urlscan.io logo urlscan.io
SecurityTrails logo

www.primeres.com Open in urlscan Pro
2606:4700:20::681a:6f1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.primeres.com/privacy-policy
Submission: On November 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::681a:6f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.primeres.com.
TLS certificate: Issued by E1 on September 28th 2023. Valid for: 3 months.
This is the only time www.primeres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2606:4700:20::681a:6f1 (United States)

ASN13335 (CLOUDFLARENET, US)
www.primeres.com
1    2600:9000:211e:a000:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.122.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-23.fra60.r.cloudfront.net
accessibilityserver.org
9    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
3    2600:1f14:5db:eb11:56d3:5dea:37d2:d335 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api.userway.org
Apex Domain
Subdomains		 Transfer
17 primeres.com
www.primeres.com
256 KB
12 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4291
api.userway.org — Cisco Umbrella Rank: 4209
201 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
159 KB
1 accessibilityserver.org
accessibilityserver.org — Cisco Umbrella Rank: 30834
2 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 364
31 KB
1 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5281
62 KB
36 6
Domain Requested by
17 www.primeres.com 1 redirects www.primeres.com
9 cdn.userway.org cmp.osano.com
cdn.userway.org
3 api.userway.org cdn.userway.org
2 www.googletagmanager.com www.primeres.com
cmp.osano.com
1 accessibilityserver.org cmp.osano.com
1 ajax.googleapis.com www.primeres.com
1 cmp.osano.com www.primeres.com
36 7
Subject Issuer Validity Valid
primeres.com
E1		 2023-09-28 -
2023-12-27		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
accessibilityserver.org
Amazon RSA 2048 M03		 2023-10-07 -
2024-11-03		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.primeres.com/privacy-policy
Frame ID: 4D445A437A942546AD7076B25C7B7F8C
Requests: 33 HTTP requests in this frame

Frame: https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: B6D1C11B4D0C1086C78673CAF8C7355A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Privacy Policy | Primary Residential Mortgage, Inc.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

89 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

710 kB
Transfer

2574 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request privacy-policy
www.primeres.com/ 		106 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
124c374dfe3b97270f506372ae62ac59dec46afa0d5a30d4dce48d8a3709e801

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
825971822caa8fef-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 13 Nov 2023 19:32:55 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vff2nZ5glAROHWA%2BTxFoLblRS4VZBRzwhe%2FsN5KG4ZZyhz7wT%2FfOpni20I%2BucAk7ph5a7psyh5szTXuyKkasvu60MIpsjMPEE19%2FX3f%2B%2FGMgCtB1X1Hh%2F0w%2FKNIN8GYdb58Tw37e84xPt5hj6hA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
corp.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/ 		171 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1b66804d39b1bfc8d98bf8b88b8f9d330c187429d0115848e59b936707143ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 01 Sep 2023 19:52:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178979
etag
W/"ac54d8cfdddd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Egh1ZYkCMmxSqvtnEYtVOcnsqkQlv%2FWZHMtxpV5AdQIV7%2Ff4xUyb%2B%2BUNgn6%2F5d4kjbaIrDxYno5ZiRJoiNn52eHFRx6f9mjxJk4YrwN%2Bvw%2F7n9pnQdPf7bytIAUIvNbmDotCMaTtcRBy2A8%2FUVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
825971874a0c8fef-FRA
misc-fixes.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/ 		131 B
408 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/misc-fixes.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30a9cd0394c2e27c9d3320767754ccc2303aa531eec3ed9591bb6639b181791a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
88637
etag
W/"d5581b8637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj0Mugpi5LDcFVOYrF%2FMTCEwtaZNyJ72ubp%2Fjwivd9kPX9aGYf%2FxGps4uaeKA2qVUMNC2sFBb5oA%2BX0uZnG3KMRFnAxFmUvU%2FGfDiHf9JBmOe3KySL%2BMMuIzdU6BP%2Fc3GFjeLmPcToGp2Abio4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
825971874a0f8fef-FRA
osano.js
cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/ 		246 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
1c1ff930eac9d63a895ef7c9b0f6f18a56198fdb6315dd83c8c5bd5e4ec1d665
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62404
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Apr 2023 20:14:13 GMT
server
CloudFront
etag
"2034e3f0ebfa761dc032614469ba430d"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
MRG2sx77sGu_rmId-BJAVZxeQDocWmdSEPb6JQxM7BoBbJDnIqHqiA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 15:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 15:10:54 GMT
outdatedbrowser.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/ 		1 KB
791 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/outdatedbrowser.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
991c9519d27aaeecc44141e98a1f86b79c68cb835a66e04af960b874246ab96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178979
etag
W/"c42c99b8637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzMVFbhwf4foB78XMGq75X%2FZ0%2BG72Ou3ztmqBE4w4LTc2JS2PRP9SBm5qE7p7rKsxfBel%2BgA4sp2ebOhGmiGBzEl5CGVVQ%2F%2BEqyUTrtTNlS%2B%2FY%2BnOs%2FRv8PP0qU3MOANvdB%2FPGtYglWxPoTqqXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
825971874a108fef-FRA
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145993286-44
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f80cfed2a0900a330404009283b855778a60613d6b1648234c3100bee992f20e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68813
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 18:54:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Nov 2023 19:32:56 GMT
awardsBanner.js
www.primeres.com/ResourcePackages/Talon/assets/dist/js/AwardsSlider/ 		890 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/js/AwardsSlider/awardsBanner.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
710135b7b42d6f3814e4a831d609c1bd905a70befde5a6a2e503142148f488e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178979
etag
W/"68a38fb8637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWKAZtKEVgpSvpira9rRWS3gBc%2Bj%2FGUJAsNYaLY29OvXBlxmch4q0AJdEb2D21JlpWhPosesrvnlwtGW3ja0ptSUaQ%2B%2BjFQ2aLOfYWYo31RYgvg8o2igCL2Rd0aa866JLLHWPbO%2FFGyMzcs7Rmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
825971874a128fef-FRA
ScriptResource.axd
www.primeres.com/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 26 Oct 2023 20:51:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWf9dp6E5jZkI%2BlJRUU%2FSrJxlyhGqxzCYL2pWJtRyLjx8OmE9FkzPXJbOB93Ajr7REwjK%2FCaf%2F658cmqPfrWuHLQC2UKZBt15NZyjXEDdO0zor84yeK%2FURzjufV1DaSLn6Wn5jUZrObXT7DQxkM%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=rLv3kKiyNuueoX2c1NDPGPTBoiRBt0WdK0JeNSNz6CU-1699903975-0-AYnSwS5pJ9autDtb8VzQtKF4g-k91JnQFEBRsMPUKPrCx2uNIQf72598U-rukIB2Ln6aogmIXwZ5-5ryq8eLGSS1KOnT5vzO0tdZIpf6fjUdL_Lc2VMqdkd_WeR_aPrmrJAgrk199KYmgRtxRaotVQOTIj9Gi77TKI0JHUlLlvvo"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/x-javascript; charset=utf-8
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=rLv3kKiyNuueoX2c1NDPGPTBoiRBt0WdK0JeNSNz6CU-1699903975-0-AYnSwS5pJ9autDtb8VzQtKF4g-k91JnQFEBRsMPUKPrCx2uNIQf72598U-rukIB2Ln6aogmIXwZ5-5ryq8eLGSS1KOnT5vzO0tdZIpf6fjUdL_Lc2VMqdkd_WeR_aPrmrJAgrk199KYmgRtxRaotVQOTIj9Gi77TKI0JHUlLlvvo; report-to cf-csp-endpoint
cache-control
public
cf-ray
825971874a138fef-FRA
expires
Fri, 25 Oct 2024 20:51:57 GMT
ScriptResource.axd
www.primeres.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESC_qUolZwo1n3vj1YFHzD3XOGiz_tRVofSTf8VnvS1QxJ_R5aqcQA06ycwgEy04IbyYldtdt9K8GKTZqlUPe3d9y_KA1Ig1w5LHMyOrTTItxE1wXGq56h-coINekOFT0HiDSlsSVgHzyA2BvbNdn-mfCikSuSmXBRm8HQVMbUwOb0&t=a366992
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 26 Oct 2023 20:51:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmgRP2wJUr%2FR0VrQJyvD0G4WZ%2BRIDVpXnF%2FUjq0p3xd5pMQ7t4KC3DlAW9kLQ8ykmJ3IjF7N51Fsw9PKKhRB5os948klkRuiD2x0ybPe8j7WhTgjcPhWeh%2B%2BSuZB0ZtV3WDy1TtTFfx5XnrbP2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
825971874a158fef-FRA
expires
Fri, 25 Oct 2024 20:51:57 GMT
email-decode.min.js
www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 16:16:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654bb442-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkznb%2BJXA%2BHZ8TBrXzggRiPIgURvDVJiq2C%2BcldIkonLrOQ0D%2BmSBRggo%2F%2FRKs2JC6uWaAaKlgpTX5ZCVa0Pcvk%2FRt%2FtG2XiZTqKVf%2FnU8qA97lYByrfB8JFPM73iaR0xFiSH4Z%2F%2FlAgPvImj8g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
825971877a658fef-FRA
expires
Wed, 15 Nov 2023 19:32:55 GMT
all.min.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon&v=LTc0MTE5MTcwNg%3d%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQ%2Bspaw7mvTjEUZzgRY3wpaWxvgJ5swef81YgpTOfOjRzBShMvwr6wdVYlh02PRyVQii4%2BbDnp0LtGOqaEjKMpyhjBifLud6%2BV5ppfLIXX79Irfn3nISBQknZtxokjXGsF4MkSUCtlV8vJltxkE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
825971877a678fef-FRA
expires
Mon, 20 Nov 2023 19:32:56 GMT
outdatedbrowser.js
www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/outdatedbrowser.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0e241bcda4c69cfdc353948f11a7cab717fb0ee72e681b36251bf4a5ad292e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178979
etag
W/"c42c99b8637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hiv6R4oQREoaEfKXghKs5HRQCKtjzOhMK7ZRyakCF1Ux0xZq7FQm90mS%2FPqQX%2B9SbIOfnBq0JJ%2FTPtw0uUDmUyRMJqumBvgelNx4hH14ZHvXGII6LE27vJKn9RTcsghWRWsodLixOTaHgkEoDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
825971877a688fef-FRA
utm-campaign.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/utm-campaign.js?package=Talon&v=LTc3MTA1MzcxNA%3d%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd4HyL2mVBKSUJbSNST6FxkxHD4kVbGqkNnyd0%2BMkNx79Ghp3uXpnCmRLb%2Fx8ocJ%2FF%2Fe%2FUooFwCYJ%2BsoCQ6Aq7RBHeSOHlKe1AvdJ0dz5S0DSWzcfKaPalsHV6mBU2z74OtywuUrPvg%2FQmK%2FuB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
825971877a698fef-FRA
expires
Mon, 20 Nov 2023 19:32:56 GMT
f951371c-18bb-4f2a-bf9d-fda325d72cbe
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/f951371c-18bb-4f2a-bf9d-fda325d72cbe
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
svgs.svg
www.primeres.com/ResourcePackages/Talon/assets/svg/ 		38 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/svg/svgs.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6b5904b19f6213729e32208d83fd0501cd5e20f49464926ff029be4ad99bcd1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/privacy-policy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Sep 2023 19:53:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
362754
etag
W/"e27eeaf32e0d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12ldrmwXPa4X7nyWtJtFaXsREt247fsKI9QDU8qPkZebTf6%2BZRTpZWLnqI7HmIeZwIBYYs9G%2BfWSWVnsdq%2FEcHp1ugagsGo5Pw7IbCYYJVoLqBd%2BbAa9nROdB3L6ij55L0YJrpljhmoA8o3qsaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8259718b3e5a8fef-FRA
Montserrat-VF.woff2
www.primeres.com/ResourcePackages/Talon/assets/dist/fonts/ 		120 KB
120 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/fonts/Montserrat-VF.woff2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30340b72c6991d891792731fb1dd492ff6a2c530adee3b22d13c5fbc522601e8

Request headers

Referer
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178979
etag
"85de8ab8637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19dmY2V2J56uyu6OW8zkhe%2FR09wZ3CdJBBo7eD7lQ%2F4qejTu%2BrvitGynCGMb69a0tkzuT5kY0Xx6I6b95Shg%2FKgYiS0As1lhx7IDdP6%2F263jEdqqFYZO4Fn5yCojGih5tkukYH5%2F7%2B2oFBWLLgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
8259718b5e7a8fef-FRA
content-length
122820
menu_open_icon.svg
www.primeres.com/images/librariesprovider868/default-album/ 		451 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider868/default-album/menu_open_icon.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a69ff6d89958a2106947fdf8003b6f3fd3808cbc36552e44d5e40b2cdc065092

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=menu_open_icon.svg
pragma
no-cache
last-modified
Sun, 12 Nov 2023 18:55:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRSH0ceUGbFTNlIeC48uBK2ES%2F%2BF2HVfsVeTLDbSCr4LKKTgeD%2FNgyodqki0KQPC7GLDPv9hCSJDL2UYfn%2FoyD5PXlNgTXxsa8KOxSDyY%2BUcQUoXGRdBMDqfVo9mUPJQP6iXFjrxuHj%2BpaeLZDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8259718c2f338fef-FRA
expires
-1
widget.js
accessibilityserver.org/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accessibilityserver.org/widget.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-23.fra60.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
fa3485d4710dbf1e85b888701e9055260c60691c896de587db1d8a7cff014a80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 18:47:56 GMT
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront), 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
1803
x-amz-cf-pop
FRA60-P3, FRA60-P2
age
2946
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
Hit from cloudfront
x-accel-date
1699852259
x-77-nzt
AsO1rw43Nzf/CwcAANRmOJw3Nzf/AAAAAA
x-77-age
1803
x-cache-lb
HIT
last-modified
Fri, 10 Nov 2023 11:24:26 GMT
server
CDN77-Turbo
x-77-nzt-ray
9083393007430292eeb65165e9ade419
etag
W/"991a4ee47a95f1dddb400358c9e086ab"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding,Accept-Encoding
x-amz-cf-id
p2a53-MOyE_sZYLthnblofDmE00qBBwQmvfqAt1Ylin0pTZzRtSatQ==
main.js
www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame B6D1
Redirect Chain
  • https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
H2
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b21a79c9a1cd8bd6fe633fe99f3264da4342eca2a4ad6d2b180d05466f21848
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1bk50fTZEeGoVGcpFpLzNCkO%2B7CoH%2Fsvl3Mq3s0q%2BYi4IboJEs7LwbtQ6s2rIO3e1qsUH9UAD1cMmoU0FRj7wBgv2I%2BikXFet0sZoWmBcMd12gW4eD%2FKQFAJ10meSn%2FcExzB7v%2BHw8SK8NR20E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8259718cafa38fef-FRA

Redirect headers

date
Mon, 13 Nov 2023 19:32:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMMK3ZKfqS6y3t0Rj2SrckOIXrbB%2F15eISW2ur3R6WaNQByAFKWAfOjNaDt5C5xibnRGzxTc9cbIjLauJaWeaiSa5d7advOHHFvRUlP1fPlVQfgoulBieHBdPIDzvuwCpb%2BY02SHrv7YVtk85G8%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8259718c4f5d8fef-FRA
bcb05423-c956-429e-973a-7826d555cc1e
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/bcb05423-c956-429e-973a-7826d555cc1e
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
b64fbd91-c5a5-4464-8a8e-7704b7881c0b
https://www.primeres.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.primeres.com/b64fbd91-c5a5-4464-8a8e-7704b7881c0b
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YTMNS8HGYG&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d07bc22b9190a50cd2093d62e2e6189032cf833b8794f4a521938d512fce052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93185
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 Nov 2023 19:32:56 GMT
825971822caa8fef
www.primeres.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B6D1 		0
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/cdn-cgi/challenge-platform/h/g/jsd/r/825971822caa8fef
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Nov 2023 19:32:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8259718d98a08fef-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmTGl0G4lc%2BMrTwM1nkFN2pP3dE30AsOY%2BVvqkjY5CQcm%2BqClzBsD87jx0BcEnV50RcDKCQoHfG0sGLUAXstdt0PopV8I5lpYjNK0J44Z4YvKt%2Fj9BUhdr4xGVSqLEpjtPn7gYoC0eo04kZum0E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
widget_app_base_1699615327357.js
cdn.userway.org/widgetapp/2023-11-10-11-22-07/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/widget_app_base_1699615327357.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e91ab7c8785ff88fac7c48b92ee0e8b570d36ad0c6b7885fbd2570497ee15aee

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:56 GMT
via
1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
288316
x-amz-cf-pop
FRA60-P3
age
2
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1699615660
x-77-nzt
ApySIYg3Nzf/PGYEANRmOJw3Nzf/dwAAAA
x-accel-expires
@1725535541
x-77-age
288435
x-cache-lb
HIT
last-modified
Fri, 10 Nov 2023 11:24:21 GMT
server
CDN77-Turbo
etag
W/"b8270fa09d6f833439919df8249d1e68"
x-77-nzt-ray
f6587a1deca13294e8795265e43f3028
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
Ry72TQxa_mEV0bhztvWE8q0yyQ1bFfexd-AqTQCRgIp0StPrMEZOng==
5E0vL5lD6Y
api.userway.org/api/tunings/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/5E0vL5lD6Y
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/widget_app_base_1699615327357.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:56d3:5dea:37d2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6106b6cc9a43e63807a136301f63ecdfc963cd2e6bf4432530b2080f7f697cb2

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Nov 2023 19:32:57 GMT
etag
W/"a26-PW2QwJQ/rNSFc7gL2hRlm5f2rR4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr0505a4da445c4cd
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
2598
x-service-version
uw-pr
en-US.json
cdn.userway.org/widgetapp/2023-11-10-11-22-07/locales/ 		500 B
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/widget_app_base_1699615327357.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:57 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
288315
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1699615662
x-77-nzt
ApySIYg3Nzf/O2YEANRmOAk3Nzf/eAAAAA
x-accel-expires
@1725535542
x-77-age
288435
x-cache-lb
HIT
last-modified
Fri, 10 Nov 2023 11:24:21 GMT
server
CDN77-Turbo
etag
W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray
f6587a1deca13294e9795265e5270f19
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/json
x-amz-cf-id
loeGB56fT7ZwDpePFer3T-AObCUFD__fIzXcTWPbkNED1CnKa8cO5g==
remediation_1699615327357.js
cdn.userway.org/widgetapp/2023-11-10-11-22-07/remediation/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/remediation/remediation_1699615327357.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2cc8b399f442ef31f35f79d7543611bcf729e3e67a5ceeebc45aa24ccd257863

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:57 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
288314
x-amz-cf-pop
FRA60-P3
age
24
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1699615663
x-77-nzt
ApySIYg3Nzf/OmYEANRmOJw3Nzf/YQAAAA
x-accel-expires
@1725535566
x-77-age
288411
x-cache-lb
HIT
last-modified
Fri, 10 Nov 2023 11:24:21 GMT
server
CDN77-Turbo
etag
W/"2f6bc2ea0b58580cdfcabd2c6b1a572a"
x-77-nzt-ray
f6587a1deca13294e97952653864b537
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
M92FNr3MgicCPA1MkKS4mv5OujEZJUJbZGNaAneuSWgaDuTD8p8Vnw==
vGuUWAqLppMeVkU8.json
cdn.userway.org/remediations/consolidated/1430254/ 		398 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/vGuUWAqLppMeVkU8.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/widget_app_base_1699615327357.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
de695d6f5c371461f11e3457cebfd48178ea28cbe0ba5cbb3197951ad957fb0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:57 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
5775
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1698925753
x-77-nzt
ApySIYg3NzehJRPCKDc3N/8w7Q4A
x-accel-expires
@1730461753
x-77-age
978224
x-cache-lb
MISS
last-modified
Tue, 10 Oct 2023 18:21:37 GMT
server
CDN77-Turbo
etag
W/"bd3ff5e2a1f482d5c259e5a61fe2d850"
x-77-nzt-ray
f6587a1deca13294e97952658019b237
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
content-type
application/json
x-amz-cf-id
No8aMqvzxd6IyGzGyOjq0ucCdd0XeC7GaV6602SbiUeGIoGqAZV7eQ==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:58 GMT
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
13085163
x-amz-cf-pop
DUS51-P1
age
260
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1686818815
x-77-nzt
AZySIYg3Nzf/66nHAA
x-accel-expires
@1712738815
x-77-age
13085163
x-cache-lb
HIT
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
f6587a1d1aa407c0ea795265c1d80607
access-control-max-age
3000
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
Q_qq-aornxmlKWa53pZ-FDmmHstWL1zFeSN9QLitA0u0FvwFCV6Uzg==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:58 GMT
via
1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
13085163
x-amz-cf-pop
DUS51-P1
age
260
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1686818815
x-77-nzt
AZySIYg3Nzf/66nHAA
x-accel-expires
@1712738815
x-77-age
13085163
x-cache-lb
HIT
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
f6587a1d1aa407c0ea79526594900e07
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
image/svg+xml
x-amz-cf-id
Nfkl6yag52yMJfbsnFD2wFGwvgvGHp9S8ODvhRfCid2Yo_3CLIfAEA==
remediation-tool.js
cdn.userway.org/remediation/paid/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1699615327357
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3889a6c447cc7b4209421e98708eeaf578e01ee3ebbc5f95964729267d433944

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:58 GMT
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
288315
x-amz-cf-pop
FRA60-P3
age
23
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1699615663
x-77-nzt
ApySIYg3Nzf/O2YEANRmOJw3Nzf/YAAAAA
x-accel-expires
@1725535567
x-77-age
288411
x-cache-lb
HIT
last-modified
Fri, 10 Nov 2023 11:24:25 GMT
server
CDN77-Turbo
etag
W/"54e232cb4ddc6a9729776ae03668e116"
x-77-nzt-ray
f6587a1deca13294ea7952651ac20305
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
dlmR1KOuN6PfHqjSQvbh3ipzz-RMARX_t9InmaJyman4Zh1WkLw48w==
vGuUWAqLppMeVkU8.json
cdn.userway.org/remediations/consolidated/1430254/ 		398 KB
48 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/vGuUWAqLppMeVkU8.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/paid/remediation-tool.js?ts=1699615327357
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
de695d6f5c371461f11e3457cebfd48178ea28cbe0ba5cbb3197951ad957fb0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:58 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA60-P3
age
5775
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1698925753
x-77-nzt
ApySIYg3NzehJRPCKDc3N/8x7Q4A
x-accel-expires
@1730461753
x-77-age
978225
x-cache-lb
MISS
last-modified
Tue, 10 Oct 2023 18:21:37 GMT
server
CDN77-Turbo
etag
W/"bd3ff5e2a1f482d5c259e5a61fe2d850"
x-77-nzt-ray
f6587a1deca13294ea7952657edb4108
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
content-type
application/json
x-amz-cf-id
No8aMqvzxd6IyGzGyOjq0ucCdd0XeC7GaV6602SbiUeGIoGqAZV7eQ==
pdf-links
api.userway.org/api/br-links/v0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/pdf-links
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:56d3:5dea:37d2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.primeres.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
no-cache, no-store, must-revalidate
date
Mon, 13 Nov 2023 19:32:59 GMT
x-service-version
apps-70fa83c1
nav_menu_helper_1699615327357.js
cdn.userway.org/widgetapp/2023-11-10-11-22-07/remediation/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/remediation/nav_menu_helper_1699615327357.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Nov 2023 19:32:59 GMT
via
1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
content-encoding
gzip
x-age-lb
288315
x-amz-cf-pop
FRA60-P3
age
23
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-accel-date
1699615664
x-77-nzt
ApySIYg3Nzf/O2YEANRmOAk3Nzf/YAAAAA
x-accel-expires
@1725535568
x-77-age
288411
x-cache-lb
HIT
last-modified
Fri, 10 Nov 2023 11:24:21 GMT
server
CDN77-Turbo
etag
W/"f270f813f648a284d50fe8f345c21bdc"
x-77-nzt-ray
f6587a1deca13294eb79526514160e05
access-control-max-age
3000
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
content-type
application/javascript
x-amz-cf-id
2uOe0PKVxx5S-_52TU4bySLudtPwGuOJLjCgsdaNcYbhFYV68PfbAg==
pdf-links
api.userway.org/api/br-links/v0/ 		20 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/pdf-links
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-11-10-11-22-07/widget_app_base_1699615327357.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb11:56d3:5dea:37d2:d335 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a72f113621332b3c6949b46f3f458ca7573e988be1d761ef5f64e0efc4229eb5

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Nov 2023 19:32:59 GMT
etag
W/"14-WuxC1cU3wqvkAtHVXQT1G8Pe7nE"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
20
x-service-version
apps-70fa83c1

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| Osano function| __uspapi function| $ function| jQuery object| b function| fbq function| _fbq function| gtag object| dataLayer function| hj object| _hjSettings function| _typeof object| talonUtil function| outdatedBrowser function| addLoadEvent function| getParameterByName function| addParametersToUrl function| addParametersToUrlFromConfig function| paramReplace function| getConfigValue function| addUtmParametersOnLinks function| addUtmParametersFromConfigOnLinks object| litHtmlVersions object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| UserWayWidgetApp function| onYouTubeIframeAPIReady object| gaGlobal function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| defaultOpts string| bkgColor string| txtColor string| cssProp string| languagePath object| UserWay function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| runMenuRemediationScript

5 Cookies

Domain/Path Name / Value
www.primeres.com/ Name: ApplicationGatewayAffinityCORS
Value: 4384ddf579a3af9775766d82fb10918a
www.primeres.com/ Name: ApplicationGatewayAffinity
Value: 4384ddf579a3af9775766d82fb10918a
.www.primeres.com/ Name: ARRAffinity
Value: afb7226a31ec5e26360c36e5e18645c7826aa5dd89a26f31b33c5ca2e1c5d7bd
.www.primeres.com/ Name: ARRAffinitySameSite
Value: afb7226a31ec5e26360c36e5e18645c7826aa5dd89a26f31b33c5ca2e1c5d7bd
.primeres.com/ Name: cf_clearance
Value: LcPU.hWsX1oqlLTFl.UoaCHtACnJSMEAEuwyt5syzlI-1699903976-0-1-2181f7cc.9458fe3b.7680a82c-0.2.1699903976

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ajax.googleapis.com
api.userway.org
cdn.userway.org
cmp.osano.com
www.googletagmanager.com
www.primeres.com
18.66.122.23
2600:1f14:5db:eb11:56d3:5dea:37d2:d335
2600:9000:211e:a000:3:b7e:8940:93a1
2606:4700:20::681a:6f1
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a02:6ea0:c700::17
0e241bcda4c69cfdc353948f11a7cab717fb0ee72e681b36251bf4a5ad292e73
124c374dfe3b97270f506372ae62ac59dec46afa0d5a30d4dce48d8a3709e801
1c1ff930eac9d63a895ef7c9b0f6f18a56198fdb6315dd83c8c5bd5e4ec1d665
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2cc8b399f442ef31f35f79d7543611bcf729e3e67a5ceeebc45aa24ccd257863
30340b72c6991d891792731fb1dd492ff6a2c530adee3b22d13c5fbc522601e8
30a9cd0394c2e27c9d3320767754ccc2303aa531eec3ed9591bb6639b181791a
37f8550406bebf8003ec760c4c81fbe861e3d38a5bbbd069ae9d60358710f038
3889a6c447cc7b4209421e98708eeaf578e01ee3ebbc5f95964729267d433944
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
6106b6cc9a43e63807a136301f63ecdfc963cd2e6bf4432530b2080f7f697cb2
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838
6b5904b19f6213729e32208d83fd0501cd5e20f49464926ff029be4ad99bcd1f
710135b7b42d6f3814e4a831d609c1bd905a70befde5a6a2e503142148f488e7
7b21a79c9a1cd8bd6fe633fe99f3264da4342eca2a4ad6d2b180d05466f21848
8d07bc22b9190a50cd2093d62e2e6189032cf833b8794f4a521938d512fce052
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
991c9519d27aaeecc44141e98a1f86b79c68cb835a66e04af960b874246ab96e
a1b66804d39b1bfc8d98bf8b88b8f9d330c187429d0115848e59b936707143ba
a69ff6d89958a2106947fdf8003b6f3fd3808cbc36552e44d5e40b2cdc065092
a72f113621332b3c6949b46f3f458ca7573e988be1d761ef5f64e0efc4229eb5
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
de695d6f5c371461f11e3457cebfd48178ea28cbe0ba5cbb3197951ad957fb0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91ab7c8785ff88fac7c48b92ee0e8b570d36ad0c6b7885fbd2570497ee15aee
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f80cfed2a0900a330404009283b855778a60613d6b1648234c3100bee992f20e
fa3485d4710dbf1e85b888701e9055260c60691c896de587db1d8a7cff014a80