www.primeres.com Open in urlscan Pro
107.154.80.89 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.primeres.com/privacy-policy
Submission: On November 10 via api (November 10th 2022, 4:06:14 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 42 HTTP transactions. The main IP is 107.154.80.89, located in United States and belongs to INCAPSULA, US. The main domain is www.primeres.com. The Cisco Umbrella rank of the primary domain is 911688.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 8th 2022. Valid for: a year.

This is the only time www.primeres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 16	107.154.80.89 107.154.80.89	19551 (INCAPSULA) (INCAPSULA)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	18.64.79.117 18.64.79.117	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	108.138.17.79 108.138.17.79	16509 (AMAZON-02) (AMAZON-02)
7	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	18.66.147.113 18.66.147.113	16509 (AMAZON-02) (AMAZON-02)
1	108.128.255.0 108.128.255.0	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
6	44.236.209.75 44.236.209.75	16509 (AMAZON-02) (AMAZON-02)
1	54.77.201.84 54.77.201.84	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
42	15

16 107.154.80.89 (United States) 2 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.80.89.ip.incapdns.net

www.primeres.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-117.txl50.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-79.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-113.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.255.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-255-0.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.236.209.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-209-75.us-west-2.compute.amazonaws.com

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.201.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com

ws36.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	primeres.com 2 redirects www.primeres.com — Cisco Umbrella Rank: 911688	250 KB
13	userway.org cdn.userway.org — Cisco Umbrella Rank: 4928 api.userway.org — Cisco Umbrella Rank: 4940	122 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 625 script.hotjar.com — Cisco Umbrella Rank: 763 vars.hotjar.com — Cisco Umbrella Rank: 824 in.hotjar.com — Cisco Umbrella Rank: 1628 ws36.hotjar.com — Cisco Umbrella Rank: 58994	72 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2154	259 B
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 24435	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	43 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 669	30 KB
42	10

	Domain	Requested by
16	www.primeres.com	2 redirects www.primeres.com
7	cdn.userway.org	accessibilityserver.org cdn.userway.org
6	api.userway.org	cdn.userway.org
2	www.facebook.com	www.primeres.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.primeres.com connect.facebook.net
1	ws36.hotjar.com	script.hotjar.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	accessibilityserver.org	www.primeres.com
1	static.hotjar.com	www.primeres.com
1	www.googletagmanager.com	www.primeres.com
1	code.jquery.com	www.primeres.com
42	15

This site contains links to these domains. Also see Links.

Domain
help.hotjar.com
policies.google.com
www.sml.texas.gov
www.facebook.com
twitter.com
www.linkedin.com
mortgage.nationwidelicensingsystem.org

Subject Issuer	Validity	Valid
*.primeres.com Go Daddy Secure Certificate Authority - G2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-19` - `2022-11-17`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
accessibilityserver.org Amazon	`2022-11-07` - `2023-12-05`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
api.userway.org Amazon	`2022-10-02` - `2023-10-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.primeres.com/privacy-policy
Frame ID: CCBEFA54DDA66DB8C14757B4B4BD0602
Requests: 39 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
Frame ID: 35282B387515070D2A3032A607D61B6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Privacy Policy | Primary Residential Mortgage, Inc.

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

95 %
HTTPS

40 %
IPv6

10
Domains

15
Subdomains

15
IPs

4
Countries

651 kB
Transfer

2219 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://help.hotjar.com/hc/en-us/categories/115001323967-About-Hotjar
Title: support site

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en
Title: privacy policies

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites
Title: click here

Search URL Search Domain Scan URL

URL: http://www.sml.texas.gov/
Title: www.sml.texas.gov

Search URL Search Domain Scan URL

URL: https://www.facebook.com/primeresmtg/

Search URL Search Domain Scan URL

URL: https://twitter.com/primeresmtg

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/primary-residential-mortgage/

Search URL Search Domain Scan URL

URL: https://mortgage.nationwidelicensingsystem.org/about/Pages/NMLSConsumerAccess.aspx
Title: NMLS Consumer Access

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3n7_RKCJ-vIJUJFuXa8B4Amif7spdCj-FiaEBQ5ZrOHo-yEfYWaebWQ-sjFzlXYR3UXhEYqcOmVT4uH6xAj-JeDJzlhtj5USljRoaOo6Vpih2_B4T6BgmZutdqH8PNCiJx9wxVhMx2eqN-dLUGI-mH38FWD7jAHfJV7uEUFUHCiY0&t=a366992 HTTP 302
https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd

Request Chain 6

https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESKF67BVWMBQu3snEfwUZhvR7IdIxVau-2YXmF6f5PaDrXPyEx-W4GyY0LVOGfqijJJLeZ9pHnpJqDER_nO79w1swtFWJGQsUl4Bs8Jye7TPrkgxC6dVHwOXOBLbICHMRcs-id2TXZfE59VN3OchIKb6j3aF6Les2oUWvLtZPUMaB0&t=a366992 HTTP 302
https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request privacy-policy Show response
www.primeres.com/ 55 KB
16 KB 622ms
567ms Document
text/html 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.80.89 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.80.89.ip.incapdns.net

Software

Resource Hash

908827fff46c5a42f11b94725c092d8e116812e32722d6d8e16e066146efc5f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 10 Nov 2022 16:06:09 GMT
expires: -1
pragma: no-cache
vary: Accept-Encoding
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 12-14761257-14761260 NNNN CT(117 230 0) RT(1668096368356 19) q(0 0 4 0) r(6 6) U18

GET
H2 200 corp.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/ 171 KB
44 KB 60ms
59ms Stylesheet
text/css 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: 226cdde95371cbaf5bf5408613a903ecc3b5c7a9fa8d0757f1546b080f28138a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 19:21:03 GMT
x-cdn: Imperva
age: 85315
etag: "151fdb3da7f3d81:0"
content-type: text/css
x-iinfo: 12-14761257-14761426 2CNN RT(1668096368356 595) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 44944

GET
H2 200 jquery-3.4.1.min.js Show response
code.jquery.com/ 86 KB
30 KB 539ms
489ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.min.js
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15851"
vary: Accept-Encoding
x-hw: 1668096369.dop166.fr8.t,1668096369.cds012.fr8.hn,1668096369.cds236.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30638

GET
H2 200 outdatedbrowser.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/ 1 KB
882 B 48ms
47ms Stylesheet
text/css 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/outdatedbrowser.min.css
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: 991c9519d27aaeecc44141e98a1f86b79c68cb835a66e04af960b874246ab96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:08 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 18:10:04 GMT
x-cdn: Imperva
age: 222148
etag: "a1a6e2a1deed81:0"
content-type: text/css
x-iinfo: 12-14761257-14761213 2CNN RT(1668096368356 605) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 709

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 48ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145993286-44

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

817738fae280fcbc3d17b54ee83301125c975a1378db6a8c779f4e34771caaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43583
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Nov 2022 16:06:09 GMT

GET
H2 404 awardsBanner.js
www.primeres.com/ResourcePackages/Talon/MVC/Scripts/AwardsSlider/ 0
0 59ms
59ms Script
text/html 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/MVC/Scripts/AwardsSlider/awardsBanner.js
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:08 GMT
content-encoding: gzip
x-cdn: Imperva
age: 85314
etag: "df4487cf"
content-type: text/html; charset=utf-8
x-iinfo: 12-14761257-14761019 2CNN RT(1668096368356 619) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0

GET
H2

404

404.aspx
www.primeres.com/
Redirect Chain

https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3n7_RKCJ-vIJUJFuXa8B4Amif7spdCj-FiaEBQ5ZrOHo-yEfYWaebWQ-sjFzlXYR3UXhEYqcOmVT4uH6xAj-JeDJzlhtj5USljRoaOo6Vpih2_B4T6BgmZutdqH8PNCiJx9...
https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd

0
0

120ms
120ms

Script
text/html

107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Server

107.154.80.89 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.80.89.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-iinfo: 12-14761257-14761436 PNYN RT(1668096368356 1101) q(0 0 0 -1) r(1 1) U18
date: Thu, 10 Nov 2022 16:06:08 GMT
cache-control: max-age=0
content-encoding: gzip
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8

Redirect headers

date: Thu, 10 Nov 2022 16:06:08 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /404.aspx?aspxerrorpath=/ScriptResource.axd
x-iinfo: 12-14761257-14761434 NNNN CT(123 230 0) RT(1668096368356 626) q(0 0 4 -1) r(5 5) U11
cache-control: private
content-length: 160

GET
H2

404

404.aspx
www.primeres.com/
Redirect Chain

https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESKF67BVWMBQu3snEfwUZhvR7IdIxVau-2YXmF6f5PaDrXPyEx-W4GyY0LVOGfqijJJLeZ9pHnpJqDER_nO79w1swtFWJGQsUl4Bs8Jye7TPrkgxC6dVHwOXOBLbICHMRcs-...
https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd

0
0

125ms
124ms

Script
text/html

107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Server

107.154.80.89 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.80.89.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-iinfo: 12-14761257-14761434 PNYN RT(1668096368356 1104) q(0 0 0 -1) r(1 1) U18
date: Thu, 10 Nov 2022 16:06:08 GMT
cache-control: max-age=0
content-encoding: gzip
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8

Redirect headers

date: Thu, 10 Nov 2022 16:06:08 GMT
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
location: /404.aspx?aspxerrorpath=/ScriptResource.axd
x-iinfo: 12-14761257-14761436 NNNN CT(124 221 0) RT(1668096368356 635) q(0 0 4 -1) r(5 5) U11
cache-control: private
content-length: 160

GET
H2 200 all.min.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 92 KB
32 KB 461ms
461ms Script
application/javascript 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon&v=MTc0OTMwNDkzOQ%3d%3d

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.80.89 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.80.89.ip.incapdns.net

Software

Resource Hash

c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 19:20:56 GMT
x-cdn: Imperva
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-iinfo: 12-14761257-14759484 2NNN RT(1668096368356 685) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=0
content-length: 32145

GET
H2 200 outdatedbrowser.js Show response
www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/ 9 KB
3 KB 28ms
28ms Script
application/javascript 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/outdatedbrowser/outdatedbrowser.js
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: 0e241bcda4c69cfdc353948f11a7cab717fb0ee72e681b36251bf4a5ad292e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 19:25:11 GMT
x-cdn: Imperva
age: 85315
etag: "437ffcd1a7f3d81:0"
content-type: application/javascript
x-iinfo: 12-14761257-14761213 2CNN RT(1668096368356 689) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 3116

GET
H2 200 utm-campaign.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/ 4 KB
2 KB 468ms
468ms Script
application/javascript 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/utm-campaign.js?package=Talon&v=MTc3NjE2OTQyNQ%3d%3d

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.80.89 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.80.89.ip.incapdns.net

Software

Resource Hash

630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 19:25:02 GMT
x-cdn: Imperva
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-iinfo: 12-14761257-14761426 2NNN RT(1668096368356 692) q(0 0 0 -1) r(4 4) U18
cache-control: max-age=0
content-length: 1638

GET
H2 200 _Incapsula_Resource Show response
www.primeres.com/ 142 KB
20 KB 15ms
14ms Script
application/javascript 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1151734043
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: 0f23979ea4418092b167862c5c1f4b74e788e9b8af010fea032cc213a8ff0da2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20590
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 57ms
28ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 16:06:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: UaqdmE//TAPLP6hc24WNiZqR/x0+BYpqBteIFwir/TS9lHV2woR1isRujoLP91Fe3DZtMZd9r89cB/JwTTS4jA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1983834.js Show response
static.hotjar.com/c/ 4 KB
2 KB 88ms
59ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1983834.js?sv=6

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

45db0e0b7484de81e3338e7623f053fb0eb9e45991ea66729a0431e682eb7922

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/957af187cac1fb186e37ba198b27a6a4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: OwQ1mJ-mH38-Qo6VUI25-jBpkedEuPMSaq6wZoLr1V0b6YkfTs4-8A==

GET
H2 200 svgs.svg
www.primeres.com/ResourcePackages/Talon/assets/svg/ 32 KB
11 KB 9ms
9ms Other
image/svg+xml 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/svg/svgs.svg
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: fd737b8f00a5f9fe175f9d9c0797eacab75b820f330f6e38573201ac8deef3da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: gzip
last-modified: Tue, 08 Nov 2022 19:21:04 GMT
x-cdn: Imperva
age: 118710
etag: "db53713ea7f3d81:0"
content-type: image/svg+xml
x-iinfo: 12-14761257-14761426 2CNN RT(1668096368356 1229) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 11061

GET
H2 200 Montserrat-VF.woff2
www.primeres.com/ResourcePackages/Talon/assets/dist/fonts/ 120 KB
121 KB 13ms
13ms Font
application/font-woff2 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/fonts/Montserrat-VF.woff2
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: 30340b72c6991d891792731fb1dd492ff6a2c530adee3b22d13c5fbc522601e8

Request headers

Referer: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Origin: https://www.primeres.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
last-modified: Tue, 08 Nov 2022 19:21:03 GMT
x-cdn: Imperva
age: 59178
etag: "e0963ea7f3d81:0"
content-type: application/font-woff2
x-iinfo: 12-14761257-14761426 2CNN RT(1668096368356 1240) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=0
content-length: 122820

GET
H2 200 menu_open_icon.svg
www.primeres.com/images/librariesprovider868/default-album/ 451 B
402 B 21ms
21ms Image
image/svg+xml 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.primeres.com/images/librariesprovider868/default-album/menu_open_icon.svg
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: a69ff6d89958a2106947fdf8003b6f3fd3808cbc36552e44d5e40b2cdc065092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/corporate/corp.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
content-encoding: gzip
x-cdn: Imperva
age: 231059
etag: "071e15ae"
content-type: image/svg+xml
x-iinfo: 12-14761257-14759484 2CNN RT(1668096368356 1281) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=0
content-length: 296

GET
H2 200 widget.js Show response
accessibilityserver.org/ 1 KB
1 KB 67ms
13ms Script
application/javascript 18.64.79.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-117.txl50.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: 0991fef79e46138a282d0b02762f1b1a05bbeae3130fae2d5fcfaa61fbca0fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 15:52:20 GMT
via: 1.1 5399a427cccb3191e8715ae58ba175aa.cloudfront.net (CloudFront), 1.1 7da1d60a481ae3940f6605e4b4cab476.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: MUC50-P1, TXL50-P2
age: 829
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 1328
x-77-nzt: Abk73BDuHtT/MAUAAA
last-modified: Thu, 27 Oct 2022 14:03:37 GMT
server: CDN77-Turbo
x-77-nzt-ray: ffffffff9c6281c276296a6399a87a11
etag: W/"f6d9107435dceeee39467a0f5464cb90"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: BxmC6EVcMcB0nVztkLhoLV4Dwzio9NRCqXYPIci3s_Ed2u6LA8VdTg==

GET
H2 200 _Incapsula_Resource
www.primeres.com/ 1 B
35 B 8ms
8ms Image
text/plain 107.154.80.89
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.primeres.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6409417722443087
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.80.89 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.80.89.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/privacy-policy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 2038164119652243 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 223ms
223ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2038164119652243?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bbd6033ebeb53a3edb1912de7cf82c3857c375b646bdcb69096c281233c88ae7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 10 Nov 2022 16:06:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rfMuzhjltwwD8ZazBzG0l65VH8khLfhE5ODsLdvBAWsPFf3ffbvqo6u3BibcF3JS90j/oojZwCuq3vLlcrFq5Q==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145993286-44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 10 Nov 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3015
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 10 Nov 2022 17:15:54 GMT

GET
H2 200 modules.161a981e5a2b8d0e6270.js Show response
script.hotjar.com/ 262 KB
67 KB 35ms
8ms Script
application/javascript 108.138.17.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1983834.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-79.fra56.r.cloudfront.net

Software

Resource Hash

84fd546c645b59fd37fe279dad317df63fb7b3e2acec2fc7c740afdc94945f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 15:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3782
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68494
last-modified: Thu, 10 Nov 2022 15:02:59 GMT
etag: "5316b8be12a3303e0d46fbc96b5f7f2a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: tmAqEDFSbZItIoFr3kqkd6vQncOoCIlCVKn6QMXyhfSLgmTHHkOveA==

GET
H2 200 widget_app_base_1666879255587.js Show response
cdn.userway.org/widgetapp/2022-10-27/ 127 KB
35 KB 128ms
7ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Requested by: Host: accessibilityserver.org
URL: https://accessibilityserver.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5a930c08497411867d6492692e0b73eacf0795b92ff56a3d180678439fdf9fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:09 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 156
x-cache: HIT
x-77-cache: HIT
x-age: 1215959
x-77-nzt: Abk73BCF6hv/140SAA
x-accel-expires: @1692800410
last-modified: Thu, 27 Oct 2022 14:03:35 GMT
server: CDN77-Turbo
etag: W/"34d63df83bbfb056ba92a08acdb1dbfe"
x-77-nzt-ray: ffffffff1f34c01c71216d6388e8db3a
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: B-ADn2hp8Ib7ik3Z_gZw7-DTnTE5XOV1DvZhPmZ8Hv423OcJ-t4vag==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 37ms
16ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=351594474&t=pageview&_s=1&dl=https%3A%2F%2Fwww.primeres.com%2Fprivacy-policy&ul=en-us&de=UTF-8&dt=Privacy%20Policy%20%7C%20Primary%20Residential%20Mortgage%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=536397447&gjid=1504795557&cid=573291247.1668096370&tid=UA-145993286-44&_gid=1111030291.1668096370&_r=1&gtm=2oub70&z=507737730

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.primeres.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Nov 2022 16:06:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.primeres.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-c6ca1c87e308a39aabb76b56ba54398b.html Show response
vars.hotjar.com/ Frame 3528 2 KB
1 KB 43ms
7ms Document
text/html 18.66.147.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1983834.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-113.fra60.r.cloudfront.net

Software

Resource Hash

a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.primeres.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 531843
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 12:22:06 GMT
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-id: PT5k_G_VB5GEHZO8aMR5r6f0EhGAofpqUbW-gik85H2udoLn9mum1g==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1983834/ 148 B
323 B 116ms
39ms XHR
application/json 108.128.255.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1983834/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.255.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-255-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bdcbc89391aa102582b534556887a7e27efb13b0025724e914f5308a20448e18

Request headers

Referer: https://www.primeres.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 10 Nov 2022 16:06:10 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1983834 Show response
vc.hotjar.io/sessions/ 0
259 B 64ms
32ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1983834?s=0.25&r=0.15367076759164777
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:09 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 3_PFAq2bwaJpA2NVm1ZWLDYVUGpP32hVaqGWx4yyMoVhZxkcgxY36w==

POST
H2 200 5E0vL5lD6Y Show response
api.userway.org/api/tunings/ 2 KB
2 KB 588ms
186ms XHR
application/json 44.236.209.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/5E0vL5lD6Y
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.209.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-209-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 95d7222c7b034721e05fa48cc4eed24e3a857183f74411010c8e390b0d21a979

Request headers

Referer: https://www.primeres.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 10 Nov 2022 16:06:10 GMT
etag: W/"7d7-lrUr82BP6f83l4mENeRZJL0BX0w"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr77a4d8b46e314ad
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 2007
x-service-version: uw-pr

POST
H2 200 content Show response
ws36.hotjar.com/api/v2/sites/1983834/recordings/ 66 B
260 B 283ms
67ms XHR
application/json 54.77.201.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws36.hotjar.com/api/v2/sites/1983834/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.161a981e5a2b8d0e6270.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.201.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 820b8b2bcc9a0c0d7c889294b86fdcbbb72937fd11d813ba1c87d53209ce91b9

Request headers

Referer: https://www.primeres.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 10 Nov 2022 16:06:10 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
10ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2038164119652243&ev=PageView&dl=https%3A%2F%2Fwww.primeres.com%2Fprivacy-policy&rl=&if=false&ts=1668096370106&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668096370105.1188959500&it=1668096369804&coo=false&rqm=GET

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Nov 2022 16:06:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 19ms
8ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2038164119652243&ev=Microdata&dl=https%3A%2F%2Fwww.primeres.com%2Fprivacy-policy&rl=&if=false&ts=1668096370608&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtPrivacy%20Policy%20%7C%20Primary%20Residential%20Mortgage%2C%20Inc.%5Cn%22%2C%22meta%3Adescription%22%3A%22Primary%20Residential%20Mortgage%2C%20Inc.%20takes%20privacy%20seriously.%20Read%20our%20Privacy%20Policy%20to%20learn%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Privacy%20Policy%20%7C%20Primary%20Residential%20Mortgage%2C%20Inc.%22%2C%22og%3Adescription%22%3A%22Primary%20Residential%20Mortgage%2C%20Inc.%20takes%20privacy%20seriously.%20Read%20our%20Privacy%20Policy%20to%20learn%20more.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fprivacy-policy%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Corp%20Website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.primeres.com%22%2C%22url%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fprivacy-policy%22%2C%22name%22%3A%22Corp%20Website%22%7D%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1668096370105.1188959500&it=1668096369804&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 10 Nov 2022 16:06:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2022-10-27/locales/ 433 B
824 B 24ms
8ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-10-27/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:11 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 200
x-cache: HIT
x-77-cache: HIT
x-age: 1228572
x-77-nzt: Abk73BCBBRr/HL8SAA
x-accel-expires: @1692787799
last-modified: Thu, 27 Oct 2022 10:25:31 GMT
server: CDN77-Turbo
etag: W/"0c4b53012957584c54e80867ff489590"
x-77-nzt-ray: fffffffff02cf23673216d63515a7614
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://www.primeres.com
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Origin
x-amz-cf-id: HirU25IjdTkniWJEz0V20lxoZeUedigy7YrhPjQ6zusB5Xx59Vw0hA==

GET
H2 200 remediation_1666879255587.js Show response
cdn.userway.org/widgetapp/2022-10-27/remediation/ 152 KB
37 KB 18ms
18ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-10-27/remediation/remediation_1666879255587.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8077f5c0ed169e92f2e37564966e9d41f3ae6429b0e13e4d21dc0c57b4b55703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:11 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 356
x-cache: HIT
x-77-cache: HIT
x-age: 1215755
x-77-nzt: Abk73BDybDH/C40SAA
x-accel-expires: @1692800616
last-modified: Thu, 27 Oct 2022 14:03:35 GMT
server: CDN77-Turbo
etag: W/"f075af36bff195b1c0474c5d5e9f5f22"
x-77-nzt-ray: ffffffff1f34c01c73216d638b65a031
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: tTSpvvFfkoCOJxCgrUXYHOwVshyYIFx9I2zEp6OUPP2wFVlBMHxE0g==

GET
H2 200 grJ8HN93BIDFy0ty.json Show response
cdn.userway.org/remediations/consolidated/1430254/ 389 KB
38 KB 82ms
82ms XHR
application/json 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1430254/grJ8HN93BIDFy0ty.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2424a0fab25d67b92b765724a250c3cf7bb64c45a3112456613753f79f8787db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:11 GMT
via: 1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: MUC50-C1
age: 15706
x-cache: MISS
x-77-cache: MISS
x-77-nzt: Abk73BC4PaCh
x-accel-expires: @1699632371
last-modified: Wed, 09 Nov 2022 20:39:15 GMT
server: CDN77-Turbo
etag: W/"7837bcc502237572796df080b0240358"
x-77-nzt-ray: fffffffff02cf23673216d638e46a331
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: https://www.primeres.com
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding, Origin
x-amz-cf-id: qAoqcCLvhU269Z0RPPKoj9dGuQo0kVLCtL8BFZruDW1J8bFOBgOEUw==

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 931 B
1 KB 10ms
10ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:11 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: MUC50-C1
age: 14
x-cache: HIT
x-77-cache: HIT
x-age: 9090947
x-77-nzt: Abk73BC7bw//g7eKAA
x-accel-expires: @1684925424
last-modified: Sun, 17 Jul 2022 17:46:41 GMT
server: CDN77-Turbo
etag: W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray: ffffffff1f34c01c73216d63ab4a3e33
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
x-amz-cf-id: LW5sPHJ1Zk9HfpnehI_g2SHOCjvxy94UcJ6s3PZNZdWcJKFt_pjy9Q==

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 11ms
11ms Image
image/svg+xml 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:11 GMT
via: 1.1 7e5808188f3301eda7b952b4c6dfa208.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: MUC50-C1
age: 11
x-cache: HIT
x-77-cache: HIT
x-age: 9090950
x-77-nzt: Abk73BBSbnz/hreKAA
x-accel-expires: @1684925421
last-modified: Sun, 17 Jul 2022 17:46:41 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: ffffffff1f34c01c73216d6391fd4833
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: i1BzXZyOhus3Au1C1bF0KthWrHSBx3tr6xSYH95K0m6XwpVrCgum-w==

GET
H2 200 mega_menu_helper1666879255587.js Show response
cdn.userway.org/widgetapp/2022-10-27/remediation/ 6 KB
2 KB 10ms
9ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2022-10-27/remediation/mega_menu_helper1666879255587.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 10 Nov 2022 16:06:11 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
content-encoding: br
x-amz-cf-pop: DUS51-P1
age: 1688
x-cache: HIT
x-77-cache: HIT
x-age: 1214366
x-77-nzt: Abk73BAWoGj/nocSAA
x-accel-expires: @1692802005
last-modified: Thu, 27 Oct 2022 14:03:35 GMT
server: CDN77-Turbo
etag: W/"958b69af992f3dd795e8cc5960298ea2"
x-77-nzt-ray: ffffffff1f34c01c73216d63f4973534
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: d3mwpOWApILc4Sf0pFznlenSfYYWYxaOeMwDq8ueYHInz-h0fVbHmQ==

OPTIONS
H2 200 links
api.userway.org/api/br-links/v0/ Frame 0
0 184ms
184ms Preflight 44.236.209.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.209.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-209-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.primeres.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Thu, 10 Nov 2022 16:06:12 GMT
x-service-version: apps-bf5bf1e2

POST
H2 200 links Show response
api.userway.org/api/br-links/v0/ 78 B
418 B 186ms
185ms XHR
application/json 44.236.209.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.209.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-209-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: dd2d634102a74aabefcd5646a53434915ad1ca76ba0b0d946a30413b1a000899

Request headers

Referer: https://www.primeres.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 16:06:12 GMT
etag: W/"4e-bATfDNFFpiypbcEpnqo1KJ+BjBc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 78
x-service-version: apps-bf5bf1e2

OPTIONS
H2 200 pdf-links
api.userway.org/api/br-links/v0/ Frame 0
0 186ms
186ms Preflight 44.236.209.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.209.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-209-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.primeres.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
date: Thu, 10 Nov 2022 16:06:12 GMT
x-service-version: apps-bf5bf1e2

POST
H2 200 pdf-links Show response
api.userway.org/api/br-links/v0/ 20 B
359 B 201ms
201ms XHR
application/json 44.236.209.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/br-links/v0/pdf-links
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.209.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-209-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a72f113621332b3c6949b46f3f458ca7573e988be1d761ef5f64e0efc4229eb5

Request headers

Referer: https://www.primeres.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 10 Nov 2022 16:06:12 GMT
etag: W/"14-WuxC1cU3wqvkAtHVXQT1G8Pe7nE"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 20
x-service-version: apps-bf5bf1e2

GET
H2 200 2497329668356167 Show response
api.userway.org/api/remediation/moderation/by-page/1430254/ 3 KB
4 KB 190ms
190ms XHR
application/json 44.236.209.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/remediation/moderation/by-page/1430254/2497329668356167
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2022-10-27/widget_app_base_1666879255587.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.209.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-209-75.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.primeres.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 16:06:13 GMT
etag: W/"d16-qwWPihnPAtk7XZWAy/N6f6+uD/Y"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr430ad396055f400
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers: *
content-length: 3350
x-service-version: uw-pr

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.primeres.com/	1970-01-20 16:06:08	Name: visid_incap_2631594 Value: 8tOTid8FQXKQzU9Uedo503AhbWMAAAAAQUIPAAAAAADul/6GaY2nFULPgqGbGRZC
.primeres.com/	1969-12-31 23:59:59	Name: incap_ses_7228_2631594 Value: kTEtSaQ/tFQqHGYJQARPZHAhbWMAAAAAyd3Mfw1bgRBiAildB94mSQ==
www.primeres.com/	1970-01-20 07:21:36	Name: ___utmvc Value: ulZ7fbgOZpjJCSZ2L8CMPxkDEhGJyAbvI2TnePx7dovZHYU/a9hzbxG6N/ZFUv2OYcrXzjcjGDhLzKpHwYx4ktYC0q2PsT2JTlT3GnpoDbQDdyes2tDvnd8DixhvczgetG7TqRk/P4WKZtv+X7VUb5FbKdtSdkJ+VPVIDM1B+JglNKil1TwarQKx+9p/DxEjNdc7j4tmJyDgBwnWDZgvk9ZTGGAG32VVTz3Y0Dk8hWB0yW++a8mSAIy/M1HTan6gctguds4yRbTH1mr5qh494Nl1AvWMBa34zebA2bzvK+G2p+1lznE7m2hQZZ8Y2U85LMiX7CnERZfbwKEAiKYZjPpsZKKONDJDGnjYOQPmnDDYZBgNB4ekbDYP+EO/CQY8dkODaOquTNc/Dh9+/dCaLECdgIdNpMPRUkNWr4xPJFtAWrKoOA/TSxhR1whJyKG9QV7lyySP0xr7j0AfRCQqojZtjIlD5tPzl4dvauCZD7zlJvOprNyFmp7eS1ppyElnx7a9uM2Bp+mklMKYSxw0En8XxNZuAgb7BZk5wMVa35NGBUvmHwiBfKaMHaCamKrbU2rm8uhfnICQ5ljuXFiiYbguY9eH2BHUqrqhCAyPjPOYpJ4c0HNbFI7TA95R1xaGTsrvAE+Sh8JqUxfJhX9l/34zL2Duzensi30iCgdqofQ8PR8TU0CmvEQ26vlIOljvdDw9kFDq6z5iXsqnndaz2DjWH7moCdFWWklZXwbvaeKx0cS1E0qj6PXhuDCEJzYr1GzJGuFMlbtmW2mNs1FNd1NY7P4gZ+2O+Ai8S4UJQcJjb9YV7v9+is07/+M1Omn0wRmTdjW2rmjy5+lZ4b6J8jeNSJr5GokWV4bysEb5hFpXNz3c20vG4IbXPWOk8jM5Detc3pVbYdZoDJn5Gv5fnrkWf2lxuYCUS+PGkeSWuOHaNZtw45yiwpxIqSHPILZphLzMt/LneTjpSeK2wRgorADAVh+nEWPXiqEhXfS5nZTIlWqFE6wXmRZWxrbCwJvDZm5X12x7/QbbS8aEYN0plbasvmJjF7nYM37pS4hPV3Gu2fRJt4h2bnuzI0Y6qgIazJ6YDgErGAux+ZpTkPLK8hAnPIq2z1otyURLPm57QBceN2k6XndWM1D9Cl1j6hOYnXX4VD1AeXNpwSsDgZmH7kHzPZCHdIrr/5CHg/AQNBAiKf655LjCljrLZkSh++52xFysO+qbvBbGDu7cBnhsKXqDUNaDaTIuLU7fAJuMZqO/WCFBbhsvZ5/WBnX4JmgOVFcE8lOx57hzw9/RTT5T+2BdRBwlqLL6whO0aESZA/dLl4V3LM+Fw77nDaGoGd7RpTUBW/D9JNMrDfOgfsNtaMP+b3d5y4kgRpZ63F0neYTdzD8Q++ZbCdjaB5Y6PZgEphqNp+jvES0IiVrxv5lCWKouqJ0dRnrh/yyUxfy6GrKZWa6yLT2T9p2hyl5CvJlJzal851cdkZjfAZx0vWPlPFvqhs7p/ojsS4uuKNLZkz3U5zRxi4vKJUVbNYM/LIJYI5jVkVaTFOok6gYiIr1wuWFp5Z8YpSNQvnq9q0FwjWvyB9WlNFGGtQnLSdvopvTxHJPoMOKcPvVWfic4FHh9YMqdVzdnSYaNiaFNAiG1FRBTXhH5GUwUjQ8yi+48fL8I0CblN70leVFbEjxA+CW3WVd3y0HJ+NrVdGYmk2xvpcigSRRUDzxmSxK/3F+6ZGWynhVrFtNjoTjgcmDRzU4WMqoaN1yyml+AL9iKWTxKnYNhnSX1Pmn7D9Cf3mpCgPsizXjKQlgFSUXUl6W9R/IPRqCeTmQ2Xedy3UX9VLqc5aw7nQbcg2IxMPRBO0KtMKgOKdj8fYnMRY4E/FfHiKKTqzzWbZoNbU9SDkjwrt68StBy3i6ifqzaEuxuUI4oL6ZAVQFy4GdFV5VxbieL+OPUdWHyOHnRvI2woUoMwhnyTwIrw46EYNZtwYSj+25STVTC8SzPVX6fTF616eNL0cRVPXSJVit7QZEqywxr9WtdztyJFT3EfWNUW7AccJ9kdiviw7PSn/cnDW3j2Gvu9h5lhX6B1j/cLXtbP/S8m3H/jyK6nm2h8qUUqLCqr7qdaJ1Nfj/Dp7+tw6fdOlY4r6GkBVLJ3JR94W1ueFsS2x/lhAz1Er9Zy+7u5PFSgjbJXWqZgO2aDLI5yuY2zL8StWm8MzKAOgHa7oRSuPYeLph7rvTgW/6/rRXM1LOLe7nD99HdGgpPX+S88aYVQeNb8kupGXCvpNtVGI8V3k6/r734j3zGEtJ3kMwFMz8Ehdw+wze97cLEIviksb0gk6X94XSykOuOOrqieYN7uuc98tsjpBr9KwAtjIqXmmtyH/ZQpQLSJZpfjLbuEp2tybb3a8ZhtiCCFe5twOcDvNjLrHzZGmMviKCLFmWu9k0mq/RoFrFBakEaS1SyJgsatrBX49ju1pNYFMC408ZCTaWUF6DN7LyumO4X8tYi6GbkpuWJkVGGzirAwwladhwI4dBbhClG0oNEc8m7mKYmIAhEgeLE9m1IVYXNIAJK8uGhWt2GAf00YrxlLGtNtoXx0XQ095vzM6NVqlKCXknZg1oE+DVzEJpgv6CU+xLWrHgQT+ADm7wI8dx6Z3plxGVhzwIsNNo+bj0FfHjcqmvuGmdNK+Zo1TOlz/xT0rHHuv+SBtuN+iikLGRpZ2VzdD0xODM4NjUscz1hMjliYTNhMzliYTM3NzkwNjNhMTljOGQ3NzdiNjI3ZGE0NjY3ZTdlOTc4OGFkODI3NmE3OTk5ZTgyYWZhYjk5OWI2Nzc4ODU4NDg5NzA3NQ==
.primeres.com/	1970-01-20 16:57:36	Name: _ga Value: GA1.2.573291247.1668096370
.primeres.com/	1970-01-20 07:23:02	Name: _gid Value: GA1.2.1111030291.1668096370
.primeres.com/	1970-01-20 07:21:36	Name: _gat_gtag_UA_145993286_44 Value: 1
.primeres.com/	1970-01-20 16:07:12	Name: _hjSessionUser_1983834 Value: eyJpZCI6IjU4MzZmNDUwLWI0MmYtNWYwMC1iNjIyLTg3ZmU5MGFlMzAzOSIsImNyZWF0ZWQiOjE2NjgwOTYzNjk5MDQsImV4aXN0aW5nIjpmYWxzZX0=
.primeres.com/	1970-01-20 07:21:38	Name: _hjFirstSeen Value: 1
www.primeres.com/	1970-01-20 07:21:36	Name: _hjIncludedInSessionSample Value: 1
.primeres.com/	1970-01-20 07:21:38	Name: _hjSession_1983834 Value: eyJpZCI6ImFhNDNkMzVlLTFkOWMtNGI0YS05YTIwLWQ3NjNjOTIzZTA0MiIsImNyZWF0ZWQiOjE2NjgwOTYzNjk5MzMsImluU2FtcGxlIjp0cnVlfQ==
www.primeres.com/	1970-01-20 07:21:36	Name: _hjIncludedInPageviewSample Value: 1
.primeres.com/	1970-01-20 07:21:38	Name: _hjAbsoluteSessionInProgress Value: 1
.primeres.com/	1970-01-20 09:31:12	Name: _fbp Value: fb.1.1668096370105.1188959500

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.primeres.com/ResourcePackages/Talon/MVC/Scripts/AwardsSlider/awardsBanner.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.primeres.com/404.aspx?aspxerrorpath=/ScriptResource.axd Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
api.userway.org
cdn.userway.org
code.jquery.com
connect.facebook.net
in.hotjar.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
ws36.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.primeres.com
107.154.80.89
108.128.255.0
108.138.17.79
18.64.79.117
18.66.112.15
18.66.147.113
18.66.97.10
2001:4de0:ac18::1:a:3a
2a00:1450:4001:80e::2008
2a00:1450:4001:830::200e
2a02:6ea0:c700::10
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
44.236.209.75
54.77.201.84
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0991fef79e46138a282d0b02762f1b1a05bbeae3130fae2d5fcfaa61fbca0fec
0e241bcda4c69cfdc353948f11a7cab717fb0ee72e681b36251bf4a5ad292e73
0f23979ea4418092b167862c5c1f4b74e788e9b8af010fea032cc213a8ff0da2
226cdde95371cbaf5bf5408613a903ecc3b5c7a9fa8d0757f1546b080f28138a
2424a0fab25d67b92b765724a250c3cf7bb64c45a3112456613753f79f8787db
30340b72c6991d891792731fb1dd492ff6a2c530adee3b22d13c5fbc522601e8
45db0e0b7484de81e3338e7623f053fb0eb9e45991ea66729a0431e682eb7922
57e60409d5d8689f7d11df7b61a86308a607554160e276a06451b6135c26c14e
5a930c08497411867d6492692e0b73eacf0795b92ff56a3d180678439fdf9fda
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8077f5c0ed169e92f2e37564966e9d41f3ae6429b0e13e4d21dc0c57b4b55703
817738fae280fcbc3d17b54ee83301125c975a1378db6a8c779f4e34771caaf1
820b8b2bcc9a0c0d7c889294b86fdcbbb72937fd11d813ba1c87d53209ce91b9
84fd546c645b59fd37fe279dad317df63fb7b3e2acec2fc7c740afdc94945f1f
908827fff46c5a42f11b94725c092d8e116812e32722d6d8e16e066146efc5f7
95d7222c7b034721e05fa48cc4eed24e3a857183f74411010c8e390b0d21a979
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
991c9519d27aaeecc44141e98a1f86b79c68cb835a66e04af960b874246ab96e
a0084043f26a51ea743463b4a653e4850cbaae0868832e4471a199f753fc6b27
a69ff6d89958a2106947fdf8003b6f3fd3808cbc36552e44d5e40b2cdc065092
a72f113621332b3c6949b46f3f458ca7573e988be1d761ef5f64e0efc4229eb5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bbd6033ebeb53a3edb1912de7cf82c3857c375b646bdcb69096c281233c88ae7
bdcbc89391aa102582b534556887a7e27efb13b0025724e914f5308a20448e18
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e
dd2d634102a74aabefcd5646a53434915ad1ca76ba0b0d946a30413b1a000899
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f20570d52ea610bf2defe88d4e6824dcce903a39d5fbf874659004ec7316a2c3
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fd737b8f00a5f9fe175f9d9c0797eacab75b820f330f6e38573201ac8deef3da

www.primeres.com Open in urlscan Pro 107.154.80.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

95 %HTTPS

40 %IPv6

10 Domains

15 Subdomains

15 IPs

4 Countries

651 kBTransfer

2219 kBSize

13 Cookies

8 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.primeres.com Open in urlscan Pro
107.154.80.89 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

95 %
HTTPS

40 %
IPv6

10
Domains

15
Subdomains

15
IPs

4
Countries

651 kB
Transfer

2219 kB
Size

13
Cookies

42 HTTP transactions
0 data transactions