May 2024 21:59:56 GMT
server
cloudflare
etag
W/"3aee-18f40789760"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=0
x-plm-lb
palmetto-com
cf-ray
880cf9a9ba8d65ba-FRA
frame-modern.3e87f8c0.js
js.intercomcdn.com/ Frame 74CA 		516 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.3e87f8c0.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-31.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee5263d431ec65d9e7b2013ca84061db0dbf3e5d2ad23bb9bd337e3e44264f2c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
j_OnRUn4gTPreaoPzyAh92aqqPnlv2dn
content-encoding
gzip
via
1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 22:22:05 GMT
x-amz-cf-pop
MUC50-P4
age
1350
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
145111
last-modified
Wed, 08 May 2024 16:19:28 GMT
server
AmazonS3
etag
"78f5573b31f8d4e0137ddb5c544e016c"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Nruv8tMO3iWDKF5p_Es7G7zvr2eioj1MdXccWAo2TrAMwsZDLd3LnA==
vendor-modern.07772018.js
js.intercomcdn.com/ Frame 74CA 		482 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.07772018.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-31.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c9ffbfead2561df1df412da373a075ba7e280778d403355d652339a8a9bd7f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Z8b.UgOf5y8qLndlF0faMc8TwhstO8UF
content-encoding
gzip
via
1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 20:45:12 GMT
x-amz-cf-pop
MUC50-P4
age
7163
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
150799
last-modified
Fri, 03 May 2024 15:32:05 GMT
server
AmazonS3
etag
"b27b573e6b04daed0b4144a6e206ba93"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
XV583u9FjICXwMhWlduX1ADqg-JzTueoq9qS8H2VI2qD8MqGzBa0aQ==
page
rs.fullstory.com/rec/ 		1 KB
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7677e46ddfb52c28adfad8cc45fb89e0213821d75dc6088bf4ac2e8ea9575e96

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 08 May 2024 22:44:35 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://auth.palmetto.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
558
integrations
rs.fullstory.com/rec/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=P6XKD
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 22:44:35 GMT
via
1.1 google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=P6XKD&UserId=398307f1-7b94-4923-98ba-70dbd4d79348&SessionId=260c206f-7351-418c-89d6-e8690028c1fc&PageId=aa2b7e44-e94b-41eb-b493-dd643f303545&Seq=1&ClientTime=1715208278228&PageStart=1715208275717&PrevBundleTime=0&LastActivity=2360&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2511048178d3d1c976bf0a9cca35db9cf613cede55b1f963fa065f593b13667a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://auth.palmetto.com
date
Wed, 08 May 2024 22:44:38 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sabal.palmetto.com
URL
https://sabal.palmetto.com/favicon.ico
Domain
browser-intake-datadoghq.com
URL
https://browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A5.16.0%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Asabal-app%2Cversion%3Amain-c33fd4c3b7616c5f7e3b53183be88ae592049a0c&dd-api-key=pub45cd4d3a77e8c2c2e4406d7f8137e61a&dd-evp-origin-version=5.16.0&dd-evp-origin=browser&dd-request-id=6fdfea33-445e-40de-baf8-c37e2093cc0b
Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping
Domain
browser-intake-datadoghq.com
URL
https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.16.0%2Capi%3Abeacon%2Cenv%3Aprod%2Cservice%3Asabal-app%2Cversion%3Amain-c33fd4c3b7616c5f7e3b53183be88ae592049a0c&dd-api-key=pub45cd4d3a77e8c2c2e4406d7f8137e61a&dd-evp-origin-version=5.16.0&dd-evp-origin=browser&dd-request-id=920da188-8183-4755-911f-15e4a82e7f8b&batch_time=1715208275261

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| auth0 function| setupAuth0 function| Intercom boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS string| _fs_loaded function| _fs_shutdown function| __intercomAssignLocation function| __intercomReloadLocation string| _fs_rec_settings_host

11 Cookies

Domain/Path Name / Value
auth.palmetto.com/usernamepassword/login Name: _csrf
Value: qwWewhBb51oq81At-M-Fzjlu
sabal.palmetto.com/ Name: _dd_s
Value: rum=1&id=7cf17c25-3e42-4670-9e03-b0803d3c51b4&created=1715208274535&expire=1715209174535
sabal.palmetto.com/ Name: codeVerifier
Value: 9e0da9dc438ba14bfe4b9a0c63a532573116bba173ffc9fabf1598c7
sabal.palmetto.com/ Name: state
Value: N0E5mXrzQ79kkqkb%3A%7B%22returnTo%22%3A%22https%3A%2F%2Fsabal.palmetto.com%2F%22%7D
sabal.palmetto.com/ Name: redirect_url
Value: https%3A%2F%2Fsabal.palmetto.com
auth.palmetto.com/ Name: did
Value: s%3Av0%3A8af5c5c0-0d8c-11ef-a56f-effd9345e678.qW544twbXYBCH04MWm0GfDqG7Xt%2B%2FClHXn1phMv321Q
auth.palmetto.com/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHvX58leT7XpTYyBjJ-TLhGM90MLTeOmz-vqjnuDb8qHq0WlIGlSkXi8QLoecij-ACk4P0NsDAzesM5eXCnaUuimY29va2llg6dleHBpcmVz1_8A9CQAZj_0065vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.sWMiyxCMCsYODt9wacKFtmcj63lxU%2F17lId9pM3qGCQ
auth.palmetto.com/ Name: did_compat
Value: s%3Av0%3A8af5c5c0-0d8c-11ef-a56f-effd9345e678.qW544twbXYBCH04MWm0GfDqG7Xt%2B%2FClHXn1phMv321Q
auth.palmetto.com/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQHvX58leT7XpTYyBjJ-TLhGM90MLTeOmz-vqjnuDb8qHq0WlIGlSkXi8QLoecij-ACk4P0NsDAzesM5eXCnaUuimY29va2llg6dleHBpcmVz1_8A9CQAZj_0065vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.sWMiyxCMCsYODt9wacKFtmcj63lxU%2F17lId9pM3qGCQ
.palmetto.com/ Name: fs_lua
Value: 1.1715208275716
.palmetto.com/ Name: fs_uid
Value: #P6XKD#398307f1-7b94-4923-98ba-70dbd4d79348:260c206f-7351-418c-89d6-e8690028c1fc:1715208275716::1#/1746744277

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://auth.palmetto.com/login?state=hKFo2SBUZEFaMkRzRXRabzZZRUVpNDA4eGhMVTZrOUFqYk9sdqFupWxvZ2luo3RpZNkgSmpFdUx4aThtSzRGemUwMmV4SlQ5ckdVRHZyMW1RQkujY2lk2SBjblhnUlhGRnl5VG5zYTF6UEtMeHRwS2NhUW5pNXYzeg&client=cnXgRXFFyyTnsa1zPKLxtpKcaQni5v3z&protocol=oauth2&scope=openid%20offline_access%20profile%20email&response_type=code&redirect_uri=https%3A%2F%2Fsabal.palmetto.com%2Fapi%2Fauth%2Ftoken-exchange&code_challenge=vKYtr6O6RuPtezXWiAe6MmhepqVDTQBEm2n5wqEkS1k&code_challenge_method=S256&audience=https%3A%2F%2Fsabal.palmetto.com%2Fapi&org=undefined
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
app.launchdarkly.com
auth.palmetto.com
browser-intake-datadoghq.com
cdn.auth0.com
clientstream.launchdarkly.com
edge.fullstory.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
maps.googleapis.com
palmetto.com
rs.fullstory.com
sabal.palmetto.com
storage.googleapis.com
widget.intercom.io
api-iam.intercom.io
browser-intake-datadoghq.com
sabal.palmetto.com
151.101.130.217
172.217.18.106
172.64.150.240
18.173.187.31
2600:9000:26db:b200:10:474e:104a:2961
2606:4700::6812:11b5
2a00:1450:4001:801::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::201b
2a00:1450:4001:812::2003
3.223.165.9
3.33.235.18
35.186.194.58
35.201.112.186
54.230.228.26
0f790bb4c8aab0ba674aa0590ba1b0c29ddbd1ea3c6005491fafd343be6772dd
1385e02d460c4706fd5153542cb6b1c4cb4bbf60c744b704da1ad47c89052a7a
15bfc7c29dc7d08e2b972c81e7c9424d2dadc10d09a89fa2b9946b28ced0c41b
211e132efa4918fa0f209e69e3baeffbaf6ffb463b2b929bc1a97d2610fcc3ba
2511048178d3d1c976bf0a9cca35db9cf613cede55b1f963fa065f593b13667a
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
348e944115066b740b98afafb6ffa213c9ed36b641681fd692ab16bfe5cf81a8
4c9ffbfead2561df1df412da373a075ba7e280778d403355d652339a8a9bd7f9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fbe06ab36d3d535f2ab90123a53818a2b91b9736479215f86bf1219cb561568
5a3caccba6fd4ae558536980bcb4c3a43f87fe2256b86f64dd4c1de13fa55325
6426e6e16d2b74530337fea15518874ec523bcc20c1ed390fa066677c77037df
7677e46ddfb52c28adfad8cc45fb89e0213821d75dc6088bf4ac2e8ea9575e96
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
8a4107b8670efd983dc8d4c711ad6be5d1f5d9c479052c0224cc9117e88ee950
90a9ee7f0d51e8255513cb197516dbb7a569ef51961b863b58b83f170814b314
b9336d9b803784e97b5837dd1e49778eb04d2184fd6d1e915df587d288cca357
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d268a1659693f4679ebbfd59e8ea648114a152d94db47c9b13c535c9d3c455eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5263d431ec65d9e7b2013ca84061db0dbf3e5d2ad23bb9bd337e3e44264f2c
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
fd24d6bcda4b2e3df11eedfaa2f0cc62e9626e8f7a39006f652e2fae69a36e6b