Submitted URL: https://www.georgebranigan.com/
Effective URL: https://www.primeres.com/gbranigan
Submission: On August 05 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 2606:4700:20::681a:7f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.primeres.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2024. Valid for: 5 months.
This is the only time www.primeres.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
21 primeres.com
www.primeres.com
218 KB
14 userway.org
cdn.userway.org — Cisco Umbrella Rank: 6941
api.userway.org — Cisco Umbrella Rank: 6788
cdn77.api.userway.org — Cisco Umbrella Rank: 11499
159 KB
3 gstatic.com
fonts.gstatic.com
69 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
82 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
164 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
32 KB
1 accessibilityserver.org
accessibilityserver.org — Cisco Umbrella Rank: 59470
2 KB
1 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 22069
1 google.com
www.google.com — Cisco Umbrella Rank: 10
988 B
1 osano.com
cmp.osano.com — Cisco Umbrella Rank: 7730
62 KB
1 georgebranigan.com
www.georgebranigan.com
323 B
50 11
Domain Requested by
21 www.primeres.com 1 redirects www.primeres.com
9 cdn.userway.org cmp.osano.com
cdn.userway.org
3 api.userway.org cdn.userway.org
3 fonts.gstatic.com fonts.googleapis.com
2 cdn77.api.userway.org cdn.userway.org
2 cdnjs.cloudflare.com www.primeres.com
cdnjs.cloudflare.com
2 www.googletagmanager.com www.primeres.com
cmp.osano.com
1 accessibilityserver.org cmp.osano.com
1 fast.wistia.net www.primeres.com
1 fonts.googleapis.com www.primeres.com
1 www.google.com www.primeres.com
1 ajax.googleapis.com www.primeres.com
1 cmp.osano.com www.primeres.com
1 www.georgebranigan.com 1 redirects
50 14

This site contains links to these domains. Also see Links.

Domain
myloan.primeres.com
Subject Issuer Validity Valid
primeres.com
Cloudflare Inc ECC CA-3
2024-07-19 -
2024-12-31
5 months crt.sh
*.osano.com
Amazon RSA 2048 M03
2023-10-18 -
2024-11-15
a year crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
accessibilityserver.org
Amazon RSA 2048 M03
2023-10-07 -
2024-11-03
a year crt.sh
1667503734.rsc.cdn77.org
E5
2024-07-16 -
2024-10-14
3 months crt.sh
api.userway.org
Amazon RSA 2048 M02
2024-08-02 -
2025-08-31
a year crt.sh
1784939676.rsc.cdn77.org
R3
2024-05-31 -
2024-08-29
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.primeres.com/gbranigan
Frame ID: 60E018D9DA3B7B55CB40A9390E589834
Requests: 46 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/v6egq2kd9k
Frame ID: E0E949940633772DBBB816E02A185E3F
Requests: 1 HTTP requests in this frame

Frame: https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 6C246CB71C4539128B90F46698C74CC9
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Mortgage Lender in Prairieville LA | Primary Residential Mortgage

Page URL History Show full URLs

  1. https://www.georgebranigan.com/ HTTP 301
    https://www.primeres.com/gbranigan Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

50
Requests

92 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

787 kB
Transfer

2674 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.georgebranigan.com/ HTTP 301
    https://www.primeres.com/gbranigan Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request gbranigan
www.primeres.com/
Redirect Chain
  • https://www.georgebranigan.com/
  • https://www.primeres.com/gbranigan
35 KB
9 KB
Document
General
Full URL
https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe18f9e640c36932fe2c7cbe6ea7cc0713e37ade78be39d6c994665a67947a51

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8ae85363894c9714-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 05 Aug 2024 16:57:22 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sap350JYlEZDB8QyNi7ZESJI93TJ8csiHJKx75UmqhTUq2XfWtzxWx5yWxbeE1feMYqMJUIgdy4SUoT%2B8tDG1%2FId6RYFOkWDUo%2B6VtSWqB1mdKf3HzNmc2jcURr3O8Kh9RgcqTuFYm%2F2q0txTpA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

Connection
close
Content-Length
69
Content-Type
text/html; charset=utf-8
Date
Mon, 05 Aug 2024 16:57:21 GMT
Location
https://www.primeres.com/gbranigan
Server
ip-100-74-4-181.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
1d4e430a-dd7f-4279-8f25-d88a677b5e7b
main.min.css
www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-b/
209 KB
77 KB
Stylesheet
General
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-b/main.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b8430873e24e9554a14cd72b2f424ac5be80f8c6f72853b0e89165338f7ce92a

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 22:52:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
225699
etag
"28594779aa1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXhu7dOsROMF9%2FN1vy4IhyH1g212IJUi%2BXqx%2BXYoFgAsgdUYsQGH7KCQYxm%2Bo1iYmngw8TvZ%2ByWm%2FIY%2B48dunrWkZ8iUIWe76zl4ksGly09EFa6a0OVFctLMRBtYmzFfsKmn%2FZYWPppuuFeN3H4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
8ae8536d9c849714-AMS
osano.js
cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/
246 KB
62 KB
Script
General
Full URL
https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2449:9600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
40d8d3d6faec7e08d72c9440ec423aaa09d1b2adca313b082e35cf080ad5b4dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
via
1.1 3a5e4105e7e14b13dcdcd3f0d9062fa0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
AMS58-P6
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
62401
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 25 Apr 2023 20:14:13 GMT
server
CloudFront
etag
"2034e3f0ebfa761dc032614469ba430d"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
aUS58t11dELjL8XamGiGEQHvMACdIO8o9veJrFDOeH2i2JTwrjEGMg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 13:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 13:34:02 GMT
js
www.googletagmanager.com/gtag/
209 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-130576779-2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dddbd475c09556503fb6d413a19c12217b8c33ce68bd5711359c9d47291f14cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76710
x-xss-protection
0
last-modified
Mon, 05 Aug 2024 16:08:23 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Aug 2024 16:57:23 GMT
ScriptResource.axd
www.primeres.com/
87 KB
39 KB
Script
General
Full URL
https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:22 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 30 Jul 2024 17:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kefzkKdL86m46EBajZ9yREiXnZU1rLQeAGbOxCDHOWDb6WMDNgH6Uqm%2FDtdR5grK3ez7%2Fai8%2BNcrQjHACXZAdBN5vmkVcGWw8N3X8nxKb9f%2F8ff1dYv4d5ckbjBlmnYf8f%2BNca5AaxKZddZs%2FG4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8ae8536d9c879714-AMS
content-length
39727
expires
Wed, 30 Jul 2025 17:46:37 GMT
ScriptResource.axd
www.primeres.com/
8 KB
4 KB
Script
General
Full URL
https://www.primeres.com/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESC_qUolZwo1n3vj1YFHzD3XOGiz_tRVofSTf8VnvS1QxJ_R5aqcQA06ycwgEy04IbyYldtdt9K8GKTZqlUPe3d9y_KA1Ig1w5LHMyOrTTItxE1wXGq56h-coINekOFT0HiDSlsSVgHzyA2BvbNdn-mfCikSuSmXBRm8HQVMbUwOb0&t=a366992
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 30 Jul 2024 17:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFYXYBsd4cK8OPvIxjUAOH12X%2FLejxXjICrnzkElaDXTcJYKIk1eOu7TowxHN8%2FSSnLADwAuyGkA2Qkh94wM2p9tz0%2BuaubdZu4Z1AklD72KdO9zV2D6wOkSsnKIxX%2FMKUAibDpkzoPVxADk17c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
cache-control
public
cf-ray
8ae8536d9c889714-AMS
content-length
3834
expires
Wed, 30 Jul 2025 17:46:37 GMT
api.js
www.google.com/recaptcha/
1 KB
988 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lc2iioeAAAAAGJ1sB16RNnuvw6C6AjPXEBiRBnM
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8b090e95cbef8ca47a3656f83c1c81574c2b949cc4de43c837af9bdc67946777
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 05 Aug 2024 16:57:22 GMT
george-branigan-headshot.jpg
www.primeres.com/images/librariesprovider475/default-album/
23 KB
23 KB
Image
General
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/george-branigan-headshot.jpg?sfvrsn=294aa23a_0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
669070c1ba2addb9a3602cb7b58a58685d1192f665928a9ed34f4b66a1fbc079

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=george-branigan-headshot.jpg
content-length
23553
pragma
no-cache
last-modified
Mon, 05 Aug 2024 16:57:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=449o1XmS%2FYO%2BuK6eV7njdTzMMGqinCSpaJOCbz2V%2BDu6kK4TlDG9%2B2rRpKkclzmbduzmzUyr%2Ff07fUHGgF1BYhKZC4zCX6fhm6c3q6O%2BHuQqpT5B6cjUFh0hs61PJEoCeg8jMij7EXL46befU1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8ae8536d9c8a9714-AMS
expires
-1
mortgage-calculator-icon.svg
www.primeres.com/images/librariesprovider475/default-album/
666 B
755 B
Image
General
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/mortgage-calculator-icon.svg?sfvrsn=7275c435_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5322c8709f5e2ee6da55b3427bf88893cfc8a3f4723ee7a86c8a9de3c327d21

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=mortgage-calculator-icon.svg
pragma
no-cache
last-modified
Mon, 05 Aug 2024 16:57:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGxS6XoPnQXj9bfmbrcBU5bmWcGaYUbVpNA8I5DmcPwg1ytZtPtjiOP5dd8fGYFLyWqNp6%2FSv2%2F2ZiXATjUFidCN1TLivJD7MCJO%2BBG%2Fd%2BszPBbowL%2BuuDn4J8aTYCWkzg9na87AuoV90YB1gAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8ae8536d9c8c9714-AMS
expires
-1
home-icon.svg
www.primeres.com/images/librariesprovider475/default-album/
676 B
659 B
Image
General
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/home-icon.svg?sfvrsn=c2e3c25d_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5e7078da063e0a04a0021b018d637abf4a091190e604b3e858ae406d8316d83

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=home-icon.svg
pragma
no-cache
last-modified
Mon, 05 Aug 2024 16:57:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slnc%2FTtqqAzEAPKmDsiy7LaLTSiS0DLh7%2FYlGd%2B66%2FK6GFGRCEoqBW0gwVc%2Fgw8zEUTERjuCPHxCg4guAsfdlT0iAxxJZyHguA0t9SCVvVfFFxpb0BnXVJe1GUYjoNVW19VEsYW4b%2FLzQf%2Bk8cM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8ae85370886a9714-AMS
expires
-1
email-decode.min.js
www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://www.primeres.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jul 2024 21:56:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a9617e-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JZpp4aUW1%2BTLqJk1bKAgxk%2Bhd2%2FtFyfA%2BLivAv0WifKBlsFhRNvZ%2B603%2FjEiTPMwGEAE9QoVTPQewGC94COzjBDYYUaSIakhNjWizgoNPyj%2Frg%2FfopixUCpi3xndspekyjyjBZmoHjLu34HqEOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8ae85370886e9714-AMS
expires
Wed, 07 Aug 2024 16:57:23 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
253455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4X96JeJz06B31SBUtLg9gZkJe%2BSvM7YlQDHYMkgU75s9EEK5M4GhnqdXfIcEN7w%2FfLvxz2P6f1816G%2FjgK2HFKskU5%2BpH%2FEEwdRUjAoWBCJOQd5B4swLqY4nMKZQCUmic9lxENqBu0%2FYc5GMQ1Rkm0i"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ae853729edc6563-AMS
expires
Sat, 26 Jul 2025 16:57:23 GMT
all.min.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/
92 KB
32 KB
Script
General
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/all.min.js?package=Talon&v=NDMyOTQwNjQx
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
32145
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFCHxDjj3Nltn7L6DeOMpVhAUyjveW1ZxJa1TnQwSpn7rvT3ugr84uZSpYGGxHIax4NCOANOGv386CIGwOW81GAxxtm8Cqzp4bc6GCq3um1wMo3WHzWiUi4mKkoUVukVZLn97d2NfpPlLWorYxM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ae85370886f9714-AMS
expires
Mon, 12 Aug 2024 16:57:23 GMT
text-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/
5 KB
2 KB
Script
General
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/TextField/text-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c5581746eabab90e67779987d5d9696811fc377604e490fbd3457898d26dfa8

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
1240
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuZlFDWrPcyFx9fiHtbSCoexouSE4HO4UWB9rCStegthggwSe%2FURxk8zkyNxT%2FpTOfhRykN8JfLKgpUYy8OP7zbkBVJEeY7F4hSnSFsZpepGCe%2BtE3rTFZ4MqFfdgyYTSgZjO%2F1SJlyMj8GkSpo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ae8537088709714-AMS
expires
Mon, 12 Aug 2024 16:57:23 GMT
paragraph-text-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/
4 KB
1 KB
Script
General
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/ParagraphTextField/paragraph-text-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
221d55c08e2763b2759f58f7224bf3ef60951851393f1d68533089fdb29edc9b

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
29203
x-powered-by
ASP.NET
content-length
1116
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XP32RmlplaFCRezmtCtw2ixf3PkVhtDyjByJxd%2BaSFzF7KLmYnc%2FsVVbuU0R9yfXx6RO7ksM4bcFB71vsCaomlCgQVUzLfb0pbAxbG1kiCBQgC4abZ5c%2Biu15aVSgdDRLVy1FOHu7OsZUzykQoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ae8537088719714-AMS
expires
Mon, 12 Aug 2024 08:50:39 GMT
checkboxes-field.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/
5 KB
2 KB
Script
General
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/CheckboxesField/checkboxes-field.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
278941e3db0ce75a5270d1efe562131453a2394b021de7e35dabecb2405636f2

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
29204
x-powered-by
ASP.NET
content-length
1485
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijri3fCqyn0d1BsK5E2WCaaIehTIiUtTwTepESX77tTvSslANmozGS5c9SMVLEn3GhgETC4978HAR3wSBaNdMs47s2ygc%2B6e%2FJch2ILQj21kLcEjpG6XZ1qZhvumuclzjgMzN3kJjWzgvSAP6EA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ae8537088729714-AMS
expires
Mon, 12 Aug 2024 08:50:39 GMT
submit-button.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/
3 KB
1 KB
Script
General
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend.Forms/Mvc/Scripts/SubmitButton/submit-button.js?package=Talon&v=MTMuMy43NjI4LjA%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
36073aa5b4384448b2c162f08124cc5cf1629bf425af43f21340667fc3a0b93e

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
age
29204
x-powered-by
ASP.NET
content-length
998
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wqlXcWfEvzLqgd%2FvM9ok9d0BPu%2F85EbWyPgmxdwWWdOV4hdsaFj1kh41dAjInpBhzN1fmgrY2cylK1Zv8qe5MVn3%2BwSSD4pAWF2Rc9RL15wrhS0nfBEWDKguBsRifVbjKeW70pVPWxBExJwLhE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ae8537088749714-AMS
expires
Mon, 12 Aug 2024 08:50:39 GMT
utm-campaign.js
www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/
4 KB
2 KB
Script
General
Full URL
https://www.primeres.com/Frontend-Assembly/Telerik.Sitefinity.Frontend/MVC/Scripts/UtmCampaignTracking/utm-campaign.js?package=Talon&v=LTc3MTA1MzcxNA%3d%3d
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-length
1638
last-modified
Thu, 15 Jul 2021 09:26:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URdIg79UzwqHe283orqYnHqw3fhYZakvEW1qYqaK93crX8Cd%2FBO1nlAuCsfI5L35z9g%2Fae5sKH2fwu0P%2FNv7i20pvwvAsYngfQpspfWkFWnwul4WdOnaOZtEjOk0eOF5RNTuh7tcnsrAcOYE9PM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8ae8537088789714-AMS
expires
Mon, 12 Aug 2024 16:57:23 GMT
css
fonts.googleapis.com/
12 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ResourcePackages/Talon/assets/dist/css/branch-template-b/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
84db9cfb2c723edcb60b031cb2864d049110ebd06e33ce5a59d6d51587285643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Aug 2024 16:57:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Aug 2024 16:57:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Aug 2024 16:57:22 GMT
c6432377-093a-4874-9ad1-a597e5a1ce5c
https://www.primeres.com/
390 B
0
Other
General
Full URL
blob:https://www.primeres.com/c6432377-093a-4874-9ad1-a597e5a1ce5c
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
svgs.svg
www.primeres.com/ResourcePackages/Talon/assets/svg/
45 KB
13 KB
Other
General
Full URL
https://www.primeres.com/ResourcePackages/Talon/assets/svg/svgs.svg
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f61df1f1f30082d6ca1072c900157805b81556305b529da4c39be88a60def1ac

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 May 2024 20:55:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2064885
etag
W/"7a275c8aa1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLyuJwv3FTeTErGL1AGUXy5fOX10KcYPI0kt6uuzb%2FyCpBWkWZdP42%2FFI%2BNIHjIq%2FWJI2YfZ%2BKqgk5%2FLMLvOIvN%2BNTsbLX%2BRVzbt0cTWvL2CuREGYDEaoMyV5l6kCsDaEhru%2FSdrcbgvtuuLdm0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
8ae85370b89d9714-AMS
v6egq2kd9k
fast.wistia.net/embed/iframe/ Frame E0E9
0
0
Document
General
Full URL
https://fast.wistia.net/embed/iframe/v6egq2kd9k
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primeres.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
79469
cache-control
public, no-cache
content-encoding
br
content-length
3326
content-type
text/html; charset=utf-8
date
Mon, 05 Aug 2024 16:57:23 GMT
etag
W/"bdf1fcd4821f2cba7d65dc15c97f47ac"
server
envoy
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-id
y2BCeUQDdi6-J2qX599EwYQ2_cPCY0EH9qU0Ws1HeMszmqSXEQlGXg==
x-amz-cf-pop
IAD89-C3
x-browser
chrome
x-browser-version
127
x-cache
Miss from cloudfront, HIT, HIT
x-cache-hits
3, 0
x-content-type-options
nosniff
x-ecma-v
modern
x-envoy-upstream-service-time
110
x-permitted-cross-domain-policies
none
x-request-id
336065dd-1565-4a7d-a199-109aa50c57fb
x-runtime
0.108569
x-served-by
cache-iad-kjyo7100131-IAD, cache-fra-etou8220150-FRA
x-timer
S1722877043.347606,VS0,VE1
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 08:07:41 GMT
x-content-type-options
nosniff
age
31782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Aug 2025 08:07:41 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:56:39 GMT
x-content-type-options
nosniff
age
525644
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 14:56:39 GMT
cf79df9a-9584-4441-945f-d165719ea0cb
https://www.primeres.com/
390 B
0
Other
General
Full URL
blob:https://www.primeres.com/cf79df9a-9584-4441-945f-d165719ea0cb
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
88830754-b374-4686-9d32-f3bed80f24d0
https://www.primeres.com/
390 B
0
Other
General
Full URL
blob:https://www.primeres.com/88830754-b374-4686-9d32-f3bed80f24d0
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/
250 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSXTQ54QKJ&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a5549733fc41e506ed188c8f568f6ae62ead945f206e7fd3c15128b993f90c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 05 Aug 2024 16:57:23 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
250919
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5dRlFzd12E5CLfJVzI6ehcVthIhIaAnCgHrvvs2XmPzUcQ%2BFg3HTjPq7YjQiTU70PdTegFeLENad2xyzIB0UdgqJrnCaEt5V6u0OpLqOXd3lelPhEc%2BNleGhMt7OQU3UsU4j8wgonICSBPg0bIlE6%2BE3"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8ae85372fa1b7751-AMS
expires
Sat, 26 Jul 2025 16:57:23 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,300,400,700,900|Montserrat:100,300,400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 12:18:31 GMT
x-content-type-options
nosniff
age
535132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 12:18:31 GMT
mortgage-calculator-icon.svg
www.primeres.com/images/librariesprovider475/default-album/
666 B
755 B
XHR
General
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/mortgage-calculator-icon.svg?sfvrsn=7275c435_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5322c8709f5e2ee6da55b3427bf88893cfc8a3f4723ee7a86c8a9de3c327d21

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.primeres.com/gbranigan
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=mortgage-calculator-icon.svg
pragma
no-cache
last-modified
Mon, 05 Aug 2024 16:57:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZBrPNQCWFuisRkX4djq4VIZGD30MyJqp9kCvh32oZNLttJFAgV%2B0LFVPKrbGp8AhFcZJHlNscC7KrEvqmPbL86efXyrrrog%2F5ENmlXz7eoISZ418UrobKvOaI5pHmZKO7u8ECOFhhIvdcF76kU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8ae853748cc99714-AMS
expires
-1
home-icon.svg
www.primeres.com/images/librariesprovider475/default-album/
676 B
663 B
XHR
General
Full URL
https://www.primeres.com/images/librariesprovider475/default-album/home-icon.svg?sfvrsn=c2e3c25d_2
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3ugaLjNozHoajOZ-qWC1CBhNnChirDzyJQ9Pj1lDLrTAB0eOve19zDW2iKY3cstZI1EHdxezQPhUzxO5sj9_yDvDc0j8LajzfJifc-7Lhge46tlPyItOGPq67ox9Q3KGxg0nIRY6MnhjL0roT2PiKc0tqv_hoqVaVHwmQEYj4LSh0&t=a366992
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e5e7078da063e0a04a0021b018d637abf4a091190e604b3e858ae406d8316d83

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.primeres.com/gbranigan
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:24 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-disposition
inline; filename=home-icon.svg
pragma
no-cache
last-modified
Mon, 05 Aug 2024 16:57:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U0S7PIqtTlcfjHq0XMhJ69CnVlgnOQTZF82zQqZt8w1S4w5OOzgLLMJA8ckvWoBpf6V4YXNiRCd%2FK10ip27q0DbgIS%2BZOskT0UPdHFehugLf82DusMT%2BLjZCq0x1hx%2FLFfP50DuR6U0YgdoE6MY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8ae853748ccd9714-AMS
expires
-1
widget.js
accessibilityserver.org/
2 KB
2 KB
Script
General
Full URL
https://accessibilityserver.org/widget.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-40.fra60.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
3b616977793b2e6a5bfcf5a9b4a057501f8411543909c0de082bee347f911f72

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:17 GMT
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront), 1.1 60dc145c687858f10bb3fe6251ad4ffe.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10, FRA60-P9
x-accel-date-max
1722443126
x-amz-server-side-encryption
AES256
age
200
x-77-cache
HIT
x-cache
Hit from cloudfront
x-age
1893
x-accel-date
1722778168
x-77-nzt
EgwB1GY4sQH3ZQcAAAwBnJIhHwH3AQAAAA
x-77-age
1893
last-modified
Wed, 31 Jul 2024 11:31:59 GMT
server
CDN77-Turbo
x-77-nzt-ray
1cb09c0eb6b7044b9d89af66dc4f7133
etag
W/"981232907e900b721f23e80e309bba08"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
7psXXaCcPSC6YVabqg07idcG8NYQKUM9CkpkvQ-QVEGAG1hxbxhmQA==
main.js
www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 6C24
Redirect Chain
  • https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
8 KB
4 KB
Script
General
Full URL
https://www.primeres.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/gbranigan
Protocol
H2
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2da7a62077d9cf1ed26cedc014786af19f83676704a1e8721a937014fe07f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:23 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWJCTdfACtvvA%2Bxus0VN1ay48NbXkPjrHfxDBC8%2BG%2B0LwXD6YH%2F7FzLcvay%2Bz%2Fn1pHhP62jLQiNWGt8Oy9wq%2B%2FwxE5fePKEyFKgR2yrnsEcezeIGJDK4lBzetJsNdPtPTfG%2FWi6FQpEiIfQLhII%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ae85374cd409714-AMS

Redirect headers

date
Mon, 05 Aug 2024 16:57:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwaZHMVJQ8FJtmcQAC2S35l%2Fy%2BJ2fyJCuSoxWlhYMpR7US6UEZhr5gIP6IYAjMPRtk7yC0J%2BU0Nh2zpZpF5zv6wEtLrsAVq5BX9exJgAb832V53necU%2FbYXX39wDIVZT2AQwit0016Cmlgycs4w%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ae85374ad1d9714-AMS
content-length
0
widget_app_base_1722425342139.js
cdn.userway.org/widgetapp/2024-07-31-11-29-02/
154 KB
44 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
26835671b09cb272210697dbfd833cb17492a94f625a659c643465040ba4e3ac

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:24 GMT
via
1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1722443235
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
433809
x-accel-date
1722443235
x-77-nzt
EgwBw7WqEQH3kZ4GAAwBJRPCMQH3bQAAAA
x-accel-expires
@1748363126
x-77-age
433809
last-modified
Wed, 31 Jul 2024 11:31:47 GMT
server
CDN77-Turbo
etag
W/"b10e0cd337ce5a601c01acc55ae16f82"
x-77-nzt-ray
4c156224afffc0447404b166c2370c03
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
wh5SAZsg_byCioHvClzLVGWus2ZnGESPAZB8Dqy7aoO9MEGha_IB-w==
8ae85363894c9714
www.primeres.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6C24
0
639 B
XHR
General
Full URL
https://www.primeres.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ae85363894c9714
Requested by
Host: www.primeres.com
URL: https://www.primeres.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Aug 2024 16:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8ae853755dcf9714-AMS
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrviGI%2FinSvhdVL2fbttSVUdumkpWNAfaLKWRfPEsTrmMY6vWOA%2Fyt%2FihDYj4hMgMLIuh8eCogHnVVgJ49OLZggGTUxej0vfsBD7wlxU8w6Thi4m609SM7i3BeOlOOi2mSmrM2rMrxTo8D4I4Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
5E0vL5lD6Y
api.userway.org/api/tunings/
2 KB
2 KB
XHR
General
Full URL
https://api.userway.org/api/tunings/5E0vL5lD6Y
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:b8a2:a9bc:ee13:efed Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1a4656c16147912574f2db6e0c00e1f6ebf209eb3d60f1f3061a4a22a8138d10

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 05 Aug 2024 16:57:24 GMT
etag
W/"78c-PYupTYTGmuVnWQlo1xG+4cjMr3k"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usrcb79f6d42b75438
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
1932
x-service-version
uw-pr
favicon.ico
www.primeres.com/
15 KB
3 KB
Other
General
Full URL
https://www.primeres.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
122e4cb93b991803fb2dc9b3dac4e39738eeb508574409a7da359be0ec6374b0

Request headers

Referer
https://www.primeres.com/gbranigan
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 May 2023 19:32:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2046443
etag
W/"d3764b9637cd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIsp6%2F8HfxlmZUfQEG2ILFHOoNdvAptfz%2BuljzTOlxdR0aTpsZAD5sDxAnuSNFf0QphRvf%2FAdZ7DTHAuxoT7BwVvjW5pxG3ZdHEKH41nICRUmZCCFtm5J5K0cWiHjajx7O2VFJSzCMKmPMZ4UT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=2678400
cf-ray
8ae85375be569714-AMS
en-US.json
cdn.userway.org/widgetapp/2024-07-31-11-29-02/locales/
607 B
1 KB
XHR
General
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:24 GMT
via
1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1722443242
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
433802
x-accel-date
1722443242
x-77-nzt
EgwBw7WqEQH3ip4GAAwBJRPCNAH3BQAAAA
x-accel-expires
@1748363237
x-77-age
433802
last-modified
Wed, 31 Jul 2024 11:31:46 GMT
server
CDN77-Turbo
etag
W/"971644f50e2020e1ff22e37edcad46f6"
x-77-nzt-ray
4c156224afffc0447404b1667ee2e628
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
SfZd4b3t_SnBoHxoFZBLry-YBpL7O5qTH-LIx8WunCzHsJ1c4zAZ3Q==
remediation_1722425342139.js
cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/
99 KB
28 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/remediation_1722425342139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fa0d663c9e166621bf83e4f905d75cce53bada3c260a641d21636005008936d5

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:25 GMT
via
1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
8
x-amz-server-side-encryption
AES256
x-accel-date-max
1722443237
x-77-cache
HIT
x-cache
HIT
x-age
433808
x-accel-date
1722443237
x-77-nzt
EgwBw7WqEQH3kJ4GAAwBJRPCLgH3pEMAAA
x-accel-expires
@1748345921
x-77-age
433808
last-modified
Wed, 31 Jul 2024 11:31:46 GMT
server
CDN77-Turbo
etag
W/"d7ecd038f6bc817196bcad8e2e0c8541"
x-77-nzt-ray
4c156224afffc0447504b166157a460b
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
39KLi3r2_E-UXAtHlE4kqCW3ZaiHX5egWd2RyD0_kX_f2mr6hAkDeA==
UbggTqd8a65nX07E.json
cdn.userway.org/remediations/consolidated/1430254/
399 KB
49 KB
XHR
General
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/UbggTqd8a65nX07E.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/widget_app_base_1722425342139.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5b39b5567d37bc2a413549d474a7d4754d9d1383219b57739ac81f0dc51557a2

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:25 GMT
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
1
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
MISS
x-accel-date
1722443763
x-77-nzt
EggBw7WqEQFBDAElE8IuAfeCnAYA
x-accel-expires
@1753979763
x-77-age
433282
last-modified
Thu, 11 Jul 2024 18:07:38 GMT
server
CDN77-Turbo
etag
W/"0898e13eef3c155fe2c282fffe798fb5"
x-77-nzt-ray
4c156224afffc0447504b16667e8440b
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
vusSxU2-g-Oz6JwyzDGMSJ__ejrQ2M8fzweJOGZ2NX1KHpSe5zB5zA==
body_wh.svg
cdn.userway.org/widgetapp/images/
4 KB
3 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:25 GMT
via
1.1 b61ff825a3ca0ff851caf7741034ca52.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1722443237
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
433808
x-accel-date
1722443237
x-77-nzt
EgwBw7WqEQH3kJ4GAAwB1GY4EQH3bwAAAA
x-accel-expires
@1748363126
x-77-age
433808
last-modified
Wed, 31 Jul 2024 11:31:48 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
4c156224bc2995717504b166ffc4b70c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
adAbx1kmk1tMHxw5ozpIQPkF3EdaJc0u0UPg3e0DBEV1CeTYnogvdQ==
spin_wh.svg
cdn.userway.org/widgetapp/images/
2 KB
1 KB
Image
General
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:25 GMT
via
1.1 577d8c1d3279d6a0f53cebe01ead8c6e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1722443237
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
433808
x-accel-date
1722443237
x-77-nzt
EgwBw7WqEQH3kJ4GAAwBJRPCNAH3bwAAAA
x-accel-expires
@1748363126
x-77-age
433808
last-modified
Wed, 31 Jul 2024 11:31:48 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
4c156224bc2995717504b166e5ddbb0c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
DVvcmOzpdl8-O0Fzca4VE3BqhVPewRPiGWfd71zMVmbIY9fORZqlRQ==
remediation-tool.js
cdn.userway.org/remediation/2024-07-31-11-29-02/paid/
62 KB
22 KB
Script
General
Full URL
https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a50caa9d7b5c56e653092ef883ed10009368c29a45c51ce6b2949148aaddae31

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:25 GMT
via
1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1722443237
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
433808
x-accel-date
1722443237
x-77-nzt
EgwBw7WqEQH3kJ4GAAwB1GY4EQH3bwAAAA
x-accel-expires
@1748363126
x-77-age
433808
last-modified
Wed, 31 Jul 2024 11:31:56 GMT
server
CDN77-Turbo
etag
W/"0cdc4007a716dd908e23185f49da688a"
x-77-nzt-ray
4c156224afffc0447504b166b810480c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
j1sMHKwHMmXmDhmguGoePI29I3KxNY3wsjMVBPYLgaWoNBiDAO3jpg==
UbggTqd8a65nX07E.json
cdn.userway.org/remediations/consolidated/1430254/
399 KB
0
Fetch
General
Full URL
https://cdn.userway.org/remediations/consolidated/1430254/UbggTqd8a65nX07E.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5b39b5567d37bc2a413549d474a7d4754d9d1383219b57739ac81f0dc51557a2

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:25 GMT
via
1.1 9c8021538470ab47dffa34921d0b4aca.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
1
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
MISS
x-accel-date
1722443763
x-77-nzt
EggBw7WqEQFBDAElE8IuAfeCnAYA
x-accel-expires
@1753979763
x-77-age
433282
last-modified
Thu, 11 Jul 2024 18:07:38 GMT
server
CDN77-Turbo
etag
W/"0898e13eef3c155fe2c282fffe798fb5"
x-77-nzt-ray
4c156224afffc0447504b16667e8440b
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
public, max-age=31536000
vary
Accept-Encoding
x-amz-cf-id
vusSxU2-g-Oz6JwyzDGMSJ__ejrQ2M8fzweJOGZ2NX1KHpSe5zB5zA==
nav_menu_helper_1722425342139.js
cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/
23 KB
7 KB
Script
General
Full URL
https://cdn.userway.org/widgetapp/2024-07-31-11-29-02/remediation/nav_menu_helper_1722425342139.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169npbTSaFuYGlIJ/9f8fe101-4395-453d-9d46-55f37084a316/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255

Request headers

Referer
https://www.primeres.com/
Origin
https://www.primeres.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:26 GMT
via
1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
x-accel-date-max
1722443238
x-amz-server-side-encryption
AES256
x-77-cache
HIT
x-cache
HIT
x-age
433808
x-accel-date
1722443238
x-77-nzt
EgwBw7WqEQH3kJ4GAAwB1GY4EQH3cAAAAA
x-accel-expires
@1748363126
x-77-age
433808
last-modified
Wed, 31 Jul 2024 11:31:46 GMT
server
CDN77-Turbo
etag
W/"d5babf1f477d0f7bf4044b0693b956d9"
x-77-nzt-ray
4c156224afffc0447604b1669f8a530c
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
rdfERYKro4qO2B9Ml52PBdiQDqXp7JgPXhTMLapBxAP6161902bGsg==
alts.json
cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/ Frame
0
0
Preflight
General
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fimages%2Flibrariesprovider475%2Fdefault-album%2Fgeorge-branigan-headshot.jpg%22%2C%22alt%22%3A%22George-Branigan-Headshot%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fgbranigan%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.primeres.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-max-age
3000
cache-control
max-age=604800
date
Mon, 05 Aug 2024 16:57:26 GMT
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
EggB1GY4sQAACAElE8I0AAA
x-77-nzt-ray
1cb09c0ecac084be7604b1666771302f
x-77-pop
frankfurtDE
x-service-version
img-dscr-srv-0cf7bb5a
alts.json
cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/
252 B
712 B
Fetch
General
Full URL
https://cdn77.api.userway.org/api/img-dscr/v2/5E0vL5lD6Y/1430254/jWh39SPs5NOkuRTL/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fimages%2Flibrariesprovider475%2Fdefault-album%2Fgeorge-branigan-headshot.jpg%22%2C%22alt%22%3A%22George-Branigan-Headshot%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22PAID_QUOTA_TIER%22%2C%22pageUrl%22%3A%22https%3A%2F%2Fwww.primeres.com%2Fgbranigan%22%7D
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2b478f608ae4f1ac32e9418abab108d44ec44105ccbd28964a7a4d49b74d9a2a

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-77-pop
frankfurtDE
date
Mon, 05 Aug 2024 16:57:27 GMT
content-encoding
gzip
x-77-cache
MISS
x-cache
MISS
x-service-version
img-dscr-srv-0cf7bb5a
x-77-nzt
EggB1GY4sQFBCAElE8I0AUE
server
CDN77-Turbo
etag
W/"fc-WeuQHVLc9Z8jSAqtHUBPXDWADIA"
x-77-nzt-ray
1cb09c0ecac084be7604b166e31dd638
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=604800
vary
Accept-Encoding
access-control-allow-headers
*
1430254
api.userway.org/api/br-links/v0/contribute/
51 B
429 B
Fetch
General
Full URL
https://api.userway.org/api/br-links/v0/contribute/1430254
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:b8a2:a9bc:ee13:efed Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:27 GMT
etag
W/"33-H+KjAZZBE0PpJIInQTjCoPBRoaQ"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
51
x-service-version
apps-ddb67952
1430254
api.userway.org/api/br-links/v0/links/
340 B
707 B
Fetch
General
Full URL
https://api.userway.org/api/br-links/v0/links/1430254
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/2024-07-31-11-29-02/paid/remediation-tool.js?ts=1722425342139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f14:5db:eb00:b8a2:a9bc:ee13:efed Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
15a767d28dc45cba1cd0c2f8c8076f04f0ecc6de96ee407ec7763dcf0520d5f0

Request headers

Referer
https://www.primeres.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 16:57:27 GMT
etag
W/"154-Cy8rl1xud9WzVP6xnGUy09koRV0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=300, public
vary
Accept-Encoding
access-control-allow-headers
*
content-length
340
x-service-version
apps-ddb67952

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| Osano function| __uspapi function| $ function| jQuery function| gtag object| dataLayer function| hj object| _hjSettings function| onSubmit object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| _typeof object| talonUtil function| getParameterByName function| addParametersToUrl function| addParametersToUrlFromConfig function| paramReplace function| getConfigValue function| addUtmParametersOnLinks function| addUtmParametersFromConfigOnLinks object| litHtmlVersions object| UserWayWidgetApp function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway object| UserWay function| __awaiter function| __generator function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async function| runMenuRemediationScript

5 Cookies

Domain/Path Name / Value
www.primeres.com/ Name: ApplicationGatewayAffinityCORS
Value: 4384ddf579a3af9775766d82fb10918a
www.primeres.com/ Name: ApplicationGatewayAffinity
Value: 4384ddf579a3af9775766d82fb10918a
.www.primeres.com/ Name: ARRAffinity
Value: bca044f3f2a7c22ab74af05e7a624a676b298b912833eb44ae7db863d885fa4a
.www.primeres.com/ Name: ARRAffinitySameSite
Value: bca044f3f2a7c22ab74af05e7a624a676b298b912833eb44ae7db863d885fa4a
.primeres.com/ Name: cf_clearance
Value: Kl_XWnFlL.cuUcPAkWSTnN_yaBsgyCnFcywo9Vlm2Rw-1722877044-1.0.1.1-9IraFxoC3doPwykUDgZj9ajuVgF.FkCmEparoTQY5GN__SNyVUhMNUVHN99sKaxoHRo86FCdv1xZ9IvmXg7MPQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accessibilityserver.org
ajax.googleapis.com
api.userway.org
cdn.userway.org
cdn77.api.userway.org
cdnjs.cloudflare.com
cmp.osano.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
www.georgebranigan.com
www.google.com
www.googletagmanager.com
www.primeres.com
13.33.187.40
15.197.225.128
2600:1f14:5db:eb00:b8a2:a9bc:ee13:efed
2600:9000:2449:9600:3:b7e:8940:93a1
2606:4700:20::681a:7f1
2606:4700::6811:190e
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2008
2a02:6ea0:c700::19
2a02:6ea0:c700::21
2a04:4e42:200::644
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
122e4cb93b991803fb2dc9b3dac4e39738eeb508574409a7da359be0ec6374b0
15a767d28dc45cba1cd0c2f8c8076f04f0ecc6de96ee407ec7763dcf0520d5f0
1a4656c16147912574f2db6e0c00e1f6ebf209eb3d60f1f3061a4a22a8138d10
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
221d55c08e2763b2759f58f7224bf3ef60951851393f1d68533089fdb29edc9b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26835671b09cb272210697dbfd833cb17492a94f625a659c643465040ba4e3ac
278941e3db0ce75a5270d1efe562131453a2394b021de7e35dabecb2405636f2
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b478f608ae4f1ac32e9418abab108d44ec44105ccbd28964a7a4d49b74d9a2a
2c5581746eabab90e67779987d5d9696811fc377604e490fbd3457898d26dfa8
36073aa5b4384448b2c162f08124cc5cf1629bf425af43f21340667fc3a0b93e
3b616977793b2e6a5bfcf5a9b4a057501f8411543909c0de082bee347f911f72
40d8d3d6faec7e08d72c9440ec423aaa09d1b2adca313b082e35cf080ad5b4dc
48eef7fe61a3e2c7c88ac1c6a263bd851b6a05363607e52fd2be4e4472d42255
5b39b5567d37bc2a413549d474a7d4754d9d1383219b57739ac81f0dc51557a2
630f3d6f8dc680a104f56ecb03f209d9d1ccab924249ac43b716d00a4a70a838
669070c1ba2addb9a3602cb7b58a58685d1192f665928a9ed34f4b66a1fbc079
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
84db9cfb2c723edcb60b031cb2864d049110ebd06e33ce5a59d6d51587285643
8b090e95cbef8ca47a3656f83c1c81574c2b949cc4de43c837af9bdc67946777
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a371978536745668f9c16dcbdbf0d5ca436d146906664dcc0529f16d70567fdf
a50caa9d7b5c56e653092ef883ed10009368c29a45c51ce6b2949148aaddae31
a5549733fc41e506ed188c8f568f6ae62ead945f206e7fd3c15128b993f90c71
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b8430873e24e9554a14cd72b2f424ac5be80f8c6f72853b0e89165338f7ce92a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c8742f54c6d913265c3298adef20813a397c23d90b06bcaaaeac529193e8940e
cda66aaac66c47585d9917fcf9e6c0f28322715caf35b94e0f8224ab629182c4
dddbd475c09556503fb6d413a19c12217b8c33ce68bd5711359c9d47291f14cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5322c8709f5e2ee6da55b3427bf88893cfc8a3f4723ee7a86c8a9de3c327d21
e5e7078da063e0a04a0021b018d637abf4a091190e604b3e858ae406d8316d83
f2da7a62077d9cf1ed26cedc014786af19f83676704a1e8721a937014fe07f9e
f61df1f1f30082d6ca1072c900157805b81556305b529da4c39be88a60def1ac
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa0d663c9e166621bf83e4f905d75cce53bada3c260a641d21636005008936d5
fe18f9e640c36932fe2c7cbe6ea7cc0713e37ade78be39d6c994665a67947a51