www.primeres.com Open in urlscan Pro
2606:4700:20::681a:7f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://loanarranger.biz/
Effective URL:
https://www.primeres.com/dmcclelland
Submission: On June 14 via api (June 14th 2024, 3:08:41 am UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2606:4700:20::681a:7f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.primeres.com.
TLS certificate: Issued by E1 on May 21st 2024. Valid for: 3 months.

This is the only time www.primeres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
1 20	2606:4700:20:... 2606:4700:20::681a:7f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:266... 2600:9000:266e:5400:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::644	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	13.33.187.40 13.33.187.40	16509 (AMAZON-02) (AMAZON-02)
9	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 _) (CDN77 _)
1	2600:1f14:5db... 2600:1f14:5db:eb22:9a9a:905:9298:8823	16509 (AMAZON-02) (AMAZON-02)
43	12

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

loanarranger.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:7f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.primeres.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:5400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-40.fra60.r.cloudfront.net

accessibilityserver.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:5db:eb22:9a9a:905:9298:8823 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	primeres.com 1 redirects www.primeres.com	1 MB
10	userway.org cdn.userway.org — Cisco Umbrella Rank: 4576 api.userway.org — Cisco Umbrella Rank: 4468	82 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	82 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	165 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 457 fonts.googleapis.com — Cisco Umbrella Rank: 77	32 KB
1	accessibilityserver.org accessibilityserver.org — Cisco Umbrella Rank: 36801	2 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	wistia.net fast.wistia.net — Cisco Umbrella Rank: 12164
1	google.com www.google.com — Cisco Umbrella Rank: 5	973 B
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 5871	62 KB
1	loanarranger.biz 1 redirects loanarranger.biz	330 B
43	11

	Domain	Requested by
20	www.primeres.com	1 redirects www.primeres.com
9	cdn.userway.org	cmp.osano.com cdn.userway.org
2	cdnjs.cloudflare.com	www.primeres.com cdnjs.cloudflare.com
2	www.googletagmanager.com	www.primeres.com cmp.osano.com
1	api.userway.org	cdn.userway.org
1	accessibilityserver.org	cmp.osano.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fast.wistia.net	www.primeres.com
1	fonts.googleapis.com	www.primeres.com
1	www.google.com	www.primeres.com
1	ajax.googleapis.com	www.primeres.com
1	cmp.osano.com	www.primeres.com
1	loanarranger.biz	1 redirects
43	13

This site contains links to these domains. Also see Links.

Domain
myloan.primeres.com

Subject Issuer	Validity	Valid
primeres.com E1	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
accessibilityserver.org Amazon RSA 2048 M03	`2023-10-07` - `2024-11-03`	a year	crt.sh
1667503734.rsc.cdn77.org R3	`2024-05-07` - `2024-08-05`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.primeres.com/dmcclelland
Frame ID: EF71B01E08A66A98CF355DB7E2A0887C
Requests: 41 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/v6egq2kd9k
Frame ID: D7E248213DC32408A34AD80EF9BB95E2
Requests: 1 HTTP requests in this frame

Frame: https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 0811AC444BC152F9AE01478761B37B0D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deanna McClelland Loan Officer in Vancouver, WA | Primary Residential Mortgage

Page URL History Show full URLs

http://loanarranger.biz/ HTTP 307
https://loanarranger.biz/ HTTP 307
http://loanarranger.biz/ HTTP 301
https://www.primeres.com/dmcclelland Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

43
Requests

91 %
HTTPS

83 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1889 kB
Transfer

3067 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://myloan.primeres.com/#/loan-officers/dmcclelland@primeres?utm_source=website&utm_medium=direct&utm_campaign=sitefinity
Title: Apply Now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://loanarranger.biz/ HTTP 307
https://loanarranger.biz/ HTTP 307
http://loanarranger.biz/ HTTP 301
https://www.primeres.com/dmcclelland Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request dmcclelland Show response
www.primeres.com/
Redirect Chain

http://loanarranger.biz/
https://loanarranger.biz/
http://loanarranger.biz/
https://www.primeres.com/dmcclelland

37 KB
9 KB

2385ms
2137ms

Document
text/html

2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12606295aabd6b31b4517f0889db6a240a782b8f76221616154284038d279599

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 89371dd018633664-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 14 Jun 2024 03:08:34 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3U6labnMokmlpgyj0dI%2BI8mFFjIPPccC5xyyw4l8CP%2FZsNTB8pHDxIIOQJjXrMJZQ0yRDERzbp%2FibXVmKcqzgaM37RgixQYdF%2BLRAIHX0Nn%2FW8JeB86Xql2ANQgShKkNg4hMlreUqELQj4jOWk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 71
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Jun 2024 03:08:32 GMT
Location: https://www.primeres.com/dmcclelland
Server: ip-100-74-4-232.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 5fbc80c3-1b0a-40a5-89ca-e9e6ecbe3f1b

GET
H2 200 main.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-c/ 230 KB
81 KB 32ms
27ms Stylesheet
text/css 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-c/main.min.css
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3a743049c815973d7f39dcf98e3785fadad637778a5383a87e65a586ef153885

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 22:51:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 92238
etag: "c4b7ad4f9aa1da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5VcvLNxVlSzKSXS7BSnlbVWM%2FuNY8KChRPu18yo7AXOhTgvljYkWVi2YGGho8qHWLK%2F7xOsEQUTLnV%2BiN5I7mHcPk3na7rT2xFHFjokxQemGkQSuBd0P8MNKXw7gnQSGoSEmeIfAxs4fTKkLeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2678400
cf-ray: 89371ddd89b23664-FRA

GET
H2 200 osano.js Show response
cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/ 246 KB
62 KB 341ms
274ms Script
application/javascript 2600:9000:266e:5400:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:266e:5400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

da3f46c0901b69b64e8febebdd1993654bdc9c30211ce5bfa7e8928836cdc045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: br
via: 1.1 e030504e72fa75d92c1856a58b964932.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P8
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 62401
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 Apr 2023 20:14:13 GMT
server: CloudFront
etag: "2034e3f0ebfa761dc032614469ba430d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: 7xgdOy5iE9zcdI0STiP73ZqkPM74QiQB1015UO4a-5E9QZBfwrDUaw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 81ms
20ms Script
text/javascript 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 02:54:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 02:54:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 115ms
45ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125991068-3

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dd361bc715916ad20ea2dfc71020659deea5dc1d380d44369af468b1a1f3be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 03:08:35 GMT

GET
H2 200 ScriptResource.axd Show response
www.primeres.com/ 87 KB
39 KB 617ms
613ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 03 Jun 2024 14:51:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tx9jZ9WmNrGlsorgEFhQp6MlloStbQuCVL5d3PY8%2FmgecvtaMdbTCUmzfopc3d%2Fo7UpCqlo098CcnGdnAgQMzgVJBC%2FZZUD4gPbJMivheKKhaxVuYRJHMSwtPo1eBWD3kEB%2B8gvntn%2FlUZjQ%2BjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: public
cf-ray: 89371ddd89b53664-FRA
content-length: 39727
expires: Tue, 03 Jun 2025 14:51:26 GMT

GET
H2 200 ScriptResource.axd Show response
www.primeres.com/ 8 KB
4 KB 172ms
168ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESC_qUolZwo1n3vj1YFHzD3XOGiz_tRVofSTf8VnvS1QxJ_R5aqcQA06ycwgEy04IbyYldtdt9K8GKTZqlUPe3d9y_KA1Ig1w5LHMyOrTTItxE1wXGq56h-coINekOFT0HiDSlsSVgHzyA2BvbNdn-mfCikSuSmXBRm8HQVMbUwOb0&t=a366992
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 03 Jun 2024 14:51:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZBMG1e%2BpE1tif6Pq8fgL7QwrAH12hzrUtLi2tq5WfwkpPc0zOOtrJn3I8z5mqqcKQyjdDEuqyt09HkLnlaIzIjQzOr5oHCdm3Yx2Jqe8MSiOu%2Fnj6M6Cve5jzZd7IJ%2BcUo3sopnGpDmCxjRtSHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: public
cf-ray: 89371ddd89b63664-FRA
content-length: 3834
expires: Tue, 03 Jun 2025 14:51:26 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
973 B 86ms
42ms Script
text/javascript 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56ec0991f51b88c5ace858a7dbc380727ed176ed15dc34fb35776951aa17b330

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2024 03:08:34 GMT

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 53ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 278938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FJdloP1fquPXA55Olmc6eLbI8EhKQTcn94vOoLEeo3B%2BsNYwUKOwmYm4RG2h9PlO%2B%2BSIBswPVGq53JLM%2BxcB5rlKAuVNydQu%2BBR%2F4Syp9OIW%2FlFaF2X7M6wj3KO8J6x%2BbjAkCcJfMJN%2B3gbq1xfqX2T"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89371dddabf49f26-FRA
expires: Wed, 04 Jun 2025 03:08:34 GMT

GET
H2 200 email-decode.min.js Show response
www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
22ms Script
application/javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jun 2024 17:32:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66688a1d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h48axF6BkvNPucPujreS4NqopPTibnn6Vj1S5EavH3LbVRuD223Yv24nDt0RaGVGhed9afka8IeACAA9Djv7%2BVB52PrYEX9Kbcoi8MQwmMSAJycPIpkZstAQEKM53RMeqjMR2wR0Cy%2BbZjZv6jA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 89371ddd89bb3664-FRA
expires: Sun, 16 Jun 2024 03:08:34 GMT

GET
H2 200 all.min.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/ 92 KB
32 KB 50ms
47ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon&v=NDMyOTQwNjQx
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 29663
x-powered-by: ASP.NET
content-length: 32145
last-modified: Thu, 15 Jul 2021 09:26:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9j8NMiy3Y9rbaxCqC%2Fe8YZtbPL4f2Ar%2BVzOzyjc57lomY%2BtbU2aJSOvzceOtClhdI86xIEoDBUiH3ICAQ1SaR6aB6LnCWJZgSRE6pYmkiI3tsHDQPqol63zT6wJdjZRTpAi%2B2aoMYI7YTqZ9qkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89371ddd89bd3664-FRA
expires: Thu, 20 Jun 2024 18:54:11 GMT

GET
H2 200 text-field.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/ 5 KB
2 KB 505ms
501ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/text-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c5581746eabab90e67779987d5d9696811fc377604e490fbd3457898d26dfa8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 1240
last-modified: Thu, 15 Jul 2021 09:26:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzTDYTmhR7wM9Ri4aOk0%2FFOnzcMH%2Bcp8kOLpT%2FFciVl%2BoayVyHBXUEzDalWce887n32z3yhcf5ddMxG4RVe9g1%2FeZOXNlSVTo1JjmYFof4I0m1xDYtu5HGUnBeOBvEhD15IsgBaS%2FSuGG2UWzuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89371ddd89bf3664-FRA
expires: Fri, 21 Jun 2024 03:08:35 GMT

GET
H2 200 paragraph-text-field.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/ 4 KB
1 KB 523ms
520ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/paragraph-text-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 221d55c08e2763b2759f58f7224bf3ef60951851393f1d68533089fdb29edc9b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 1116
last-modified: Thu, 15 Jul 2021 09:26:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twcCPdVj7wS2X64DU9uFFMVsh9PCP4UyP%2BiY%2F6%2FaehiPVSP02Ka3Ff0wwiTuWgAuqL652rsvP2z2%2FopsqN%2FYpYCSeWw9gkS7nhU2rIuGUCdhNR%2FBwkOyoIYbqoudfwkWa9s6X1LfQwCdCn1sSMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89371ddd89c03664-FRA
expires: Fri, 21 Jun 2024 03:08:35 GMT

GET
H2 200 checkboxes-field.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/ 5 KB
2 KB 521ms
518ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/checkboxes-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 278941e3db0ce75a5270d1efe562131453a2394b021de7e35dabecb2405636f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 1485
last-modified: Thu, 15 Jul 2021 09:26:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WqLrc7jI2of1MTIEDw9UA1nznGhKPlFO6WZh%2FjHD%2FJGHFY7hfGBLx8XdU0u59U2xSYurYjRqDxDWvPa2iXCt0c3gbqq7Ka%2BW%2BOqSTVs1cnIuxAY3ms3M0eY5jneLNvSQW1n5TDajhWNu9r9Eoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89371ddd89c13664-FRA
expires: Fri, 21 Jun 2024 03:08:35 GMT

GET
H2 200 submit-button.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/ 3 KB
1 KB 508ms
506ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/submit-button.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 36073aa5b4384448b2c162f08124cc5cf1629bf425af43f21340667fc3a0b93e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 998
last-modified: Thu, 15 Jul 2021 09:26:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FCCyyxHaLctWuezmzH2h3pGD%2FtqKkoVwVR7jth%2BFEMOwf%2Bh3Pi3LQwgYP0937Ag%2FyeHPjVZcLiW9RxHmUATmKrG3CdRmBJsD7GjPRyAfHOXRuVBbuzhTJMkB%2FQLw2kHaBk0uCqYRuo%2FhzqQKcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89371ddd89c43664-FRA
expires: Fri, 21 Jun 2024 03:08:35 GMT

GET
H2 200 utm-campaign.js Show response
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/ 4 KB
2 KB 50ms
47ms Script
application/x-javascript 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/utm-campaign.js?package=Talon&v=LTc3MTA1MzcxNA%3d%3d
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 29663
x-powered-by: ASP.NET
content-length: 1638
last-modified: Thu, 15 Jul 2021 09:26:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lemT2N3D49hTTXVJFCj%2FQv7ZvSzFbuYNLSXL3TPswyTvOBCQozbRUMfYUbVZvTQILO1FR%2BLGbA0dw1kIGXk3nXEunxYcKqc%2BvKU8qGhy35O0eA0qaF5PuJ%2FCD3tnZlwa%2FnZTHIpBROswwEgo884%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 89371ddd89c53664-FRA
expires: Thu, 20 Jun 2024 18:54:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 104ms
42ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-c/main.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84db9cfb2c723edcb60b031cb2864d049110ebd06e33ce5a59d6d51587285643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jun 2024 03:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 03:08:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jun 2024 03:08:34 GMT

GET
BLOB 200
OK 92c4c3c2-231f-44ca-a881-49d9ba00f372
https://www.primeres.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.primeres.com/92c4c3c2-231f-44ca-a881-49d9ba00f372
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 984953d4-b6f9-493b-b4e7-fbe446279d10
https://www.primeres.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.primeres.com/984953d4-b6f9-493b-b4e7-fbe446279d10
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK f656505e-8110-41b4-874e-4635cc0adf26
https://www.primeres.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.primeres.com/f656505e-8110-41b4-874e-4635cc0adf26
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 257 KB
90 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T6N4PBJ8FS&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af00f944f94e65727ae7e30dbcfb8f8c6556944ba2d0f585e17534458f7387bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 03:08:35 GMT

GET
H2 200 svgs.svg
www.primeres.com/ResourcePackages/Talon/assets/svg/ 45 KB
13 KB 31ms
30ms Other
image/svg+xml 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/ResourcePackages/Talon/assets/svg/svgs.svg
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f61df1f1f30082d6ca1072c900157805b81556305b529da4c39be88a60def1ac

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 20:55:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2296793
etag: W/"7a275c8aa1da1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwa4D4brxGfQy04MKyfx2QKKY6iQEYkUlnkFsoBzg7D4giod0oNkQQtsdsbVVpYKLKs46so2oibaGtQewV%2BmPxcE2lksmq9%2Floreq4yaqktxLxkm70Fbmsv2gfHijvrqw1x2vfAFyzt39Mh2YSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2678400
cf-ray: 89371de17cb53664-FRA

GET
H2 200 v6egq2kd9k
fast.wistia.net/embed/iframe/ Frame D7E2 0
0 72ms
21ms Document
text/html 2a04:4e42:400::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/iframe/v6egq2kd9k

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.primeres.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 18660
cache-control: public, no-cache
content-encoding: br
content-length: 3325
content-type: text/html; charset=utf-8
date: Fri, 14 Jun 2024 03:08:35 GMT
etag: W/"58b2313ff540b275e2258063c6ef7214"
server: envoy
strict-transport-security: max-age=0
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 f37f104903bda438e8b0547be6e0c192.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id: X6rD9yAwWwspFPSWWdYxEXP-Iq9vmRgEyFpMGmnbOx5NA0yi8I116w==
x-amz-cf-pop: IAD89-C3
x-browser: chrome
x-browser-version: 126
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 3, 0
x-content-type-options: nosniff
x-ecma-v: modern
x-envoy-upstream-service-time: 270
x-permitted-cross-domain-policies: none
x-request-id: 4d502604-4ade-4fa1-a4a5-16dded97d95c
x-runtime: 0.268086
x-served-by: cache-iad-kjyo7100131-IAD, cache-fra-etou8220129-FRA
x-timer: S1718334515.499837,VS0,VE1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 template-c-hero-1.jpg
www.primeres.com/images/librariesprovider259/default-album/ 310 KB
311 KB 759ms
758ms Image
image/jpeg 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.primeres.com/images/librariesprovider259/default-album/template-c-hero-1.jpg?sfvrsn=36dd1b1c_2
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b875e094b38607244a6a3c751c0195c95147551c016c065f714c8eeafcdb1dc0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=template-c-hero-1.jpg
content-length: 317392
pragma: no-cache
last-modified: Fri, 14 Jun 2024 03:08:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IY65TDMjGFzdp4keVGEQuTV82WwyUhIZlG3YL%2BSqSdQqysiKXxC4hVXU4r2A4ED8hxZltmZPzIkDpzvYi4iwsYVsEEur9ff64D9ZXuKxqRFX6EtEPrkSS0e0THVZbRbiFgOToW5KyOHBRqMaEQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89371de19cd43664-FRA
expires: -1

GET
H2 200 template-c-hero-2.jpg
www.primeres.com/images/librariesprovider259/default-album/ 580 KB
582 KB 742ms
742ms Image
image/jpeg 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.primeres.com/images/librariesprovider259/default-album/template-c-hero-2.jpg?sfvrsn=d5836d1e_2
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 255cca76f532368a88d2b73a0008ae46fd3ad23d6eaa440ee1ff1c75b8371eb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=template-c-hero-2.jpg
content-length: 594412
pragma: no-cache
last-modified: Fri, 14 Jun 2024 03:08:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msnMGXIh67CubfLs4yo9kRpO9aG44btInqzLYrNDFSKD%2FubTdnkzKq1N4yP1Dfnou2u69OjjWL6FeCHd5G1RGlUSC9BLp5bo%2B%2FqErSIhRg7yWsChesy6p9ysiqe7sv8XKZU3HWpyKXS7z7Jt9ow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89371de19cd63664-FRA
expires: -1

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 80ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:16:13 GMT
x-content-type-options: nosniff
age: 31942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 18:16:13 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 52ms
29ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7529821
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hfOdWbgvBgbBYkPfyz%2BlPOTLpHevDpD4Ulz5U4gXaVXfDVZXhioMnPN635v%2BMBjqn6f5uf%2BOCgxDef8PQPjJUHpHkrknNpnQrr7Uew2HFX0sHBb6qyO9KVhaWwaC%2BZl5iaSzT1niX%2FwPQAD6EgrkL39"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89371de219042bdf-FRA
expires: Wed, 04 Jun 2025 03:08:35 GMT

GET
H2 200 deanna-mcclelland-headshot.png
www.primeres.com/images/librariesprovider259/default-album/ 171 KB
172 KB 766ms
766ms Image
image/png 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.primeres.com/images/librariesprovider259/default-album/deanna-mcclelland-headshot.png?sfvrsn=d98e9334_2
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9dd532ddba21301bfbc5656424bec3a4ec518e458f2671ec9a7168f4a2334fd3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:36 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=deanna-mcclelland-headshot.png
content-length: 175135
pragma: no-cache
last-modified: Fri, 14 Jun 2024 03:08:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQHnNzjbt4ZR22fHSJjtnR4y3vq0q%2FToLDclkGOK2ImZm9A08IhhnppaMvYER393k2T53O%2F%2F8o7vORJaTILDgVbYg%2FOqs5z5lGG143EsArEkCotSkfqE8417xmRM1yd54YLEZUW%2BRL9EXmCDhT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89371de1fd063664-FRA
expires: -1

GET
H2 200 widget.js Show response
accessibilityserver.org/ 2 KB
2 KB 90ms
22ms Script
application/javascript 13.33.187.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accessibilityserver.org/widget.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-40.fra60.r.cloudfront.net
Software: CDN77-Turbo /
Resource Hash: e7ddba0a88efdcdc1fdcc2429ed7352b4ca5a1cd26f45a0b85f524df5101792b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 02:22:40 GMT
via: 1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront), 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10, FRA60-P9
x-accel-date-max: 1717789843
x-amz-server-side-encryption: AES256
age: 3127
x-77-cache: HIT
x-cache: Hit from cloudfront
x-age: 1838
x-accel-date: 1718207019
x-77-nzt: EgwB1GY4sQH3LgcAAAwB1GY4EQH3HAIAAA
x-77-age: 1838
last-modified: Fri, 07 Jun 2024 19:34:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: 1cb09c0eedf0eefc59c969660a027c07
etag: W/"a32b93d8834aaccf62e0d4008556c7e3"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
vary: Accept-Encoding
x-amz-cf-id: p24RYZmwYfiCyzTuipq4Ikr1x9NVifPGtneGXi-7uZMwHnIR016kKQ==

GET
H2

200

main.js Show response
www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 0811
Redirect Chain

https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

25ms
25ms

Script
application/javascript

2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.primeres.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland

Protocol

Server

2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c81cdbad17b878c0e8eff84346d95f72f8b1a678f0580d3b3ad21569860ceecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVPUyEd8Or1QNNfdZ%2FvmrVB4MTAUjWKZfADx8KGDSi6NclS0Ke7%2FwWi%2BSdlyG7fhKFXwsGxzeCMjY%2FpLzkEOJfHgRrXa39kJ8JBJPXBnI%2BmSL%2BI5x6KJ2C6uuJe2TSkDh7NkzHAu9RsDMoxG5ZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89371de25d8c3664-FRA

Redirect headers

date: Fri, 14 Jun 2024 03:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZIipMHO0YDOt5hfj2maFbqIWKrQZNv8I4Oz5KFWh%2FA9YF9fAqw9WG0IAEz%2FkBZbINYwSR7KXAMLsLJGq6y3qGMpLreb%2F5J2KHttrF9KYN8HYjQuCVHYCVaItqK2OL6gNOHWKsGjPaO%2BbCY4jx4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control: max-age=300, public
cf-ray: 89371de22d2a3664-FRA
content-length: 0

POST
H2 200 89371dd018633664 Show response
www.primeres.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0811 0
639 B 54ms
54ms XHR
text/plain 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/cdn-cgi/challenge-platform/h/g/jsd/r/89371dd018633664
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jun 2024 03:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 89371de2ddd03664-FRA
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xy2aq0C9oO8wF78yHuWw112kEbXjSuC0pMA3UyqWihSM3MX634YXmU4R77rxOZKsXJl4Fv6uaCWVEiJq2X39aeSOzY8w5jntWVNmuCNpvrSWfVFAEvbhSYYXNTBvv%2F5YT78Q%2B15C8G0g5TQIdLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 widget_app_base_1717788738291.js Show response
cdn.userway.org/widgetapp/2024-06-07-19-32-18/ 153 KB
44 KB 110ms
22ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/widget_app_base_1717788738291.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5ff3fed8b0be12e14856de501657bfcffa38af2bcc26053338937747bcb1aa91

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:35 GMT
via: 1.1 4711a6160d191e5827e72db73c0acff8.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 363
x-amz-server-side-encryption: AES256
x-accel-date-max: 1717789855
x-77-cache: HIT
x-cache: HIT
x-age: 544660
x-accel-date: 1717789855
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3lE8IAAwBnJIhJwH3JwIAAA
x-accel-expires: @1743709304
x-77-age: 544660
last-modified: Fri, 07 Jun 2024 19:34:14 GMT
server: CDN77-Turbo
etag: W/"d4d9dcceb05ddd3f3e8a61136c211e35"
x-77-nzt-ray: cf8787272bbea15e33b46b66dbf04d2d
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: -IPqQyf2sGPuYoSrNdwM5z-EuYkqYhrqnVwwVksixn04YVRBdqCgNA==

POST
H2 200 5E0vL5lD6Y Show response
api.userway.org/api/tunings/ 2 KB
2 KB 630ms
234ms XHR
application/json 2600:1f14:5db:eb22:9a9a:905:9298:8823
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/5E0vL5lD6Y
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/widget_app_base_1717788738291.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:9a9a:905:9298:8823 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 29a273b004b797099caebeab7ca9940384d1eba5ff519c9910ce774b48354b45

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Jun 2024 03:08:36 GMT
etag: W/"745-YMkJ0VxGN1vTuPFGasDpzKF9fUE"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr0114d21bbabc4bf
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1861
x-service-version: uw-pr

GET
H2 200 deanna-mcclelland-headshot.png
www.primeres.com/images/librariesprovider259/default-album/ 171 KB
172 KB 164ms
164ms Image
image/png 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.primeres.com/images/librariesprovider259/default-album/deanna-mcclelland-headshot.png?sfvrsn=d98e9334_2
Requested by: Host: www.primeres.com
URL: https://www.primeres.com/dmcclelland
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9dd532ddba21301bfbc5656424bec3a4ec518e458f2671ec9a7168f4a2334fd3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:36 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-disposition: inline; filename=deanna-mcclelland-headshot.png
content-length: 175135
pragma: no-cache
last-modified: Fri, 14 Jun 2024 03:08:36 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfiFHPliK%2Fs6sKWnTE9RO4ist57k3QFKuAKbDZpnZaTnqM6kStav4%2FkXQ98jQeKuSaI8nCQTac2eHvzLiXZzhNBIHq2gAq1KnNKq043YlzIApcyRIo4PFer5YqSD0%2F5vjKiKrhK9DcvMzPu5YDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89371de779513664-FRA
expires: -1

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-06-07-19-32-18/locales/ 621 B
1 KB 23ms
22ms XHR
application/json 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/widget_app_base_1717788738291.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:36 GMT
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 200
x-amz-server-side-encryption: AES256
x-accel-date-max: 1717789860
x-77-cache: HIT
x-cache: HIT
x-age: 544656
x-accel-date: 1717789860
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3kE8IAAwBJRPCNAH3zAIAAA
x-accel-expires: @1743709144
x-77-age: 544656
last-modified: Fri, 07 Jun 2024 19:34:13 GMT
server: CDN77-Turbo
etag: W/"85d8c40aac9c25bb0b993d4aa039a56f"
x-77-nzt-ray: cf8787272bbea15e34b46b66c854e71b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 5uARgZAfbXNvDUxFvVMXDq_mOKacu9wIXNrl0w7Jg_mh4y_92Fj8eA==

GET
H2 200 favicon.ico
www.primeres.com/ 15 KB
3 KB 616ms
616ms Other
image/x-icon 2606:4700:20::681a:7f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.primeres.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 122e4cb93b991803fb2dc9b3dac4e39738eeb508574409a7da359be0ec6374b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/dmcclelland
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:08:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 01 May 2023 19:32:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d3764b9637cd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oh3PjaC%2BlP869nRNzU1fDgt8s6bP9jePFNoFfQPwRtCAgmp5ccPrC6CpwXONcEhHXBohb7lL%2FTHGYC2XM6SigMUnpdP72vfUh8rGxKnFZ4MOFeL3LV43OCiSZAQCfZtI2vHntWewpSEqVdQe7ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=2678400
cf-ray: 89371de89a173664-FRA

GET
H3 200 remediation_1717788738291.js Show response
cdn.userway.org/widgetapp/2024-06-07-19-32-18/remediation/ 102 KB
29 KB 22ms
21ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/remediation/remediation_1717788738291.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: aaa87910d3ec363553b1839b9ebdf16e91a377ac8552c08b63e4f359b47418c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:36 GMT
via: 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 362
x-amz-server-side-encryption: AES256
x-accel-date-max: 1717789857
x-77-cache: HIT
x-cache: HIT
x-age: 544659
x-accel-date: 1717789857
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3k08IAAwB1GY4EQH3JwIAAA
x-accel-expires: @1743709306
x-77-age: 544659
last-modified: Fri, 07 Jun 2024 19:34:14 GMT
server: CDN77-Turbo
etag: W/"2fd29bc1847da2c61f5949be02f4155f"
x-77-nzt-ray: cf878727acc8497634b46b6603dbe039
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: 6q9lqd4IUF-6AU-NPJwE3JI4A7XjzgQif49Fs-MV90IwiA13bekYHg==

GET
H3 200 NpuEhscMaTBubVtF.json
cdn.userway.org/remediations/consolidated/1430254/ 46 KB
0 665ms
664ms XHR
application/json 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediations/consolidated/1430254/NpuEhscMaTBubVtF.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/widget_app_base_1717788738291.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:36 GMT
via: 1.1 65a6401ea3ddd96bdac1c7cee3b3893e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: BRU50-P1
age: 762
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: MISS
x-accel-date: 1717790624
alt-svc: h3=":443"; ma=86400
x-77-nzt: EggBnJIhiwFBDAGckiEfAfeUTAgA
x-accel-expires: @1749326624
x-77-age: 543892
last-modified: Wed, 05 Jun 2024 23:01:12 GMT
server: CDN77-Turbo
etag: W/"c254cf2075acdaa6ee27d496aa3ac1da"
x-77-nzt-ray: cf878727acc84c7634b46b663aeee739
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-amz-cf-id: HQcutEA-5Y7pexyCn0BzoE0biiOkpTxjikSrrmmZfOTP-UTFrra1vQ==

GET
H3 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 46ms
24ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:37 GMT
via: 1.1 c6e8f008a950e08db9c0a054276fe95e.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-accel-date-max: 1717789857
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 544660
x-accel-date: 1717789857
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3lE8IAAwBJRPCNAH3KgIAAA
x-accel-expires: @1743709303
x-77-age: 544660
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray: cf87872747cbf87635b46b66e31a3f00
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: z46YP6Rb6rC_g0Nmlonc8bqXD00lWIuGsYTxs6xJI3oJQ38xbHaB8g==

GET
H3 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 44ms
22ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:37 GMT
via: 1.1 3adffce7dd03a16d055927ad5fa7671a.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
x-accel-date-max: 1717789857
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 544660
x-accel-date: 1717789857
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3lE8IAAwBJRPCLgH3KgIAAA
x-accel-expires: @1743709303
x-77-age: 544660
last-modified: Fri, 22 Mar 2024 12:49:37 GMT
server: CDN77-Turbo
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray: cf87872747cbf47635b46b662ad83400
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: XnLEDFXfehkNjCLwiatrNVA3z14dijEG7Jz5FwkV7HlzRcQqBnXteA==

GET
H3 200 remediation-tool.js
cdn.userway.org/remediation/2024-06-07-19-32-18/paid/ 18 KB
0 2437ms
2437ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-06-07-19-32-18/paid/remediation-tool.js?ts=1717788738291
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:36 GMT
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: DUS51-P1
age: 361
x-amz-server-side-encryption: AES256
x-accel-date-max: 1717789856
x-77-cache: HIT
x-cache: HIT
x-age: 544660
x-accel-date: 1717789856
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3lE8IAAwBisclxAH3JgIAAA
x-accel-expires: @1743709306
x-77-age: 544660
last-modified: Fri, 07 Jun 2024 19:34:18 GMT
server: CDN77-Turbo
etag: W/"cfa5f88254d7b736d1ff05bbbdfbfcdd"
x-77-nzt-ray: cf878727acc8d57634b46b666b0c873b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: YCbk8CvkcZaqN6aHvI7jVT9C7bAL_pBR6ns97HY-FOU8razoMeJSbQ==

GET
H3 200 slick_slider_1717788738291.js Show response
cdn.userway.org/widgetapp/2024-06-07-19-32-18/remediation/ 6 KB
2 KB 21ms
21ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/remediation/slick_slider_1717788738291.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1f36da6a30925e3633a5d3ebc5855618be35c62b66b01a77df95d7141db3c8d2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:37 GMT
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 222
x-amz-server-side-encryption: AES256
x-accel-date-max: 1717789863
x-77-cache: HIT
x-cache: HIT
x-age: 544654
x-accel-date: 1717789863
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3jk8IAAwBJRPCNAH3sgIAAA
x-accel-expires: @1743709173
x-77-age: 544654
last-modified: Fri, 07 Jun 2024 19:34:14 GMT
server: CDN77-Turbo
etag: W/"1a701659b80691b69e5403af1b3c5c55"
x-77-nzt-ray: cf878727acc87c8a35b46b660978833b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: N4spYP3XJO8f-KVzBWN8gm2Oa4MDqQ1fWDjQnlu6zkS8MM-Wy7t74g==

GET
H3 200 nav_menu_helper_1717788738291.js
cdn.userway.org/widgetapp/2024-06-07-19-32-18/remediation/ 6 KB
0 2374ms
2374ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-06-07-19-32-18/remediation/nav_menu_helper_1717788738291.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.primeres.com/
Origin: https://www.primeres.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-77-pop: frankfurtDE
date: Fri, 14 Jun 2024 03:08:37 GMT
via: 1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P10
age: 361
x-amz-server-side-encryption: AES256
x-accel-date-max: 1717789857
x-77-cache: HIT
x-cache: HIT
x-age: 544660
x-accel-date: 1717789857
alt-svc: h3=":443"; ma=86400
x-77-nzt: EgwBnJIhiwH3lE8IAAwBJRPCMQH3JgIAAA
x-accel-expires: @1743709307
x-77-age: 544660
last-modified: Fri, 07 Jun 2024 19:34:14 GMT
server: CDN77-Turbo
etag: W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray: cf878727acc88c8a35b46b66e322943b
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
vary: Accept-Encoding
x-amz-cf-id: dZXILWxu0UI_Gg-_tKpf2jy5lJKqVJ6oPU5fOE-RCdfQR9t1QgHy1w==

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.primeres.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 4384ddf579a3af9775766d82fb10918a
www.primeres.com/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 4384ddf579a3af9775766d82fb10918a
.www.primeres.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9
.www.primeres.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: be8e3dd333164ca79388c17e0e4056ca18576f131f2dc72d8c5c96ccf4cad0f9
.primeres.com/	1970-01-21 06:04:30	Name: cf_clearance Value: YZ7YYB4vL8RGQrX7ySXjHqmdrygJIPZQZBqTa.hTN2I-1718334515-1.0.1.1-EhU8z.3pr0dbNoR0672wbs5rB5dLm128TmwlzuFyomTkuMH4v2StvocBazCPzZ5TDoo_rzbTPH2UI41XllzLig

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ajax.googleapis.com
api.userway.org
cdn.userway.org
cdnjs.cloudflare.com
cmp.osano.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
loanarranger.biz
www.google.com
www.googletagmanager.com
www.primeres.com
13.33.187.40
2600:1f14:5db:eb22:9a9a:905:9298:8823
2600:9000:266e:5400:3:b7e:8940:93a1
2606:4700:20::681a:7f1
2606:4700::6811:180e
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:829::2003
2a00:1450:4001:830::2008
2a02:6ea0:c700::18
2a04:4e42:400::644
3.33.152.147
122e4cb93b991803fb2dc9b3dac4e39738eeb508574409a7da359be0ec6374b0
12606295aabd6b31b4517f0889db6a240a782b8f76221616154284038d279599
1f36da6a30925e3633a5d3ebc5855618be35c62b66b01a77df95d7141db3c8d2
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
221d55c08e2763b2759f58f7224bf3ef60951851393f1d68533089fdb29edc9b
255cca76f532368a88d2b73a0008ae46fd3ad23d6eaa440ee1ff1c75b8371eb5
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
278941e3db0ce75a5270d1efe562131453a2394b021de7e35dabecb2405636f2
29a273b004b797099caebeab7ca9940384d1eba5ff519c9910ce774b48354b45
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c5581746eabab90e67779987d5d9696811fc377604e490fbd3457898d26dfa8
2dd361bc715916ad20ea2dfc71020659deea5dc1d380d44369af468b1a1f3be7
36073aa5b4384448b2c162f08124cc5cf1629bf425af43f21340667fc3a0b93e
3a743049c815973d7f39dcf98e3785fadad637778a5383a87e65a586ef153885
4ad9a5493aafc1f43e8882aeb9d07b945139ad6326d82a04b5237ee1a3283538
56ec0991f51b88c5ace858a7dbc380727ed176ed15dc34fb35776951aa17b330
5ff3fed8b0be12e14856de501657bfcffa38af2bcc26053338937747bcb1aa91
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84db9cfb2c723edcb60b031cb2864d049110ebd06e33ce5a59d6d51587285643
9dd532ddba21301bfbc5656424bec3a4ec518e458f2671ec9a7168f4a2334fd3
aaa87910d3ec363553b1839b9ebdf16e91a377ac8552c08b63e4f359b47418c1
af00f944f94e65727ae7e30dbcfb8f8c6556944ba2d0f585e17534458f7387bc
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b875e094b38607244a6a3c751c0195c95147551c016c065f714c8eeafcdb1dc0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c81cdbad17b878c0e8eff84346d95f72f8b1a678f0580d3b3ad21569860ceecc
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
da3f46c0901b69b64e8febebdd1993654bdc9c30211ce5bfa7e8928836cdc045
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ddba0a88efdcdc1fdcc2429ed7352b4ca5a1cd26f45a0b85f524df5101792b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61df1f1f30082d6ca1072c900157805b81556305b529da4c39be88a60def1ac
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.primeres.com Open in urlscan Pro 2606:4700:20::681a:7f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

91 %HTTPS

83 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

1889 kBTransfer

3067 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.primeres.com Open in urlscan Pro
2606:4700:20::681a:7f1 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

91 %
HTTPS

83 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

1889 kB
Transfer

3067 kB
Size

5
Cookies

43 HTTP transactions
1 data transactions