urlscan.io logo urlscan.io
SecurityTrails logo

primaryjaguar.click Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://primaryjaguar.click/
Submission: On June 08 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is primaryjaguar.click.
TLS certificate: Issued by WE1 on June 8th 2024. Valid for: 3 months.
This is the only time primaryjaguar.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
primaryjaguar.click
29    151.101.129.170 (San Francisco, United States)

ASN54113 (FASTLY, US)
c.tadst.com
3    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:20ae:7a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
29 tadst.com
c.tadst.com — Cisco Umbrella Rank: 26931
79 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
19 KB
5 primaryjaguar.click
primaryjaguar.click
398 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236
ad.doubleclick.net — Cisco Umbrella Rank: 165
175 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1095
1 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1631
pixel.quantserve.com — Cisco Umbrella Rank: 1142
10 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1084
api.btloader.com — Cisco Umbrella Rank: 1180
19 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1587
2 KB
50 8
Domain Requested by
29 c.tadst.com primaryjaguar.click
c.tadst.com
5 primaryjaguar.click primaryjaguar.click
3 securepubads.g.doubleclick.net primaryjaguar.click
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 ad-delivery.net primaryjaguar.click
1 b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com primaryjaguar.click
1 rules.quantcount.com secure.quantserve.com
1 ad.doubleclick.net primaryjaguar.click
1 api.btloader.com btloader.com
1 secure.quantserve.com primaryjaguar.click
1 btloader.com primaryjaguar.click
50 13

This site contains no links.

Subject Issuer Validity Valid
primaryjaguar.click
WE1		 2024-06-08 -
2024-09-06		 3 months crt.sh
c.tadst.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-03 -
2025-05-05		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
btloader.com
GTS CA 1P5		 2024-04-14 -
2024-07-13		 3 months crt.sh
quantserve.com
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://primaryjaguar.click/
Frame ID: 4CE92685A1178F4CB15922D9AD45E477
Requests: 48 HTTP requests in this frame

Frame: https://b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA9E85932FAF6964E7D9E5E97DE1369B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 250E3EE406CC7E9AAA365B551681390F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Current Local Time in Denizli, Turkey

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

50
Requests

100 %
HTTPS

58 %
IPv6

8
Domains

13
Subdomains

12
IPs

2
Countries

703 kB
Transfer

1350 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
primaryjaguar.click/ 		87 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
890b0bf37f65bb9d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 08 Jun 2024 18:46:47 GMT
expires
Sat, 08 Jun 2024 18:46:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YS%2FfBU0QlaGIHGFyyjpX2pPXYUrmrg6VqWXIZpp9zV4KrxsYcuz30U3ZXZqXbCMdzhiKIwovTeUMIhgwRwBfVse%2F%2BCg5EbnjscaHMxXvp1Qj122P1I2VssK0H0AIPIc5RkDvYjO%2FQkn%2Bqz%2FSqnq299mA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
iconfont.woff2@v8
primaryjaguar.click/lander/white-tr-mesmero2/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://primaryjaguar.click/lander/white-tr-mesmero2/iconfont.woff2@v8
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Origin
https://primaryjaguar.click
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Apr 2024 11:23:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6628eba1-15a0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvQoJ495CIDMeAiISTjeDWxTn%2BMPp8l921Nogm3BzXomD%2B61FrSIDQKcveqlSfsujl19AUEdQrdajHGgGaHauyQqDmRLbMX49MY6%2FYDtVCu9SMi55GS4SaGHebpj1mNgdTfqkYT%2FtCCDHqdwSdSqxCkM"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
890b0bf4b967bb9d-FRA
alt-svc
h3=":443"; ma=86400
content-length
5536
global_31.css.br
c.tadst.com/com/common/ 		80 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/com/common/global_31.css.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 07 Jun 2024 19:31:28 GMT
last-modified
Tue, 30 Apr 2024 10:15:45 GMT
age
170119
x-timer
S1717872408.905704,VS0,VE1
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
text/css
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
17967
x-served-by
cache-mad22047-MAD
prebidtad.reg.desk_3.js.br
primaryjaguar.click/lander/white-tr-mesmero2/ 		371 KB
372 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://primaryjaguar.click/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Apr 2024 11:23:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6628eba1-5cb6e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DH02a%2Bf9hF7G3rRe17J1GRrN1rmr1SQd6JvhkvmtkltpFUuwgcR7OOwk423w1YCsnaTIHV2hd4imojFeos7Bb%2BteWe%2BB4miZ2ds%2BtpuJfvRyuT%2BSWURKkxR0S06ng3sMAKqq5FZy6itIRiqYhGugKBAT"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
890b0bf4b96dbb9d-FRA
alt-svc
h3=":443"; ma=86400
content-length
379758
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7cb6018c888327d28e4887e20e44c718fc4b15c3dfa042947fbe17a17be87e3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30712
x-xss-protection
0
server
cafe
etag
241 / 19882 / m202406040101 / config-hash: 14353985682650205947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 08 Jun 2024 18:46:47 GMT
tag
btloader.com/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5174239513018368&upapi=true
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3625ba34ab87b77cc250437b2951bc6cc0fb47a8684f09b99adb36a0ab6e82e2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 08 Jun 2024 18:14:18 GMT
server
cloudflare
age
1792
etag
"9ed779e961269c77a96fb05ea617c1c4"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
890b0bf51ed35c7a-FRA
content-length
18683
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 15 Jun 2024 18:46:47 GMT
tpl_banner_22.css.br
c.tadst.com/com/common/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/com/common/tpl_banner_22.css.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
186
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 07 Jun 2024 12:18:08 GMT
last-modified
Tue, 23 Jan 2024 10:09:18 GMT
age
196119
x-timer
S1717872408.905695,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
text/css
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
1536
x-served-by
cache-mad22047-MAD
citypages_53.css.br
c.tadst.com/com/common/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/com/common/citypages_53.css.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 07 Jun 2024 12:18:08 GMT
last-modified
Tue, 23 Jan 2024 10:09:22 GMT
age
196119
x-timer
S1717872408.906114,VS0,VE1
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
text/css
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
2738
x-served-by
cache-mad22047-MAD
city_overview_26.css.br
c.tadst.com/com/common/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/com/common/city_overview_26.css.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 07 Jun 2024 12:18:28 GMT
last-modified
Tue, 23 Jan 2024 10:09:15 GMT
age
196100
x-timer
S1717872408.905717,VS0,VE1
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
text/css
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
2921
x-served-by
cache-mad22047-MAD
tr.png
c.tadst.com/gfx/n/fl/48/ 		861 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/fl/48/tr.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:20:25 GMT
last-modified
Sat, 05 Sep 2015 22:17:25 GMT
age
195182
x-timer
S1717872408.952126,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
861
x-served-by
cache-mad22047-MAD
tr-10.png
c.tadst.com/gfx/citymap/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/citymap/tr-10.png?9
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:20:25 GMT
last-modified
Thu, 21 Jul 2016 13:41:05 GMT
age
195182
x-timer
S1717872408.906093,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
6939
x-served-by
cache-mad22047-MAD
icon-map-pin.png
c.tadst.com/gfx/n/icon/ 		441 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/icon/icon-map-pin.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
95
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:43 GMT
last-modified
Sun, 11 Jan 2015 02:07:33 GMT
age
196125
x-timer
S1717872408.952114,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
441
x-served-by
cache-mad22047-MAD
wt-7.svg
c.tadst.com/gfx/w/svg/ 		2 KB
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/w/svg/wt-7.svg
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:44 GMT
last-modified
Tue, 25 Feb 2020 15:57:01 GMT
age
196123
x-timer
S1717872408.952106,VS0,VE1
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
581
x-served-by
cache-mad22047-MAD
wt-2.svg
c.tadst.com/gfx/w/svg/ 		2 KB
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/w/svg/wt-2.svg
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:44 GMT
last-modified
Mon, 30 Mar 2020 11:44:13 GMT
age
196123
x-timer
S1717872408.952084,VS0,VE1
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
568
x-served-by
cache-mad22047-MAD
wc-tmz.png
c.tadst.com/gfx/n/i/ 		987 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-tmz.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:05:29 GMT
last-modified
Sun, 11 Jan 2015 02:07:10 GMT
age
196079
x-timer
S1717872408.906099,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
987
x-served-by
cache-mad22047-MAD
wc-nodst.png
c.tadst.com/gfx/n/i/ 		717 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-nodst.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:43 GMT
last-modified
Sun, 11 Jan 2015 02:07:09 GMT
age
196125
x-timer
S1717872408.952044,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
717
x-served-by
cache-mad22047-MAD
wc-dff.png
c.tadst.com/gfx/n/i/ 		716 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-dff.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:05:29 GMT
last-modified
Sun, 11 Jan 2015 02:07:06 GMT
age
196079
x-timer
S1717872408.933563,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
716
x-served-by
cache-mad22047-MAD
wc-snr.png
c.tadst.com/gfx/n/i/ 		469 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-snr.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:05:29 GMT
last-modified
Sun, 11 Jan 2015 02:07:10 GMT
age
196079
x-timer
S1717872408.933537,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
469
x-served-by
cache-mad22047-MAD
wc-sns.png
c.tadst.com/gfx/n/i/ 		466 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-sns.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:34 GMT
last-modified
Sun, 11 Jan 2015 02:07:10 GMT
age
196134
x-timer
S1717872408.952231,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
466
x-served-by
cache-mad22047-MAD
wc-dln.png
c.tadst.com/gfx/n/i/ 		607 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-dln.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:43 GMT
last-modified
Sun, 11 Jan 2015 02:07:08 GMT
age
196125
x-timer
S1717872408.952036,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
607
x-served-by
cache-mad22047-MAD
moon.php@m=1&i=0.998&p=3.845&r=0.266
primaryjaguar.click/lander/white-tr-mesmero2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://primaryjaguar.click/lander/white-tr-mesmero2/moon.php@m=1&i=0.998&p=3.845&r=0.266
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Apr 2024 11:23:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6628eba1-4e7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BxLSfVigeosM%2Blirc6kwDOjqlsoYc%2BDKQud7P7O%2FUg0PykGAf%2FxCW0YWTV07BOTc1Nd%2FZImy06RvRUOPzIzsfXvON%2FhRjy075oA9meer6JDEmqyYNSYOPaoBkf1kLVC5SpBW3iGZ%2F4dVAt28afTX0TO"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
890b0bf4c99cbb9d-FRA
alt-svc
h3=":443"; ma=86400
content-length
1255
wc-clc.png
c.tadst.com/gfx/n/i/ 		457 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-clc.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:43 GMT
last-modified
Sun, 11 Jan 2015 02:07:04 GMT
age
196125
x-timer
S1717872408.952004,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
457
x-served-by
cache-mad22047-MAD
wc-cal.png
c.tadst.com/gfx/n/i/ 		423 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-cal.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:43 GMT
last-modified
Sun, 11 Jan 2015 02:07:02 GMT
age
196125
x-timer
S1717872408.951998,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
423
x-served-by
cache-mad22047-MAD
wc-nrb.png
c.tadst.com/gfx/n/i/ 		426 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/wc-nrb.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:43 GMT
last-modified
Sun, 11 Jan 2015 02:07:10 GMT
age
196125
x-timer
S1717872408.951974,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
426
x-served-by
cache-mad22047-MAD
logo-2021--horizontal-inverted-darkbg.svg
c.tadst.com/gfx/n/logo/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-inverted-darkbg.svg
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
244
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:45 GMT
last-modified
Fri, 26 May 2023 07:30:21 GMT
age
196122
x-timer
S1717872408.951931,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
1112
x-served-by
cache-mad22047-MAD
tr.png
c.tadst.com/gfx/n/fl/128/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/fl/128/tr.png
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:49:46 GMT
last-modified
Sat, 04 Jul 2015 22:20:13 GMT
age
193421
x-timer
S1717872408.951920,VS0,VE1
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
2366
x-served-by
cache-mad22047-MAD
wcommon_27.js.br
c.tadst.com/com/common/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/com/common/wcommon_27.js.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b282ea707eafd10b4423fc234ebd05d507dc6510cb9dcef9cfc2a6332051c92d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
260
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 07 Jun 2024 12:18:04 GMT
last-modified
Tue, 19 Mar 2024 09:32:34 GMT
age
196123
x-timer
S1717872408.952164,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
20910
x-served-by
cache-mad22047-MAD
togglefullscreen_11.js.br
c.tadst.com/com/common/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/com/common/togglefullscreen_11.js.br
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
2
date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
gzip
via
1.1 varnish
expires
Fri, 07 Jun 2024 12:18:02 GMT
last-modified
Tue, 19 Mar 2024 09:32:34 GMT
age
196126
x-timer
S1717872408.952143,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
1012
x-served-by
cache-mad22047-MAD
classonhover.js
primaryjaguar.click/lander/white-tr-mesmero2/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://primaryjaguar.click/lander/white-tr-mesmero2/classonhover.js
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Apr 2024 11:23:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6628eba1-5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7qV0lRqdBhujwHnuUtTP%2FRBLV0PrM%2B9lEE8YOUfTt8ECNWWjNM%2FPxgQbo0J2wro4lB%2Bx3B2fUT14Of9kbap7OV%2BUSwA3DgkkE%2FEosKR7VpY2zcUkrUJM4OoGmcGUbpx%2F8kmwdF%2B0YhhMmXfYKZ%2BaoMo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
890b0bf4c994bb9d-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jun 2024 18:46:47 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5174239513018368&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 08 Jun 2024 18:46:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1106569
x-guploader-uploadid
ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frEQVPhCPwePS5a9b3jUT4S0eMJppvxpS8IIkhG5Y%2B1h9FpbmjmtZrJ0hAQWtQAWCW%2B9WGY4wlKzwvn8md9oZvQFqWv8nG2Ak00i3%2B11dKF41IZffyHdt8SMreH6ueHteEF4gLhsbsMw7rO8Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
890b0bf5bc6118ef-FRA
expires
Mon, 27 May 2024 00:12:11 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 14:07:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Jun 2024 14:07:08 GMT
px.gif
ad-delivery.net/ 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8818517531237593
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1106569
x-guploader-uploadid
ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMCdxvWeBDxgOZk8hxHnIH%2Fw8klfKBVCqOqRUdq2lTGCOWmDOX8SFP18rgCsN%2Fr3BBK0vqg4QInNOyISapxPQNXxHORejMHki9NSqx%2FXSRpkyfdf1xNiP0jBOWldH4o9R9JqTp0Cg3hDuFkXRg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
890b0bf5bc6718ef-FRA
expires
Mon, 27 May 2024 00:12:11 GMT
rules-p-8QLn8vj66GL9W.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8QLn8vj66GL9W.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:7a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:26:54 GMT
content-encoding
gzip
via
1.1 653de2a3596d1ebffe452d8daf65c9ea.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P5
age
1197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Wed, 02 Nov 2022 13:45:25 GMT
server
AmazonS3
etag
W/"413808edb2d8489603e145cf44d200ee"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
-8QFyuSAeT5ucyvobA9kiSCZzJaPDRDa2Xi0ICMmnq3K3xv7kQH93A==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/ 		463 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 08:29:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
37063
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147735
x-xss-protection
0
server
cafe
etag
15837355652058665441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Jun 2025 08:29:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		73 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=primaryjaguar.click
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1dabd979492629b9cacb09b44e13ed1b393e2e7537c94f173f3f37f811180bc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54
x-xss-protection
0
expires
Sat, 08 Jun 2024 18:46:48 GMT
banner--2023.svg
c.tadst.com/gfx/n/ 		2 KB
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/banner--2023.svg
Requested by
Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://c.tadst.com/com/common/global_31.css.br
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4
date
Sat, 08 Jun 2024 18:46:48 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:45 GMT
last-modified
Wed, 20 Sep 2023 13:28:14 GMT
age
196123
x-timer
S1717872408.014302,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
865
x-served-by
cache-mad22047-MAD
logo-2021--vertical-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/logo/logo-2021--vertical-color-whitebg.svg
Requested by
Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://c.tadst.com/com/common/global_31.css.br
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
3
date
Sat, 08 Jun 2024 18:46:48 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:45 GMT
last-modified
Fri, 24 Sep 2021 10:22:46 GMT
age
196123
x-timer
S1717872408.014612,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
3481
x-served-by
cache-mad22047-MAD
spr-footer-social.png
c.tadst.com/gfx/n/i/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/spr-footer-social.png
Requested by
Host: c.tadst.com
URL: https://c.tadst.com/com/common/global_31.css.br
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://c.tadst.com/com/common/global_31.css.br
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
238
date
Sat, 08 Jun 2024 18:46:48 GMT
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:44 GMT
last-modified
Mon, 30 Oct 2023 09:22:39 GMT
age
196123
x-timer
S1717872408.027077,VS0,VE0
vary
Origin
x-cache
HIT
content-type
image/png
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
2451
x-served-by
cache-mad22047-MAD
service__supporter.svg
c.tadst.com/gfx/n/i/ 		964 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/i/service__supporter.svg
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4
date
Sat, 08 Jun 2024 18:46:48 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:48 GMT
last-modified
Fri, 15 Jun 2018 08:21:10 GMT
age
196120
x-timer
S1717872408.032944,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
497
x-served-by
cache-mad22047-MAD
logo-2021--horizontal-color-whitebg.svg
c.tadst.com/gfx/n/logo/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.tadst.com/gfx/n/logo/logo-2021--horizontal-color-whitebg.svg
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
5
date
Sat, 08 Jun 2024 18:46:48 GMT
content-encoding
gzip
via
1.1 varnish
expires
Mon, 30 Sep 2024 06:04:48 GMT
last-modified
Thu, 23 Sep 2021 08:12:11 GMT
age
196120
x-timer
S1717872408.032915,VS0,VE0
vary
Accept-Encoding,Origin
x-cache
HIT
content-type
image/svg+xml
cache-control
public, max-age=10000000, s-maxage=10000000, post-check=5000000, pre-check=10000000
accept-ranges
bytes
content-length
3515
x-served-by
cache-mad22047-MAD
pixel;r=1830474039;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Fprimaryjaguar.click%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1898327698-1717872407913;p...
pixel.quantserve.com/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1830474039;rf=0;a=p-8QLn8vj66GL9W;url=https%3A%2F%2Fprimaryjaguar.click%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1898327698-1717872407913;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=primaryjaguar.click;dst=1;et=1717872408030;tzo=-120;ogl=image.https%3A%2F%2Fwww%252Etimeanddate%252Ecom%2Fscripts%2Fcityog%252Ephp%3Ftitle%3DCurrent%2520Local%2520Time%2520in%2Cimage%3Awidth.1366%2Cimage%3Aheight.738%2Ctype.website;ses=d770f431-5a46-4197-b15f-fa0a74d34807;mdl=
Requested by
Host: primaryjaguar.click
URL: https://primaryjaguar.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 18:46:48 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
favicon-32x32.png
c.tadst.com/ 		741 B
855 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad22047-MAD
date
Sat, 08 Jun 2024 18:46:48 GMT
via
1.1 varnish
last-modified
Mon, 11 Sep 2023 18:39:47 GMT
age
23313
x-timer
S1717872408.107997,VS0,VE0
etag
"2e5-60519a69bf3c6"
x-cache
HIT
content-type
image/png
accept-ranges
bytes
content-length
741
x-cache-hits
12
favicon-16x16.png
c.tadst.com/ 		456 B
530 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.tadst.com/favicon-16x16.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.170 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mad22047-MAD
date
Sat, 08 Jun 2024 18:46:48 GMT
via
1.1 varnish
last-modified
Mon, 11 Sep 2023 18:39:47 GMT
age
23313
x-timer
S1717872408.155625,VS0,VE0
etag
"1c8-60519a69b76ad"
x-cache
HIT
content-type
image/png
accept-ranges
bytes
content-length
456
x-cache-hits
12
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
bd6de7941e1da693096f3e705be863a99be228f85a11d9721e6aa7ac816a2cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12823
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		896 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1731215902162009&correlator=757664111929570&eid=31079956%2C31079527%2C31078668&output=ldjh&gdfp_req=1&vrg=202406040101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1004254%2Ctadcom_300x600%2Ctadcom_970&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%7C300x250%7C160x600%7C120x600%2C970x90%7C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1717872411122&lmt=1717872411&adxs=1284%2C430&adys=338%2C10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fprimaryjaguar.click%2F&vis=1&psz=300x11%7C970x-1&msz=300x0%7C970x-1&fws=512%2C512&ohw=0%2C0&ga_vid=805917577.1717872411&ga_sid=1717872411&ga_hid=1987845737&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1717872407777&idt=239&cust_params=ab%3Db%26hr%3D10%26ut%3Ds%26art%3D3712%26si%3D1&adks=686471698%2C2541254599&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d946617db13b1139fc792b93cf2d3ca54f70d13261369200076681ab9d3bb8fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://primaryjaguar.click
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://primaryjaguar.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 18:46:51 GMT
expires
Sat, 08 Jun 2024 18:46:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://primaryjaguar.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 18:46:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 08 Jun 2024 18:46:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 250E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://primaryjaguar.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Jun 2024 18:24:02 GMT
expires
Sun, 08 Jun 2025 18:24:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| pbjs function| cmpEvent function| consentDataReady function| sendAdserverRequest object| AD object| googletag object| AdMgr object| _qevents object| __bt object| __bt_intrnl object| __bt_tag_d function| quantserve function| __qc object| ezt object| _qoptions object| ggeac object| google_tag_data object| google_js_reporting_queue object| TAD number| mtt object| $jscomp function| pf function| p2 function| lim function| dt function| it function| ia function| sprintfloc function| sprintf function| gx function| rs4 function| ghj function| jcb function| rf function| phg function| gf function| cDF function| cE function| aCh function| hC function| gA function| sA function| ddE function| arrclone function| gebc function| gebn function| gebtn function| gebtn0 function| ih function| iH function| sd function| he function| ee function| ac function| po function| ap function| isdef function| ep function| gcst function| gcs function| es function| esp function| esa function| sw function| jp function| siv function| gsv function| wl function| gso function| gfv function| ga function| au function| ru function| hu function| aau function| dau function| sem function| jsav function| PU function| mena function| menh function| fe function| mech function| menc function| menfr function| mmenc function| mens function| mensk function| ifsm function| ifd function| ifku function| ifpd function| ifkd function| ifs function| ifcb function| ifc function| ofs function| jcc boolean| trkclk function| openLocPicker function| AC function| ges function| ael function| aelw function| oael function| aelc function| ev function| ott function| loadcss function| vad function| vat function| va function| elca function| abrd function| anpop function| modps function| modpop object| mod_callback function| modph function| modclear function| popad function| openlogin function| popadlogin function| popadreg function| hsl function| extfield function| extlocs function| exttzs function| pn function| raf function| lo function| main function| bls function| blc function| blif function| bli function| calp object| _T function| Mf function| Mr object| ph function| gp function| pp function| dce object| UA object| sem_a object| menact object| men object| pM function| getAC object| TO object| elh object| elc object| fh object| TD object| loadcss_cache function| switching function| gpluso function| gplusc object| BOOL object| ERR number| blo function| Sticky function| Fullscreen object| fs function| Clck number| hasRun function| openprivacy undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
.quantserve.com/ Name: mc
Value: 6664a718-1104b-b23e3-739a2
.primaryjaguar.click/ Name: __qca
Value: P0-1898327698-1717872407913

2 Console Messages

Source Level URL
Text
security error URL: https://primaryjaguar.click/
Message:
Refused to execute script from 'https://primaryjaguar.click/lander/white-tr-mesmero2/prebidtad.reg.desk_3.js.br' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
other warning URL: https://primaryjaguar.click/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
b04ebf3bca520153694f8e7f827f47c6.safeframe.googlesyndication.com
btloader.com
c.tadst.com
pagead2.googlesyndication.com
pixel.quantserve.com
primaryjaguar.click
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
130.211.23.194
142.250.185.230
142.250.186.162
151.101.129.170
216.58.206.34
2600:9000:20ae:7a00:6:44e3:f8c0:93a1
2606:4700:10::6816:4bd8
2606:4700:20::681a:346
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:813::2001
2a00:1450:4001:831::2001
2a06:98c1:3120::3
04f51db40dc1ecb0d0661e836432a08de8e5c2556e24c20d179c547c5d6a30f8
09db698e1c40227a81ec4886e65dcc230b544324c7981cd203b5455058a7476f
10c56d84fe8a6c731b232b702f3ad71e643adc1fc118892b9834697d218aa1a0
11477603ff1a8a307c02a1463df2d4a3da182b85a15bedd5e0e557733de17401
1d6c1eb6129a6eda2d6622390def01b906dba2a1fafc75beed913ea76b0813b2
1dabd979492629b9cacb09b44e13ed1b393e2e7537c94f173f3f37f811180bc6
297cd8b0fe160762ae89400620fd42a099b16af38aeceae08e7c48b681313e0e
2f0fd4c6fc5db5f1ea9fe9eba9ad25901cd6c38964915f235ebbf02332a0128e
2f7f8f2d1ccc10a6e92fc58f6818f26ab3385765b92f46b84678f739c5cc31a6
3140d841459c7dc7b848d1ddc37c07120d8b2558decb24450b0c4aa9d1d2d866
3323913991aeb916043c96187df36e4e4b6d59ef4349f7efbc5465089a04009b
3625ba34ab87b77cc250437b2951bc6cc0fb47a8684f09b99adb36a0ab6e82e2
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
5164076595a480f57d530a850655617e7f1cfa896856492efdc28f52c8a42627
541a25ed4f2a16dbfae243dd9885cc998b09649e06d37b318e732f92c637fe01
5571293335b57878844fbad3aea3f8af9e9909f90f00249b6f0b676e86a01333
5a03058e53c7d4a03d7348a052995ff28c6577433179cbfd930d4d6bb6efa406
61b74e87662c8856f5d3bf3f8ae9f6f3405d76a6ba5df3815f548dd0f0f3f36d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
7690fe188596a70bfd1cf255a78a79947dcba2e9cc46481cef75db835ee38fa3
7bfd6b7faea18715c35ccc9e6dee5c18778bc3f231e86e4ec82a020024e5a24a
7cb6018c888327d28e4887e20e44c718fc4b15c3dfa042947fbe17a17be87e3e
7d160e1776e304d37c9c2b636563d7dfce97d3a4db4ed05025c7c9df951ae058
85c10f32ac3cf1d4e831179577e732883d99e9215405c0f3506847ebc5687351
876dc1a0b2578479bb9c086e503dd0ea5bb9d5fabef5302419ceadde930d2727
8a0dddcb62bcc681f8cda02134c3216e93ec701bfcb19adbf311935600eacb8f
9d17e6d55bf3d47e1932a1bafbe4f9a6737e79e982c38dfc2981cad4918d59e2
9de07b9af64229d0697f40ad1a422f3ef7ac84cbb1e89ed8116a2a6d5f3e3d94
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2a5fc560c5b46a79385b2c425fccfdb13808281bc2fa3ab7f4960ea597561ce
a9aa1e94039ec3e2d657e3dc598c5ba7f67fb68a48e330fd9832b3cb50f949f0
b1ff229d7cf6c2eb168c41b99ce4081f4ed5d4cbbfbd94a3450066f89c9d54b2
b282ea707eafd10b4423fc234ebd05d507dc6510cb9dcef9cfc2a6332051c92d
b342157b6e91ecd217341928d5fe8b2b723aabfd9a9cadbbb8c1094b250ef12d
b5aa51ea20ae2ea52cd995c3dd0002e1bf9d8d014a72f8d7b519a1adf673522a
bd6de7941e1da693096f3e705be863a99be228f85a11d9721e6aa7ac816a2cb4
c00280650f672626c573272512b1ccb326c2a8bc16ee87b1c41ca88f7f80da94
cae04a82151b0dbf40cb7c3853cb4e75761e22973b9d0d0bfe3dd8da5fee5b69
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8138b7a7a9081c3cfe1a7c96f85f4d92b6e66f55700356dec892b8e28509b44
d946617db13b1139fc792b93cf2d3ca54f70d13261369200076681ab9d3bb8fc
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3e3c9a4c1c88c2490b22a3c2811657ca2ba50e38426ae5bbc985e8bf19f33c
ef4479b867b50cb063a81ff5d78c68ca95b732ef59591375cdecc79d1a57a958
f33acb319f8f8a4cf1d577a5723a232ceb2739d041eb363eb61b357b907ba69a
fa052601ef12ee9562dfc62b446d1a8a3ebad33ed9e9108bf0675f3a09ef7b65