urlscan.io logo urlscan.io
SecurityTrails logo

www.primeres.com Open in urlscan Pro
107.154.80.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://securityff.com/
Effective URL: https://www.primeres.com/colorado
Submission: On May 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 85 HTTP transactions. The main IP is 107.154.80.89, located in United States and belongs to INCAPSULA, US. The main domain is www.primeres.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 3rd 2020. Valid for: 2 years.
This is the only time www.primeres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 19 107.154.80.89 19551 (INCAPSULA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
11 2a04:4e42::622 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 13.225.80.89 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.68 16509 (AMAZON-02)
1 13.224.198.17 16509 (AMAZON-02)
6 2a02:6ea0:c70... 60068 (CDN77 ^_^)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.224.198.73 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
4 44.228.83.169 16509 (AMAZON-02)
1 54.77.142.136 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 52.208.29.128 16509 (AMAZON-02)
8 92.123.224.26 20940 (AKAMAI-ASN1)
4 18.205.143.103 14618 (AMAZON-AES)
2 44.194.53.240 14618 (AMAZON-AES)
85 25
1    2606:4700:3036::6815:119b (United States)

ASN13335 (CLOUDFLARENET, US)
securityff.com
19    107.154.80.89 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.80.89.ip.incapdns.net
www.primeres.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.net
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.225.80.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net
static.hotjar.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    13.225.80.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-68.fra2.r.cloudfront.net
accessibilityserver.org
1    13.224.198.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-17.fra2.r.cloudfront.net
script.hotjar.com
6    2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.198.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-73.fra2.r.cloudfront.net
vars.hotjar.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    44.228.83.169 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-83-169.us-west-2.compute.amazonaws.com
api.userway.org
1    54.77.142.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-142-136.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    52.208.29.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-29-128.eu-west-1.compute.amazonaws.com
ws28.hotjar.com
8    92.123.224.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-224-26.deploy.static.akamaitechnologies.com
embedwistia-a.akamaihd.net
4    18.205.143.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-143-103.compute-1.amazonaws.com
distillery.wistia.com
2    44.194.53.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-53-240.compute-1.amazonaws.com
pipedream.wistia.com
Apex Domain
Subdomains		 Transfer
19 primeres.com
www.primeres.com
977 KB
11 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 7584
421 KB
10 userway.org
cdn.userway.org — Cisco Umbrella Rank: 5488
api.userway.org — Cisco Umbrella Rank: 5459
104 KB
8 akamaihd.net
embedwistia-a.akamaihd.net — Cisco Umbrella Rank: 8280
4 MB
7 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4955
distillery.wistia.com — Cisco Umbrella Rank: 6240
pipedream.wistia.com — Cisco Umbrella Rank: 6738
2 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
375 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 645
script.hotjar.com — Cisco Umbrella Rank: 896
vars.hotjar.com — Cisco Umbrella Rank: 989
in.hotjar.com — Cisco Umbrella Rank: 1730
ws28.hotjar.com — Cisco Umbrella Rank: 54352
67 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 7
40 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
388 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
82 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 295
fonts.googleapis.com — Cisco Umbrella Rank: 46
89 KB
1 accessibilityserver.org
accessibilityserver.org — Cisco Umbrella Rank: 26416
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
1 securityff.com
securityff.com
550 B
85 16
Domain Requested by
19 www.primeres.com 1 redirects www.primeres.com
11 fast.wistia.net www.primeres.com
fast.wistia.net
8 embedwistia-a.akamaihd.net fast.wistia.net
6 cdn.userway.org accessibilityserver.org
cdn.userway.org
www.primeres.com
4 distillery.wistia.com fast.wistia.net
4 api.userway.org cdn.userway.org
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.primeres.com
www.gstatic.com
www.google.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 pipedream.wistia.com fast.wistia.net
2 www.facebook.com www.primeres.com
2 connect.facebook.net www.primeres.com
connect.facebook.net
2 cdnjs.cloudflare.com www.primeres.com
cdnjs.cloudflare.com
1 ws28.hotjar.com script.hotjar.com
1 fast.wistia.com fast.wistia.net
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 accessibilityserver.org www.primeres.com
1 static.hotjar.com www.primeres.com
1 fonts.googleapis.com www.primeres.com
1 www.googletagmanager.com www.primeres.com
1 ajax.googleapis.com www.primeres.com
1 securityff.com 1 redirects
85 25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
Subject Issuer Validity Valid
*.primeres.com
Go Daddy Secure Certificate Authority - G2		 2020-08-03 -
2022-08-07		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-17 -
2022-05-18		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-25 -
2022-07-18		 3 months crt.sh
accessibilityserver.org
Amazon		 2021-12-09 -
2023-01-05		 a year crt.sh
1667503734.rsc.cdn77.org
R3		 2022-03-17 -
2022-06-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
api.userway.org
Amazon		 2021-11-02 -
2022-11-30		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.wistia.com
Amazon		 2022-03-02 -
2023-03-31		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.primeres.com/colorado
Frame ID: FE331BAD79C1DBF378EE7D1061987B1B
Requests: 52 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
Frame ID: 8E7970FD41D782ADCD389B0F855A6903
Requests: 24 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Frame ID: C4D2A12D3723DFDEFC9761E46E63FA65
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 3B486741D50D6419BC89443637DD2180
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Security First Financial - Mortgage Lender in Colorado - A Division of PRMI

Page URL History Show full URLs

  1. https://securityff.com/ HTTP 301
    http://www.primeres.com/colorado HTTP 301
    https://www.primeres.com/colorado Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

85
Requests

99 %
HTTPS

56 %
IPv6

16
Domains

25
Subdomains

25
IPs

3
Countries

6692 kB
Transfer

10348 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://securityff.com/ HTTP 301
    http://www.primeres.com/colorado HTTP 301
    https://www.primeres.com/colorado Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request colorado
www.primeres.com/
Redirect Chain
  • https://securityff.com/
  • http://www.primeres.com/colorado
  • https://www.primeres.com/colorado
44 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
2662d756ed36cc7910e4b0ec15efa3184d378c05d025f85c72370496057270d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 11 May 2022 07:13:22 GMT
expires
-1
pragma
no-cache
vary
Accept-Encoding
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
12-75715576-75715582 NNNN CT(106 224 0) RT(1652253202253 13) q(0 0 3 -1) r(5 5) U18

Redirect headers

Content-Length
156
Content-Type
text/html; charset=UTF-8
Date
Wed, 11 May 2022 07:13:21 GMT
Location
https://www.primeres.com/colorado
X-CDN
Imperva
X-Frame-Options
SAMEORIGIN
X-Iinfo
12-75715512-75715513 NNNN CT(105 -1 0) RT(1652253201932 0) q(0 0 1 0) r(2 2) U11
main.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-c/ 		230 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-c/main.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
a7a97b4fd40e89c0b431736ce122b4ab25ae182b4e46e000eff2de49c1bc8cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:22 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:04:07 GMT
x-cdn
Imperva
etag
"f5e68be6fb5bd81:0"
content-type
text/css
x-iinfo
12-75715576-0 0CNN RT(1652253202253 527) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
82378
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:12:52 GMT
x-content-type-options
nosniff
age
31
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 May 2023 07:12:52 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128694104-2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fbcb2fa0be9cb29da217997ff26cbddbaccb75b49ddd2e822669611cd6eefa89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39096
x-xss-protection
0
last-modified
Wed, 11 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 11 May 2022 07:13:23 GMT
ScriptResource.axd
www.primeres.com/ 		95 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ScriptResource.axd?d=4bMApOb58R6igmkUEZ0eXpZmBSkReCKX6ZTxH7pIZ1vX02-WOaPQjfSTDjBmajKnqy3V2qyNiB5AZRAAvUX6u1YnfZIfWMSRxBOzrxyLCcNurf5J6_EEg1_UgHgvFDQKMhAEL_BYjWAfswP2yVPdw9g3N9LmjmAvOkDGXHubYCFELrIzw_dVkJW0BGQy574Z0&t=e9c4d91
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:22 GMT
content-encoding
gzip
last-modified
Sun, 01 May 2022 08:13:58 GMT
x-cdn
Imperva
content-type
application/x-javascript; charset=utf-8
x-iinfo
12-75715576-0 0CNN RT(1652253202253 531) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
43445
ScriptResource.axd
www.primeres.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESKbjR2VS0LsTO09g3q5aGLFG4k_6gCibsJCbyKf8eeQxa93cBcekN6Da5CbfXaoUzAxys98UNOWQnkvv2AxY7XP5aFzLGJJZ5QNS6rcC01lAeYf2bmIqQTcmuHJVgDWn9Me2GC2ywBYIsfegHeGejImqpp-jk2ESJ64ZtKFZSAQ20&t=e9c4d91
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:22 GMT
content-encoding
gzip
last-modified
Sun, 01 May 2022 08:08:18 GMT
x-cdn
Imperva
content-type
application/x-javascript; charset=utf-8
x-iinfo
12-75715576-0 0CNN RT(1652253202253 534) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
3834
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca346366d88b96f3c2c7646a648c06437b0e55e2f5099c7eadb1fb837a674f19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Wed, 11 May 2022 07:13:23 GMT
security-first-financial---area-safe-logo---primary-(1)-(1).png
www.primeres.com/images/librariesprovider381/default-album/ 		336 KB
338 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider381/default-album/security-first-financial---area-safe-logo---primary-(1)-(1).png?sfvrsn=bb549c79_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
5b76d167892e79ecb117c94c5f8830b3749c6ab48eef5b1797b19e43aa4b7aa1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 07:13:22 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
12-75715576-75714979 2NNN RT(1652253202253 788) q(0 0 0 -1) r(4 4) U18
cache-control
max-age=0
content-disposition
inline; filename=security-first-financial---area-safe-logo---primary-(1)-(1).png
content-length
343905
E-v1.js
fast.wistia.net/assets/external/ 		603 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d210ba55ab4bb68bdc346d8f950466b08aa6503dce82aec8aaa1f5a89a97d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
1998
x-cache
HIT, HIT
content-length
114372
x-served-by
cache-iad-kcgs7200049-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253203.245548,VS0,VE0
etag
"627aad11-1bec4"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 252
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
548033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr3ddjGscZfoqyjurueoB9DY1MRvMaSWeTF2r8TnfzZsWA2d5MY6l%2BjkYg77qd0X8WHsYgdf5z%2BKeBcdaX8FIyhiGcTdsMJaG38kQMoqO8Moj0mwCO8n%2B40WY0g%2F0RWGbACPsRhfEL137WDqvd59yAb5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70991c97daa79162-FRA
expires
Mon, 01 May 2023 07:13:23 GMT
security-first-financial---area-safe-logo---primary-(1)-(1)f702590697694698a85287b3ecc09026.png
www.primeres.com/images/librariesprovider381/default-album/ 		336 KB
338 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider381/default-album/security-first-financial---area-safe-logo---primary-(1)-(1)f702590697694698a85287b3ecc09026.png?sfvrsn=2c85804_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
5b76d167892e79ecb117c94c5f8830b3749c6ab48eef5b1797b19e43aa4b7aa1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 07:13:22 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/png
x-iinfo
12-75715576-75714970 2NNN RT(1652253202253 790) q(0 0 0 -1) r(5 5) U18
cache-control
max-age=0
content-disposition
inline; filename=security-first-financial---area-safe-logo---primary-(1)-(1)f702590697694698a85287b3ecc09026.png
content-length
343905
all.min.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:22 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 19:12:04 GMT
x-cdn
Imperva
content-type
application/javascript
x-iinfo
12-75715576-75714979 2CNN RT(1652253202253 741) q(0 0 0 -1) r(0 0)
cache-control
max-age=0
content-length
32145
text-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/ 		3 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/text-field.js?package=Talon
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
f01225ec86461e761b9b9f25d01ae675c26e9e7552cb1e7f1a540d0b92e6a21a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 19:15:36 GMT
x-cdn
Imperva
content-type
application/javascript
x-iinfo
12-75715576-0 0CNN RT(1652253202253 770) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
816
paragraph-text-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/ 		2 KB
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/paragraph-text-field.js?package=Talon
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
74270aa8a3e7361062ca73df84ad4975043f3d724c34f2cca31c686728b47e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 19:12:04 GMT
x-cdn
Imperva
content-type
application/javascript
x-iinfo
12-75715576-75713859 2CNN RT(1652253202253 773) q(0 0 0 -1) r(0 0)
cache-control
max-age=0
content-length
691
checkboxes-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/checkboxes-field.js?package=Talon
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
2ee5ec417d008865fb05dc016f88c09f5b11abf4c201a73a686981e64cb88a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 19:15:36 GMT
x-cdn
Imperva
content-type
application/javascript
x-iinfo
12-75715576-0 0CNN RT(1652253202253 776) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
1110
submit-button.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/ 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/submit-button.js?package=Talon
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
f8fe889ebf5fb107921579284f9b023b342a93cefa46bb13179b5f4618cdc147

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 19:12:04 GMT
x-cdn
Imperva
content-type
application/javascript
x-iinfo
12-75715576-0 0CNN RT(1652253202253 779) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
742
utm-campaign.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/utm-campaign.js?package=Talon
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
last-modified
Thu, 05 May 2022 19:15:36 GMT
x-cdn
Imperva
content-type
application/javascript
x-iinfo
12-75715576-0 0CNN RT(1652253202253 786) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
1638
_Incapsula_Resource
www.primeres.com/ 		143 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=869403669
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
ecf71c7ff74d8331c96c1c29323901bafdc2ed2adc763d2e8d681beeeb895dcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20495
content-type
application/javascript
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-c/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab2b264778603e0c6d081f5160577c69f6da434e42aa06b8eabb94fdf541ebfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 11 May 2022 07:13:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 11 May 2022 07:13:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 11 May 2022 07:13:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
Ek4bsEtO85cojT2OLXbx3owym3FlJWYG+qIwDimfc42eJWxbYhnkcgEFxfOCSTU9dzYm2ccK1XRask8SFhV7Xg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 11 May 2022 07:13:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1983834.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1983834.js?sv=6
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-89.fra2.r.cloudfront.net
Software
/
Resource Hash
2780c6e8a166a28c71244e260012b9bae290e66734c05a1e3647534408a04708
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/bb6c384dd34af3decbc257198ae73b2c
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
j6eYD2c5Yapx2HECO-4XrPo6zK7paX8szEdugD5gyRFcPuit7wb_zA==
via
1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 06:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147136
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 06:58:57 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 17:08:21 GMT
x-content-type-options
nosniff
age
50702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 17:08:21 GMT
if6magt53x
fast.wistia.net/embed/iframe/ Frame 8E79 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3726dc7a511569a8e3404d41d95b84708ac28ac2cd13482924f82c3ca814365
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
28262
cache-control
public, no-cache
content-encoding
br
content-length
2461
content-type
text/html; charset=utf-8
date
Wed, 11 May 2022 07:13:23 GMT
etag
W/"c3726dc7a511569a8e3404d41d95b847"
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-browser-version
101
x-cache
HIT, MISS
x-cache-hits
1, 0
x-content-type-options
nosniff
x-download-options
noopen
x-ecma-v
modern
x-permitted-cross-domain-policies
none
x-request-id
97fe7f2a2d907a048ce96298b2d2f5f4
x-runtime
0.081703
x-served-by
cache-iad-kjyo7100111-IAD, cache-hhn4021-HHN
x-timer
S1652253203.245466,VS0,VE97
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif
svgs.svg
www.primeres.com/ResourcePackages/Talon/assets/svg/ 		32 KB
11 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/svg/svgs.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
fd737b8f00a5f9fe175f9d9c0797eacab75b820f330f6e38573201ac8deef3da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 19:00:20 GMT
x-cdn
Imperva
etag
"159a15ffb5bd81:0"
content-type
image/svg+xml
x-iinfo
12-75715576-0 0CNN RT(1652253202253 818) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=0
content-length
11061
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.primeres.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1757391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMWtWZb6FrLVXz9nAlHER6KeX7x%2F9mA1qNSJnIm9VOHlCjHvAsxGW350jUlsNxIZImHoDH4BBgfgN3bI7DHoGBisHB8Fxz9IN9c%2FYHdVkl47s5bMHS6xqA0DnAQUtE3%2FqcjOuJekOcA67WpQZiJSS%2FBa"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70991c9879e25c56-FRA
expires
Mon, 01 May 2023 07:13:23 GMT
nick-barta-resized.jpg
www.primeres.com/images/librariesprovider381/default-album/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider381/default-album/nick-barta-resized.jpg?sfvrsn=a49bd0f2_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
4e4a1c5c86a0dde2eb15d582fba759c765f64652454a3b9f12ea3e6fb255bff6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 07:13:23 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-iinfo
12-75715576-75715760 2NNN RT(1652253202253 866) q(0 0 0 -1) r(0 4) U18
cache-control
max-age=0
content-disposition
inline; filename=nick-barta-resized.jpg
content-length
32687
widget.js
accessibilityserver.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accessibilityserver.org/widget.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-68.fra2.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
9a721bd38aa639b03d407eab310df38101f5718fd17cadc08bac55d2a38bac52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 06:24:29 GMT
via
1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront), 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
etag
W/"d3ba34897cdfe811401cb75b53be80c6"
age
3084
x-77-cache
HIT
x-cache
Hit from cloudfront
x-age
1151
content-encoding
gzip
x-77-nzt
AcO1ryzcUU3/fwQAAA
last-modified
Tue, 10 May 2022 07:28:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
XoA8qA5IE70
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
x-amz-cf-pop
FRA60-P3, FRA2-C2
x-amz-cf-id
DxbemmSMgpUlGGHygO0WozrMmBFXDDnFtnaysEsUeqJiFIlXGgHh9w==
_Incapsula_Resource
www.primeres.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5566610748496823
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
1672180992849673
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1672180992849673?v=2.9.59&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bbc8f741681e7e2baec6bccc1446af6a2842c7873d805ee346108537474dab3e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
LvhJhrXrSAZR2Zm49o6txssw29iFxF9dPexdcz7PrmU6PFGbjRk8bA6J3t16deJm6PtkQlWPUfRvnYI3n80KDA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 11 May 2022 07:13:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1652253203448
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframeApi.js
fast.wistia.net/assets/external/ 		77 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/iframeApi.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b997f618771ea4a77998145ccb09c81d44d0da4f8ae026017e7172d28c0f841b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
3527
x-cache
HIT, HIT
content-length
19717
x-served-by
cache-iad-kcgs7200099-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253203.438854,VS0,VE0
etag
"627aad11-4d05"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 19
modules.5923ebad1321802c309c.js
script.hotjar.com/ 		238 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5923ebad1321802c309c.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1983834.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-17.fra2.r.cloudfront.net
Software
/
Resource Hash
c8879ebe06df99c311b603336d0ac2afe1e514a28d1b8c09a5392772f9f84397
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 10:15:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
75497
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63345
access-control-allow-origin
*
last-modified
Tue, 10 May 2022 10:14:32 GMT
etag
"07ad0edec7a15002100be879d47ddd1b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
FeuJRH0AZCbQZ7XUzi5K_8zw3rpbYPD6MBff62nXryDl2LAcGOSXEg==
insideIframe.js
fast.wistia.net/assets/external/ Frame 8E79 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/insideIframe.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
374248663c4461819ce47125e248283794cd7c19399683cc1f256b2718d78569
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
1997
x-cache
HIT, HIT
content-length
12568
x-served-by
cache-iad-kjyo7100100-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253203.457509,VS0,VE0
etag
"627aad11-3118"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 111
E-v1.js
fast.wistia.net/assets/external/ Frame 8E79 		603 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d210ba55ab4bb68bdc346d8f950466b08aa6503dce82aec8aaa1f5a89a97d0bc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
1998
x-cache
HIT, HIT
content-length
114372
x-served-by
cache-iad-kcgs7200049-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253203.457594,VS0,VE0
etag
"627aad11-1bec4"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 253
widget_app_base_1652167554180.js
cdn.userway.org/widgetapp/2022-05-10/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Requested by
Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d99089cc937c3d426a016bd571befd751bf9698dc3ebd22eff6929809e41d641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 07:13:23 GMT
via
1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
x-77-nzt-ray
reb8F7CKIkA
age
114
x-77-cache
HIT
x-cache
HIT
x-age
85319
content-encoding
br
x-77-nzt
AcO1ry8yL+z/R00BAA
x-accel-expires
@1678087884
last-modified
Tue, 10 May 2022 07:28:17 GMT
server
CDN77-Turbo
etag
W/"6d8097d9ff61a94750f4f76faee3a967"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Jkr5ieknA-HdfRc9je3M9JGrCRxPPp_iXaSjsoAoqXA06Sy-H7tokg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128694104-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3254
date
Wed, 11 May 2022 06:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 11 May 2022 08:19:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame C4D2 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
232118036e4f16b51c1f6f6a1bf8798382a57ad704620a125887c1596c10a3f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NxZxhIBCeOclUFFVDf2w8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primeres.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21736
content-security-policy
script-src 'report-sample' 'nonce-NxZxhIBCeOclUFFVDf2w8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 11 May 2022 07:13:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame 3B48 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1983834.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.198.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-198-73.fra2.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Referer
https://www.primeres.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15872884
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 08 Nov 2021 14:05:19 GMT
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
vary
Accept-Encoding
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-id
8HTzh5-SBvPj88S5-cCREu7WtuZ2wlms76qKtqBfz9UobbpAYPA9SQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-robots-tag
none
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1672180992849673&ev=PageView&dl=https%3A%2F%2Fwww.primeres.com%2Fcolorado&rl=&if=false&ts=1652253203541&sw=1600&sh=1200&v=2.9.59&r=stable&ec=0&o=30&fbp=fb.1.1652253203540.329159026&it=1652253203358&coo=false&rqm=GET
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 11 May 2022 07:13:23 GMT
wistia-mux.js
fast.wistia.net/assets/external/ Frame 8E79 		130 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a055bcc5b8a908caaee3b805256aad4457f687506c37f8daccae240c3ba086be
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
1997
x-cache
HIT, HIT
content-length
33142
x-served-by
cache-iad-kjyo7100158-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253204.623634,VS0,VE0
etag
"627aad11-8176"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 124
playPauseLoadingControl.js
fast.wistia.net/assets/external/ Frame 8E79 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
365764ca44bc947ad2daa5469a3d7d6609553e37915132fbfa85cc8c0da31395
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
597
x-cache
HIT, HIT
content-length
16338
x-served-by
cache-iad-kcgs7200150-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253204.645571,VS0,VE0
etag
"627aad11-3fd2"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 24
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=387893758&t=pageview&_s=1&dl=https%3A%2F%2Fwww.primeres.com%2Fcolorado&ul=en-us&de=UTF-8&dt=Security%20First%20Financial%20-%20Mortgage%20Lender%20in%20Colorado%20-%20A%20Division%20of%20PRMI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=856463948&gjid=187664222&cid=1618003221.1652253204&tid=UA-128694104-2&_gid=159644112.1652253204&_r=1&gtm=2ou590&z=683594160
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 11 May 2022 07:13:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.primeres.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5E0vL5lD6Y
api.userway.org/api/tunings/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/5E0vL5lD6Y
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b4cb5956d149f630f60157c217c68a8b637014a9d25163a0aa524f607d472a5d

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
etag
W/"691-TgmEHi+dXZe2BWMfjmwPvlZWrMQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
1681
x-service-version
uw-pr
hls_video.js
fast.wistia.net/assets/external/engines/ Frame 8E79 		416 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0466786b1eb0606e7d46394695cc1256e305f08062aeeab72360185cd596adde
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
age
1997
x-cache
HIT, HIT
content-length
99558
x-served-by
cache-iad-kiad7000165-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253204.742225,VS0,VE0
etag
"627aad11-184e6"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 97
styles__ltr.css
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame C4D2 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 15:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 May 2023 15:19:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame C4D2 		364 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 06:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
147136
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 11 May 2023 06:58:57 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1983834/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1983834/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5923ebad1321802c309c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.142.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-142-136.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
if6magt53x.m3u8
fast.wistia.com/embed/medias/ Frame 8E79 		994 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/if6magt53x.m3u8
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2a49e714a2e67c1c1d0e65725f31387717ba9342157f71c882923e0b28c13af
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
39221
x-cache
HIT, MISS
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
994
x-request-id
518d71f205a424fe8cb4d4f0a842dbdc
x-served-by
cache-iad-kjyo7100119-IAD, cache-hhn4078-HHN
x-runtime
0.027749
referrer-policy
strict-origin-when-cross-origin
x-timer
S1652253204.859986,VS0,VE108
etag
W/"b2a49e714a2e67c1c1d0e65725f31387"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-browser-version
101
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 0
blank.gif
fast.wistia.net/assets/images/ Frame 8E79 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.net/assets/images/blank.gif
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
Origin
https://fast.wistia.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:23 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
34398
x-cache
HIT, HIT
x-cache-hits
1, 633
content-length
1214
x-served-by
cache-iad-kcgs7200056-IAD, cache-hhn4021-HHN
x-browser-version
101
last-modified
Tue, 10 May 2022 21:37:59 GMT
x-timer
S1652253204.842539,VS0,VE0
etag
"627adb37-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
content
ws28.hotjar.com/api/v2/sites/1983834/recordings/ 		66 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws28.hotjar.com/api/v2/sites/1983834/recordings/content
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5923ebad1321802c309c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.29.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-29-128.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7827aa6cdcb5f8e064fea876f139fe6c209e365fda3afba19cbd30c3fafed5af

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
ryan-goodnight-resized.jpg
www.primeres.com/images/librariesprovider381/default-album/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider381/default-album/ryan-goodnight-resized.jpg?sfvrsn=7b5b57f0_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
39d672d1d68de6f985f430d32b50ed66349e5373a680d30a34e374d19caeb08f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 07:13:23 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-iinfo
12-75715576-75715856 2NNN RT(1652253202253 1460) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=0
content-disposition
inline; filename=ryan-goodnight-resized.jpg
content-length
29689
v2
embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/ Frame 8E79 		312 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/v2
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929ac9fe9fd21b00c4dd8e4423fc769644fe8251006e9a0cf3724a00a2d92a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 07:13:24 GMT
Access-Control-Request-Method
*
surrogate-key
0c93343f37ef30557f66d7cf643b2769873fc807-hls-segment purge-experiment-07
Last-Modified
Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,Content-Length,Content-Range
Cache-Control
max-age=31434773
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
312
Expires
Wed, 10 May 2023 03:06:17 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C4D2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 18:59:48 GMT
x-content-type-options
nosniff
age
44016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 17 May 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C4D2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 17:06:41 GMT
x-content-type-options
nosniff
age
50803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 10 May 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C4D2 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 10 May 2022 14:17:54 GMT
x-content-type-options
nosniff
age
60930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 10 May 2023 14:17:54 GMT
v2
embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/ Frame 8E79 		312 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/v2
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929ac9fe9fd21b00c4dd8e4423fc769644fe8251006e9a0cf3724a00a2d92a99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 11 May 2022 07:13:24 GMT
Access-Control-Request-Method
*
surrogate-key
0c93343f37ef30557f66d7cf643b2769873fc807-hls-segment purge-experiment-07
Last-Modified
Mon, 05 Nov 2018 10:11:00 GMT
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,Content-Length,Content-Range
Cache-Control
max-age=31434773
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
312
Expires
Wed, 10 May 2023 03:06:17 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C4D2 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 11 May 2022 07:13:24 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1672180992849673&ev=Microdata&dl=https%3A%2F%2Fwww.primeres.com%2Fcolorado&rl=&if=false&ts=1652253204089&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtSecurity%20First%20Financial%20-%20Mortgage%20Lender%20in%20Colorado%20-%20A%20Division%20of%20PRMI%5Cn%22%2C%22meta%3Adescription%22%3A%22Security%20First%20Financial%2C%20A%20Division%20of%20Primary%20Residential%20Mortgage%20Inc.%20(PRMI)%20is%20a%20highly%20rated%20Mortgage%20Lender%20in%20Colorado.%20We%20offer%20a%20wide%20selection%20of%20home%20loan%20programs%20and%20down%20payment%20assistance%20options.%20Serving%20customers%20in%20Denver%2C%20Colorado%20Springs%2C%20Aurora%2C%20Fort%20Collins%2C%20and%20the%20surrounding%20areas.%20Easily%20Apply%20Online%20or%20Contact%20Us%20Today%20to%20Get%20Started!%22%2C%22meta%3Akeywords%22%3A%22security%20first%20financial%2C%20security%20first%2C%20colorado%20mortgage%20lender%2C%20mortgage%20colorado%2C%20colorado%20mortgage%2C%20mortgage%20lender%20colorado%2C%20prmi%2C%20prmi%20colorado%2C%20prmi%20denver%2C%20prmi%20colorado%20springs%2C%20prmi%20fort%20collins%2C%20prmi%20aurora%2C%20primary%20residential%20mortgage%2C%20mortgage%20colorado%20springs%2C%20mortgage%20denver%2C%20security%20first%20mortgage%2C%20security%20first%20financial%20reviews%2C%20colorado%20first%20time%20homebuyer%2C%20colorado%20mortgage%20company%2C%20down%20payment%20assistance%20colorado%2C%20best%20mortgage%20company%20colorado%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fcolorado%22%2C%22url%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fcolorado%22%2C%22name%22%3A%22Colorado%20%23%206066%2F6073%22%7D%5D&sw=1600&sh=1200&v=2.9.59&r=stable&ec=1&o=30&fbp=fb.1.1652253203540.329159026&it=1652253203358&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 11 May 2022 07:13:24 GMT
x
distillery.wistia.com/ Frame 8E79 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-143-103.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 11 May 2022 07:13:24 GMT
cache-control
max-age=0, private, must-revalidate
david-lesjak-headshot5f5a3cc6f3104232b5419738eeed8f76.jpg
www.primeres.com/images/librariesprovider381/default-album/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.primeres.com/images/librariesprovider381/default-album/david-lesjak-headshot5f5a3cc6f3104232b5419738eeed8f76.jpg?sfvrsn=bb986a9e_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.89.ip.incapdns.net
Software
/
Resource Hash
f61be8fe97b98016de40109a9b11fd3536772fd45b53b081c81b9a29aa337a29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/colorado
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 May 2022 07:13:23 GMT
x-cdn
Imperva
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-iinfo
12-75715576-75714984 2NNN RT(1652253202253 1728) q(0 0 0 -1) r(5 5) U18
cache-control
max-age=0
content-disposition
inline; filename=david-lesjak-headshot5f5a3cc6f3104232b5419738eeed8f76.jpg
content-length
33622
reload
www.google.com/recaptcha/api2/ Frame C4D2 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a32fe3936d4157dbba982eef26e8dd1d40098b8d3bc9eb430a63dd34c311386b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM&co=aHR0cHM6Ly93d3cucHJpbWVyZXMuY29tOjQ0Mw..&hl=de&v=nEGwmCAyCoKVn9PSwAGnQWhY&size=invisible&cb=8n721ygn2ztd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18052
x-xss-protection
1; mode=block
expires
Wed, 11 May 2022 07:13:24 GMT
seg-1-v1.ts
embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/v2/ Frame 8E79 		652 KB
653 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/v2/seg-1-v1.ts
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1ccb83fdff6c32efea4da6b6b0c82cca483bfef3ae77d54a15c5b67d5b390fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
access-control-request-method
*
surrogate-key
0c93343f37ef30557f66d7cf643b2769873fc807-hls-segment purge-experiment-07
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31434730
expires
Wed, 10 May 2023 03:05:34 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
668152
quic-version
Q050
seg-1-v1.ts
embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/v2/ Frame 8E79 		652 KB
653 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/0c93343f37ef30557f66d7cf643b2769873fc807.m3u8/v2/seg-1-v1.ts
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1ccb83fdff6c32efea4da6b6b0c82cca483bfef3ae77d54a15c5b67d5b390fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
access-control-request-method
*
surrogate-key
0c93343f37ef30557f66d7cf643b2769873fc807-hls-segment purge-experiment-07
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31434730
expires
Wed, 10 May 2023 03:05:34 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
668152
quic-version
Q050
mput
pipedream.wistia.com/ Frame 8E79 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.53.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-53-240.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 11 May 2022 07:13:24 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
v2
embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/ Frame 8E79 		312 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/v2
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83aa3479eb0f09350756376020db8fa6a4fd54995329ccba62b52c6f29498331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
access-control-request-method
*
surrogate-key
4e8cde932bafb92e64be62692ca9e44ba7790bab-hls-segment purge-experiment-ab
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31535962
expires
Thu, 11 May 2023 07:12:46 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
312
quic-version
Q050
2e6526ac-741a-4c99-8d80-4307e2406915
https://fast.wistia.net/ Frame 8E79 		86 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://fast.wistia.net/2e6526ac-741a-4c99-8d80-4307e2406915
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e76eaa2ca64511cf4b805040f38f1c9181b19a5463a6f00ccd931483b388ae07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Length
88294
Content-Type
text/javascript
remediation_1652167554180.js
cdn.userway.org/widgetapp/2022-05-10/remediation/ 		150 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-05-10/remediation/remediation_1652167554180.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
43fdaa3776c0e7858b666591d0dc10c1dcadbddd328eb643f7cdf0a4a730c2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 07:13:24 GMT
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-77-nzt-ray
zpvy5hDjFCo
age
7
x-77-cache
HIT
x-cache
HIT
x-age
85335
content-encoding
br
x-77-nzt
AcO1ry+zNVj/V00BAA
x-accel-expires
@1678087869
last-modified
Tue, 10 May 2022 07:28:17 GMT
server
CDN77-Turbo
etag
W/"3a6253dfb746d3302aa88474a5d1a59e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
SvsFnqGKFaV3KcWpcii4Hicu8yd6n3w0YUyKe_9JVLswlRasDjINMA==
OCXBZixtfbN2rY19.json
cdn.userway.org/remediations/consolidated/1430254/ 		295 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/OCXBZixtfbN2rY19.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
46eb7f99cc4afae21828eb0129ea7579dd6369da67d69ec07e053ec5a6135abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 07:13:24 GMT
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
etag
W/"745fd90db1309382c8c2fc6f43ab9e46"
age
35214
x-77-cache
MISS
x-cache
MISS
content-encoding
br
vary
Accept-Encoding, Origin
x-77-nzt
AcO1ry/gDPSh
x-accel-expires
@1683789204
last-modified
Tue, 10 May 2022 21:13:58 GMT
server
CDN77-Turbo
x-77-nzt-ray
/5j6QeveX7o
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
https://www.primeres.com
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
Dfu4xo6x9ldNs-MRjFbBgfrSyopXec4TMwRL8hJsborfHgUyrAFzNw==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 07:13:24 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-77-nzt-ray
iJmxw4o9im0
age
52
x-edge-origin-shield-skipped
0
x-cache
HIT
x-age
19189616
content-encoding
br
x-77-nzt
AcO1ry8FuJH/cM8kAQ
x-accel-expires
@1658983588
last-modified
Thu, 30 Sep 2021 16:45:19 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-cache
HIT
content-type
image/svg+xml
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6YMei--F0t_BGSzZqKCPsSaHi3ftzitOd7MJXCengBVtWkp0umWGoQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/colorado
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 07:13:24 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-77-nzt-ray
45MPYRULCwQ
age
52
x-77-cache
HIT
x-edge-origin-shield-skipped
0
x-cache
HIT
x-age
19189616
content-encoding
br
x-77-nzt
AcO1ry9Kjyf/cM8kAQ
x-accel-expires
@1658983588
last-modified
Thu, 30 Sep 2021 16:45:19 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
z1-TLQ0wWcAHOw8cBTiSLzeIq6QHdJj-1cDCQdvlpwyjcYTxWH9zaQ==
allIntegrations.js
fast.wistia.net/assets/external/ Frame 8E79 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97f7e1bf36fee756a18b072a7ffa5ef6aa41f16982d2673b5e1b573f1f97f198
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/if6magt53x?videoFoam=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
content-encoding
br
vary
Accept-Encoding
age
1998
x-cache
HIT, HIT
content-length
7140
x-served-by
cache-iad-kjyo7100053-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253205.751672,VS0,VE0
etag
"627aad11-1be4"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 80
mega_menu_helper1652167554180.js
cdn.userway.org/widgetapp/2022-05-10/remediation/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2022-05-10/remediation/mega_menu_helper1652167554180.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 11 May 2022 07:13:24 GMT
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-77-nzt-ray
6HFD0dqv8lI
age
36
x-77-cache
HIT
x-cache
HIT
x-age
85273
content-encoding
br
x-77-nzt
AcO1ry8SB2n/GU0BAA
x-accel-expires
@1678087931
last-modified
Tue, 10 May 2022 07:28:17 GMT
server
CDN77-Turbo
etag
W/"958b69af992f3dd795e8cc5960298ea2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=25920000, public
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
QzK1LBpaWKgVq5tZDqnuv2MUmkGHfGGVtKjb_JO6BqUMCqbYKFmYWQ==
v2
embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/ Frame 8E79 		312 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/v2
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
83aa3479eb0f09350756376020db8fa6a4fd54995329ccba62b52c6f29498331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:24 GMT
access-control-request-method
*
surrogate-key
4e8cde932bafb92e64be62692ca9e44ba7790bab-hls-segment purge-experiment-ab
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31535962
expires
Thu, 11 May 2023 07:12:46 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
312
quic-version
Q050
seg-2-v1.ts
embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/v2/ Frame 8E79 		623 KB
623 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/v2/seg-2-v1.ts
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7554510e2918aa71d21bbd75d82d2f860d10580b964df2151ff4ebb6ff2a604f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:25 GMT
access-control-request-method
*
surrogate-key
4e8cde932bafb92e64be62692ca9e44ba7790bab-hls-segment purge-experiment-ab
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31239823
expires
Sun, 07 May 2023 20:57:08 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
638072
quic-version
Q050
seg-1-v1.ts
embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/v2/ Frame 8E79 		2 MB
2 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embedwistia-a.akamaihd.net/deliveries/4e8cde932bafb92e64be62692ca9e44ba7790bab.m3u8/v2/seg-1-v1.ts
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
92.123.224.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-224-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad32d1c3b8e8e2e85603e46bc876c251d2a62863f426efd2ff1b302897cf26dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:25 GMT
access-control-request-method
*
surrogate-key
4e8cde932bafb92e64be62692ca9e44ba7790bab-hls-segment purge-experiment-ab
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range
cache-control
max-age=31239767
expires
Sun, 07 May 2023 20:56:12 GMT
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2487992
quic-version
Q050
links
api.userway.org/api/br-links/v0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.primeres.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
date
Wed, 11 May 2022 07:13:25 GMT
x-service-version
apps-692c3de1
links
api.userway.org/api/br-links/v0/ 		82 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/br-links/v0/links
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f8e57ba55f471fa23de1e5a89199b45fe719a9ec1c399cb8906670bf985cf8e7

Request headers

Referer
https://www.primeres.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 11 May 2022 07:13:25 GMT
etag
W/"52-fDQVhM7rMxn+D7u8zget7cp/2rc"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-max-age
3000
access-control-allow-headers
*
content-length
82
x-service-version
apps-692c3de1
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
x
distillery.wistia.com/ Frame 8E79 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-143-103.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 11 May 2022 07:13:25 GMT
cache-control
max-age=0, private, must-revalidate
mput
pipedream.wistia.com/ Frame 8E79 		2 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.53.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-53-240.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 11 May 2022 07:13:25 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
3233922812239958
api.userway.org/api/remediation/moderation/by-page/1430254/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/remediation/moderation/by-page/1430254/3233922812239958
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-05-10/widget_app_base_1652167554180.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.83.169 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-83-169.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:25 GMT
etag
W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
3350
x-service-version
uw-pr
allIntegrations.js
fast.wistia.net/assets/external/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97f7e1bf36fee756a18b072a7ffa5ef6aa41f16982d2673b5e1b573f1f97f198
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 07:13:25 GMT
content-encoding
br
vary
Accept-Encoding
age
1999
x-cache
HIT, HIT
content-length
7140
x-served-by
cache-iad-kjyo7100053-IAD, cache-hhn4021-HHN
access-control-allow-origin
*
x-browser-version
101
last-modified
Tue, 10 May 2022 18:21:05 GMT
x-timer
S1652253206.792265,VS0,VE0
etag
"627aad11-1be4"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 81
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=387893758&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.primeres.com%2Fcolorado&ul=en-us&de=UTF-8&dt=Security%20First%20Financial%20-%20Mortgage%20Lender%20in%20Colorado%20-%20A%20Division%20of%20PRMI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=25%25%20Watched&el=denver&_u=aHBAAUABAAAAAC~&jid=&gjid=&cid=1618003221.1652253204&tid=UA-128694104-2&_gid=159644112.1652253204&gtm=2ou590&z=1271588968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 16:22:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53461
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
x
distillery.wistia.com/ Frame 8E79 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-143-103.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 11 May 2022 07:13:26 GMT
cache-control
max-age=0, private, must-revalidate
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=387893758&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.primeres.com%2Fcolorado&ul=en-us&de=UTF-8&dt=Security%20First%20Financial%20-%20Mortgage%20Lender%20in%20Colorado%20-%20A%20Division%20of%20PRMI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=50%25%20Watched&el=denver&_u=aHBAAUABAAAAAC~&jid=&gjid=&cid=1618003221.1652253204&tid=UA-128694104-2&_gid=159644112.1652253204&gtm=2ou590&z=319601700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 May 2022 16:22:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53462
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
x
distillery.wistia.com/ Frame 8E79 		0
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.143.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-143-103.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 11 May 2022 07:13:27 GMT
cache-control
max-age=0, private, must-revalidate

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| sf_appPath function| $ function| jQuery function| fbq function| _fbq function| gtag object| dataLayer function| hj object| _hjSettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onSubmit function| _typeof object| jQuery112106686023990974868 object| talonUtil function| getParameterByName function| addParametersToUrl function| addParametersToUrlFromConfig function| paramReplace function| getConfigValue function| addUtmParametersOnLinks function| addUtmParametersFromConfigOnLinks object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| UserWayWidgetApp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| wistiaBindIframes object| wistiaApi function| wistiaDispatch boolean| _loaded object| recaptcha object| closure_lm_552160 object| gaplugins object| gaGlobal object| gaData function| __read function| __spreadArray function| __values function| __rest object| _userway_config boolean| _userway object| UserWay function| __assign function| __awaiter function| __generator object| forPM

13 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AEZ1cypgttGTnVYHd6MPiOBVwp_T0Yx_K-1bxAMTQTpFd0DXJbc4hxfEA9-nUNfg259nTxZhkUrc7M_jBNQtlv8
.primeres.com/ Name: visid_incap_2631594
Value: gjisneOqTK6CJbyVt6llbxFie2IAAAAAQUIPAAAAAAA/g5+YENdFEhIsMPI6VBtM
.primeres.com/ Name: incap_ses_260_2631594
Value: TdGcVgnY4GUiWBnp27SbAxJie2IAAAAAPPWQm0lLyDJL2PnAMwSDRw==
.primeres.com/ Name: _fbp
Value: fb.1.1652253203540.329159026
.primeres.com/ Name: _ga
Value: GA1.2.1618003221.1652253204
.primeres.com/ Name: _gid
Value: GA1.2.159644112.1652253204
.primeres.com/ Name: _gat_gtag_UA_128694104_2
Value: 1
.primeres.com/ Name: _hjSessionUser_1983834
Value: eyJpZCI6IjdjOGYxZTE4LTBkYTctNWU3Yi04NDZlLWVjYWQ4ZTI0OWY1NyIsImNyZWF0ZWQiOjE2NTIyNTMyMDM1OTQsImV4aXN0aW5nIjpmYWxzZX0=
.primeres.com/ Name: _hjFirstSeen
Value: 1
www.primeres.com/ Name: _hjIncludedInSessionSample
Value: 1
.primeres.com/ Name: _hjSession_1983834
Value: eyJpZCI6IjBmNTY5ZjdiLTY3YjItNGJhYy1hMDBjLWE0ZjE0YWI0MDMwZCIsImNyZWF0ZWQiOjE2NTIyNTMyMDM3NDcsImluU2FtcGxlIjp0cnVlfQ==
www.primeres.com/ Name: _hjIncludedInPageviewSample
Value: 1
.primeres.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

1 Console Messages

Source Level URL
Text
worker info URL: blob:https://fast.wistia.net/2e6526ac-741a-4c99-8d80-4307e2406915
Message:
[log] >

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ajax.googleapis.com
api.userway.org
cdn.userway.org
cdnjs.cloudflare.com
connect.facebook.net
distillery.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
pipedream.wistia.com
script.hotjar.com
securityff.com
static.hotjar.com
vars.hotjar.com
ws28.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.primeres.com
107.154.80.89
13.224.198.17
13.224.198.73
13.225.80.68
13.225.80.89
18.205.143.103
2606:4700:3036::6815:119b
2606:4700::6811:190e
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a02:6ea0:c700::2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::622
2a04:4e42::622
44.194.53.240
44.228.83.169
52.208.29.128
54.77.142.136
92.123.224.26
0466786b1eb0606e7d46394695cc1256e305f08062aeeab72360185cd596adde
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
232118036e4f16b51c1f6f6a1bf8798382a57ad704620a125887c1596c10a3f6
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2662d756ed36cc7910e4b0ec15efa3184d378c05d025f85c72370496057270d7
2780c6e8a166a28c71244e260012b9bae290e66734c05a1e3647534408a04708
2ee5ec417d008865fb05dc016f88c09f5b11abf4c201a73a686981e64cb88a13
365764ca44bc947ad2daa5469a3d7d6609553e37915132fbfa85cc8c0da31395
374248663c4461819ce47125e248283794cd7c19399683cc1f256b2718d78569
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
39d672d1d68de6f985f430d32b50ed66349e5373a680d30a34e374d19caeb08f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e8e76a70b5ec0a97f60491364274ab39aebd8f949b6a310a174633b015d4738
43fdaa3776c0e7858b666591d0dc10c1dcadbddd328eb643f7cdf0a4a730c2d1
46eb7f99cc4afae21828eb0129ea7579dd6369da67d69ec07e053ec5a6135abd
4e4a1c5c86a0dde2eb15d582fba759c765f64652454a3b9f12ea3e6fb255bff6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b76d167892e79ecb117c94c5f8830b3749c6ab48eef5b1797b19e43aa4b7aa1
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74270aa8a3e7361062ca73df84ad4975043f3d724c34f2cca31c686728b47e1f
7554510e2918aa71d21bbd75d82d2f860d10580b964df2151ff4ebb6ff2a604f
7827aa6cdcb5f8e064fea876f139fe6c209e365fda3afba19cbd30c3fafed5af
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aa3479eb0f09350756376020db8fa6a4fd54995329ccba62b52c6f29498331
929ac9fe9fd21b00c4dd8e4423fc769644fe8251006e9a0cf3724a00a2d92a99
97f7e1bf36fee756a18b072a7ffa5ef6aa41f16982d2673b5e1b573f1f97f198
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9a721bd38aa639b03d407eab310df38101f5718fd17cadc08bac55d2a38bac52
a055bcc5b8a908caaee3b805256aad4457f687506c37f8daccae240c3ba086be
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32fe3936d4157dbba982eef26e8dd1d40098b8d3bc9eb430a63dd34c311386b
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a7a97b4fd40e89c0b431736ce122b4ab25ae182b4e46e000eff2de49c1bc8cc0
ab2b264778603e0c6d081f5160577c69f6da434e42aa06b8eabb94fdf541ebfc
ad32d1c3b8e8e2e85603e46bc876c251d2a62863f426efd2ff1b302897cf26dd
b2a49e714a2e67c1c1d0e65725f31387717ba9342157f71c882923e0b28c13af
b4cb5956d149f630f60157c217c68a8b637014a9d25163a0aa524f607d472a5d
b997f618771ea4a77998145ccb09c81d44d0da4f8ae026017e7172d28c0f841b
bbc8f741681e7e2baec6bccc1446af6a2842c7873d805ee346108537474dab3e
c3726dc7a511569a8e3404d41d95b84708ac28ac2cd13482924f82c3ca814365
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e
c8879ebe06df99c311b603336d0ac2afe1e514a28d1b8c09a5392772f9f84397
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca346366d88b96f3c2c7646a648c06437b0e55e2f5099c7eadb1fb837a674f19
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
cef63f6378f616ddbc50e81459f0f636540f0b7cc63767e5b789d963acf5ea07
d1ccb83fdff6c32efea4da6b6b0c82cca483bfef3ae77d54a15c5b67d5b390fd
d210ba55ab4bb68bdc346d8f950466b08aa6503dce82aec8aaa1f5a89a97d0bc
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d99089cc937c3d426a016bd571befd751bf9698dc3ebd22eff6929809e41d641
e2bb902ccc459d03e4b9d2fdc84903ba65745388cee5a5bea30f8f16d135dda6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76eaa2ca64511cf4b805040f38f1c9181b19a5463a6f00ccd931483b388ae07
ecf71c7ff74d8331c96c1c29323901bafdc2ed2adc763d2e8d681beeeb895dcf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01225ec86461e761b9b9f25d01ae675c26e9e7552cb1e7f1a540d0b92e6a21a
f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3
f61be8fe97b98016de40109a9b11fd3536772fd45b53b081c81b9a29aa337a29
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8e57ba55f471fa23de1e5a89199b45fe719a9ec1c399cb8906670bf985cf8e7
f8fe889ebf5fb107921579284f9b023b342a93cefa46bb13179b5f4618cdc147
fbcb2fa0be9cb29da217997ff26cbddbaccb75b49ddd2e822669611cd6eefa89
fd737b8f00a5f9fe175f9d9c0797eacab75b820f330f6e38573201ac8deef3da