Submitted URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6...
Effective URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoG...
Submission: On December 19 via manual from ES — Scanned from ES

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 69 HTTP transactions. The main IP is 69.172.200.220, located in Canada and belongs to DOSARREST, US. The main domain is getprimalflow.com.
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.
This is the only time getprimalflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 18.246.203.151 16509 (AMAZON-02)
20 69.172.200.220 19324 (DOSARREST)
1 34.217.168.56 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 67.227.198.234 32244 (LIQUIDWEB)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.173.233.111 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
15 151.101.1.91 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
3 107.178.211.97 15169 (GOOGLE)
7 35.190.27.197 15169 (GOOGLE)
2 2600:1901:0:d... 15169 (GOOGLE)
69 16
Apex Domain
Subdomains
Transfer
20 getprimalflow.com
getprimalflow.com
664 KB
18 vidalytics.com
quick.vidalytics.com — Cisco Umbrella Rank: 257586
stats.vidalytics.com — Cisco Umbrella Rank: 164190
4 MB
9 bitmovin.com
analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 27146
licensing.bitmovin.com — Cisco Umbrella Rank: 8818
1 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
153 KB
4 cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 185888
64 KB
3 lizswannmiller.com
lizswannmiller.com
7 KB
3 clickbank.net
hop.clickbank.net — Cisco Umbrella Rank: 130456
jem212-primalflow.hop.clickbank.net
cbtb.clickbank.net — Cisco Umbrella Rank: 177506
3 KB
3 ru.com
www.dofast.ru.com
35 KB
1 bbb.org
seal-boise.bbb.org — Cisco Umbrella Rank: 174747
5 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 15570
890 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
980 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
69 13
Domain Requested by
20 getprimalflow.com getprimalflow.com
15 quick.vidalytics.com getprimalflow.com
quick.vidalytics.com
www.dofast.ru.com
7 analytics-ingress-global.bitmovin.com www.dofast.ru.com
5 cdn.jsdelivr.net getprimalflow.com
cdn.jsdelivr.net
4 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
getprimalflow.com
3 stats.vidalytics.com www.dofast.ru.com
3 lizswannmiller.com getprimalflow.com
cdn.jsdelivr.net
3 www.dofast.ru.com www.dofast.ru.com
2 licensing.bitmovin.com www.dofast.ru.com
1 seal-boise.bbb.org getprimalflow.com
1 fonts.gstatic.com fonts.googleapis.com
1 ipapi.co cdn.jsdelivr.net
1 fonts.googleapis.com getprimalflow.com
1 cbtb.clickbank.net getprimalflow.com
1 jem212-primalflow.hop.clickbank.net 1 redirects
1 hop.clickbank.net 1 redirects
1 www.googletagmanager.com www.dofast.ru.com
69 17

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
vidalytics.com
primalflow.pay.clickbank.net
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
irolliemarketing.com
R3
2023-12-08 -
2024-03-07
3 months crt.sh
*.clickbank.net
Amazon RSA 2048 M01
2023-02-07 -
2024-03-08
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
mail.lizswannmiller.com
R3
2023-10-25 -
2024-01-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.cbstatic.net
Amazon RSA 2048 M02
2023-07-19 -
2024-08-16
a year crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA
2023-11-14 -
2024-12-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-26 -
2024-04-25
a year crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2
2023-05-08 -
2024-06-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Frame ID: 8A7BD30D51EE1AA41B79970D951EF8D8
Requests: 72 HTTP requests in this frame

Screenshot

Page Title

Discovery

Page URL History Show full URLs

  1. http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X... Page URL
  2. http://www.dofast.ru.com/offer.php?id=7&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2... Page URL
  3. http://hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028916&sid=1028916&h=N1-S3IauuZQbGI... HTTP 307
    https://jem212-primalflow.hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028916&sid=1028916&h=N1-S3IauuZQbGI... HTTP 307
    https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3Iauu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

69
Requests

94 %
HTTPS

50 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

4810 kB
Transfer

6969 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H Page URL
  2. http://www.dofast.ru.com/offer.php?id=7&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H Page URL
  3. http://hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028916&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H HTTP 307
    https://jem212-primalflow.hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028916&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H HTTP 307
    https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/
1 KB
1 KB
Document
General
Full URL
http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:ab2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
578981a7809ac96a90e27f51eb3a82864381918f903006c4bafbc25354816597

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
837e0cc44d611a7b-MAD
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Dec 2023 07:49:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npFnWlZM%2F3Z391bG9azb8vjd8RHMo4W4DUTF9rhLcQ6J5X5wQlrizbt9EVhuVZuaEbRsyNoNQx7Rj8jau79fmP83PCroys7WGOAjHwHe7FiVLrxkSgw%2Fq6qm%2FSq2Q3OZT3udZEqIFQgyNaq2e6KZCA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
jquery-1.11.0.min.js
www.dofast.ru.com/
94 KB
33 KB
Script
General
Full URL
http://www.dofast.ru.com/jquery-1.11.0.min.js
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:ab2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 07:49:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2015
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Last-Modified
Sat, 05 Aug 2023 00:37:57 GMT
Server
cloudflare
ETag
W/"64cd99e5-1787d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82ZqNyr%2BzbJW9hoXVcipB9sd03bY303cpCxHl6Nf7olp4x1xtG0eX1v0r8FkLITmsKEY6tb8uVCsbffak5pS4tm7cLOlBXKh%2FVw%2F5jJINNlTR3yMruQ3wbOb0P3VCnvaPWBqTDTfqGvjwtiLFVqC9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
837e0cc6488a1a7b-MAD
js
www.googletagmanager.com/gtag/
53 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
http://www.dofast.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69040
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Dec 2023 07:49:36 GMT
offer.php
www.dofast.ru.com/
377 B
944 B
Document
General
Full URL
http://www.dofast.ru.com/offer.php?id=7&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:ab2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2e89efe70fc311e0866f1f5735df23cc47edc414eec72b591b23b282ad3595

Request headers

Referer
http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
837e0cc699231a7b-MAD
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Dec 2023 07:49:36 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Own4Ow%2B0bR%2FUSI6H%2F%2BCU%2Bi7ETlSl1vTMKCPO13ZVQx7cZ%2FtljGUENW4FygAmzokcANoxR6G%2FLZf3IGsH9N1VtkZOJN0MA0mEv9xwjmglmy3xm5jgg405Wulxv3eY2cp1zsj%2BBK1gQ9ArgY44hFpC0A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
Primary Request discovery
getprimalflow.com/
Redirect Chain
  • http://hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028916&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
  • https://jem212-primalflow.hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028916&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUq...
  • https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkd...
77 KB
19 KB
Document
General
Full URL
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
336da2ec17bfcfe41d933276eeab56479d4338d2b897a3f0801d79de69adbf8e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;

Request headers

Referer
http://www.dofast.ru.com/offer.php?id=7&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;
content-type
text/html; charset=utf-8
date
Tue, 19 Dec 2023 07:49:38 GMT
server
DOSarrest
vary
Accept-Encoding
x-dis-request-id
f80ae99b5bfb04a824de10423d2387fb

Redirect headers

accept-ch
Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Model, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Arch
access-control-expose-headers
Server-Timing
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 19 Dec 2023 07:49:37 GMT
expires
0
location
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
pragma
no-cache
referrer-policy
no-referrer
server-timing
traceparent;desc="00-d317a0fcaf5e4c24f0bb908ad353188d-f189b4f4b0a90621-01"
strict-transport-security
max-age=0 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1 ; mode=block
/
cbtb.clickbank.net/
934 B
1 KB
Script
General
Full URL
https://cbtb.clickbank.net/?vendor=edelixir
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.168.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-168-56.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f426ae11da854d43ee97f2437e23127c179d478bac0e75e4fff8f3b208e4ef3d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
cache-control
max-age=900
server
Apache
content-length
934
content-type
text/javascript;charset=UTF-8
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/
85 KB
31 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2562203
x-jsd-version
3.2.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230122-FRA, cache-mad2200086-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCecp2wjAHNw1MgoJrzgbBKTy5ypiVjog0Lm2dQBYuuPsV1FCZf8BNLfr9kxQWg5zZn8s69uzVILXPR1NlG0isOxB316UNVcpWD5uhcHxQvQ23S2a4gBmpL%2FfxBK7M4ZwvRFMZgmVIW1WD0%2F590%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
837e0cd47d455e22-MAD
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/css/
150 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/css/bootstrap.min.css
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
381804
x-jsd-version
4.2.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220099-FRA, cache-lga21926-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2565e-Oum7DnkpSJq9I3Nq6JKTnI/phkU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIA%2FrW2JND41rX%2BdYzA2QYbhzJc1Bc59YxkpSPpjkA9PlDYiTtv1clr0K9pSiXGZUXUpGyvapDiJk3cc%2B5i8vHl9z1a5FyWUagc%2B192aAzrOBMLiAKF9Yahia3E%2BPvLNxgqDVzq357lPUG1U0iw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
837e0cd47d3e5e22-MAD
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/
54 KB
15 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
341552
x-jsd-version
4.2.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220047-FRA, cache-lga21929-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"d9df-3pCMntGE1061Jfp6MESbZ/w6HBQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvHGS7DXMaXdPqG1LVmOYtJjT4thMoCiE%2FdZ3aYSfsY1fSmD6OcCrWehf6nZLty%2BK9UX8c0o7Peqjo2fCboaK33cZ3xufKZlngj7dDGd4VD29vmaGBHzgvgtuenK9nVRD1iZlv85OAQ5cnB%2BCAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
837e0cd47d475e22-MAD
style.css
getprimalflow.com/
11 KB
3 KB
Stylesheet
General
Full URL
https://getprimalflow.com/style.css
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
0e79c5510cf7bac65f365b18b38911ae3293d57e11ee88c0e8f82eb74d9ac579

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:03:36 GMT
server
DOSarrest
etag
W/"6375f8e8-2adc"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
x-dis-request-id
60cdaee026ab55533f94eb80fdd3ce33
font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1572703
x-jsd-version
4.7.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220042-FRA, cache-mad2200102-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUO1iMTbgC8exUK7qcjjhpqDqwo9931D2%2FKaVnxKICu9O8i7TjuG0OfIzmVdp%2F1VQEC%2FH6LuCE0u7odnoL1t5Pgq%2BH8IG2Mp4kVCt9OTrz2O0bVMpPBujJEOEDUsOo4g%2FwnW6H7b732yqm3HThk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
837e0cd47d425e22-MAD
social-proof.js
lizswannmiller.com/social-proof/
2 KB
3 KB
Script
General
Full URL
https://lizswannmiller.com/social-proof/social-proof.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.198.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.redsmoothiedetoxfactor.com
Software
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
fac5133f08500f224d6d1fe1d87cb2eb9fd9629b304a658e5f319413123c6b3e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 07:49:39 GMT
Last-Modified
Fri, 05 Jun 2020 12:28:53 GMT
Server
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9
ETag
"16032f-933-5a75567730ff0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2355
css
fonts.googleapis.com/
2 KB
980 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Dec 2023 07:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 06:43:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Dec 2023 07:49:38 GMT
Primal-Flow_06.webp
getprimalflow.com/images/
28 KB
29 KB
Image
General
Full URL
https://getprimalflow.com/images/Primal-Flow_06.webp
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
23ac89ef70bf0d17be980a75c8cbe50b0a77c9f00900eafc5508cc9dfae39a4e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 14 Sep 2023 04:54:08 GMT
server
DOSarrest
etag
"650291f0-70f6"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
28918
x-dis-request-id
c8dbe67ad23e374f4895eab8ca229df6
best_value.png
getprimalflow.com/images/primal-flow/
10 KB
10 KB
Image
General
Full URL
https://getprimalflow.com/images/primal-flow/best_value.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
839e08dd077b29cdcff873ce9d21d070e3e1178f043a09b21fa2d2a82c0ed7e5

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:38 GMT
last-modified
Thu, 04 Mar 2021 12:32:04 GMT
server
DOSarrest
etag
"6040d344-27fb"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10235
x-dis-request-id
c95b037e4974dd6706e1209fda50b774
atc-1.png
getprimalflow.com/images/
7 KB
7 KB
Image
General
Full URL
https://getprimalflow.com/images/atc-1.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
8391079e9917034c6ed2cbc2d8fea76882b9d537738567db83f3c9b92e96e72d

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:38 GMT
last-modified
Tue, 02 Mar 2021 12:31:50 GMT
server
DOSarrest
etag
"603e3036-1b88"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7048
x-dis-request-id
2a8781c27eeb4c104f81677f4bb7fbb2
payment-icons.png
getprimalflow.com/images/prima-power/
4 KB
4 KB
Image
General
Full URL
https://getprimalflow.com/images/prima-power/payment-icons.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
7a9bb60c6e2c926f9d1277648f551538a2df88eaf83342b293074cd3ac9c1fc2

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:38 GMT
last-modified
Thu, 27 May 2021 05:27:08 GMT
server
DOSarrest
etag
"60af2dac-e56"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3670
x-dis-request-id
d00d3cc772a148bebe7d984ba1b00cc1
Primal-Flow_03.webp
getprimalflow.com/images/
26 KB
26 KB
Image
General
Full URL
https://getprimalflow.com/images/Primal-Flow_03.webp
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
6022f98819fb4ef5388a053b10b9f6374125af06188c0e1b01375feb08107357

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 14 Sep 2023 04:54:08 GMT
server
DOSarrest
etag
"650291f0-6864"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
26724
x-dis-request-id
ac25fea5b59543a92f26a4945674f41a
most_popular.png
getprimalflow.com/images/primal-flow/
11 KB
11 KB
Image
General
Full URL
https://getprimalflow.com/images/primal-flow/most_popular.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
59abb56c718b009335e1e2556c998e72ead7b8dd3a58ed9a26550376dde0f324

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 04 Mar 2021 12:32:04 GMT
server
DOSarrest
etag
"6040d344-2b8f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11151
x-dis-request-id
6f97a6fff4f0fa5e4ceab003904c41db
Primal-Flow_01.webp
getprimalflow.com/images/
11 KB
11 KB
Image
General
Full URL
https://getprimalflow.com/images/Primal-Flow_01.webp
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
d93cc0e0616a3440691e050a2fa771342d94ebfacc3b8858e09eb3ab400a06bc

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 14 Sep 2023 04:54:08 GMT
server
DOSarrest
etag
"650291f0-2b66"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11110
x-dis-request-id
708b989e2ab6b39b4904212416d0aad3
MBG.png
getprimalflow.com/images/
39 KB
39 KB
Image
General
Full URL
https://getprimalflow.com/images/MBG.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
1e384ca6d3d8d8279995ca77c3e3f8fd13106b0839fdae795e5b5b8b9ae52e2e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Wed, 24 Feb 2021 04:44:39 GMT
server
DOSarrest
etag
"6035d9b7-9bce"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
39886
x-dis-request-id
0d3f3690852f43411d3e577a49866107
jonathan.png
getprimalflow.com/images/
68 KB
68 KB
Image
General
Full URL
https://getprimalflow.com/images/jonathan.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
322edf2cf8791e8dbbc9b049ac302de21328e9933b27b7d8d4ba17646eb778eb

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-11055"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
69717
x-dis-request-id
08d52946773d5ab6a5fa937838aac4c8
mark.png
getprimalflow.com/images/
53 KB
53 KB
Image
General
Full URL
https://getprimalflow.com/images/mark.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
2ec855ca04e845f8224a48b7980e5909edfbfa3ffb06c3e70d8b3fd3a172907f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-d303"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
54019
x-dis-request-id
d3dae3ddc24b38501c61e1dc5ca95cdf
chris.png
getprimalflow.com/images/
53 KB
53 KB
Image
General
Full URL
https://getprimalflow.com/images/chris.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
9d3901c6ab8122bfc1c077ec15bff1af594c1b306e7bfd68c5a630b698cfd7bd

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-d227"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
53799
x-dis-request-id
823203aa3094681bee5e93c65d2d9044
willie.png
getprimalflow.com/images/
49 KB
50 KB
Image
General
Full URL
https://getprimalflow.com/images/willie.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
0438c71e63bd9000f499d9d3291ba7c3af0dbaf4294cb1cfb5f50351f2680629

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-c4cc"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
50380
x-dis-request-id
1a228e91bc753f9da01adfd61580e17f
visits
getprimalflow.com/api/
556 B
555 B
Script
General
Full URL
https://getprimalflow.com/api/visits?page_id=6&page_version=&request_id=4621FD81%3A9246_D197C0D8%3A01BB_65814B12_2E5EA2%3A3A94FC&querystring=hopId%3D9388705e-c447-487a-96e2-dc7bb123fdf1%26sid%3D1028916%26h%3DN1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE%2F-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H&fbclid=&fbp=&fbc=&referrer=
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
d187a25d21626bb537ac2078f4454970542d661bb410b14f3eacbfb2fea6b8fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Tue, 19 Dec 2023 07:49:39 GMT
content-security-policy
frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;
content-encoding
gzip
server
DOSarrest
vary
Accept-Encoding
x-dis-request-id
91fa84ef5cc965fb2da9ef94d54bd2cf
index.js
lizswannmiller.com/social-proof/common/
4 KB
4 KB
Script
General
Full URL
https://lizswannmiller.com/social-proof/common/index.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.198.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.redsmoothiedetoxfactor.com
Software
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
9e2a69a9f29016b5be2159209e346191fc12ce7db358e41b284a1c538b425ba1

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Tue, 19 Dec 2023 07:49:39 GMT
Last-Modified
Wed, 22 Feb 2023 11:00:27 GMT
Server
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9
ETag
"21cec0-e87-5f547cdcd6f08"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3719
bounceback.min.js
getprimalflow.com/js/
3 KB
2 KB
Script
General
Full URL
https://getprimalflow.com/js/bounceback.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 04:07:14 GMT
server
DOSarrest
etag
W/"6035d0f2-b20"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
x-dis-request-id
53dda65096dcef35ea60b55ab78673e5
disable-right-click.js
getprimalflow.com/js/
64 B
352 B
Script
General
Full URL
https://getprimalflow.com/js/disable-right-click.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
c8b059bf27bec7d51a8695eaebc73563914dca74c9a2ded19b04634bb85470cc

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Wed, 24 Feb 2021 04:07:15 GMT
server
DOSarrest
etag
"6035d0f3-40"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
64
x-dis-request-id
3e6913dd05370b6d48a4de4751af8b49
injectable.js
prod.cbstatic.net/dist/
187 KB
56 KB
Script
General
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=edelixir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:46:46 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 4b204087b0bf47138f08161893f143c2.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
age
3774
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
wB32C8LbgCvB8mlvR5m25MD94QuduzANUQ5JgaHNPWr8NlQ_oXtl3w==
/
ipapi.co/json/
750 B
890 B
XHR
General
Full URL
https://ipapi.co/json/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0dbfebbf17e9e56f08c8a27dd82e0b6aa5cd9ec7875eb94190fbff48abcc56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, origin
allow
OPTIONS, HEAD, OPTIONS, GET, POST
content-type
application/json
access-control-allow-origin
https://getprimalflow.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvkGyQXDtDdQCvtBfBkfc7yZijOWIaGeJ85r%2BqpsjSt7Kedo1hY%2BgzympsjC2pVZiWBv%2FBHZfilVSLk%2Fxs0h6Bc6XgJQ7%2FYoRmCFPD%2FP%2BmHfY2w6g%2FROCAuWR%2FRFkjaCcRCO9DKS"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
837e0cd8aa201bb4-MAD
loader.min.js
quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/
42 KB
11 KB
Script
General
Full URL
https://quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/loader.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
87d3eb2b91b8017b7d57320fe7e4f202bf6fea59903aa9be7b7cb8ed44d62bbb

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
x-envoy-decorator-operation
vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via
1.1 google, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-cdn
5
age
143
x-cache
HIT, MISS
x-envoy-upstream-service-time
42
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10597
x-served-by
cache-dfw-kdal2120114-DFW, cache-mad2200091-MAD
server
istio-envoy
x-timer
S1702972179.337439,VS0,VE378
vary
Accept-Encoding
x-cdn-site
c5-prod
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=60, s-maxage=600
x-lb-backend
api-prod
x-lb-cache
disabled
accept-ranges
bytes
x-cache-hits
2, 0
icon-man.png
getprimalflow.com/images/
5 KB
5 KB
Image
General
Full URL
https://getprimalflow.com/images/icon-man.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
c92f673bfa45a5b598c4eede6e19da2da70d407849dbf3bed8fdaf7a681eaede

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Wed, 24 Feb 2021 04:44:37 GMT
server
DOSarrest
etag
"6035d9b5-1402"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
5122
x-dis-request-id
4fe3c4d9042c237eec7c6da5f3e01395
WorkSans-SemiBold.ttf
getprimalflow.com/fonts/
139 KB
140 KB
Font
General
Full URL
https://getprimalflow.com/fonts/WorkSans-SemiBold.ttf
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
22e10fe34441064aa9f299fa998528c5fa9b139ad8febc19721970d5c41089b6

Request headers

Referer
https://getprimalflow.com/style.css
Origin
https://getprimalflow.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Wed, 24 Feb 2021 04:31:29 GMT
server
DOSarrest
etag
"6035d6a1-22cd4"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
142548
x-dis-request-id
ede3f66a21a00c407af934d6f0fb73e0
WorkSans-Regular.ttf
getprimalflow.com/fonts/
133 KB
133 KB
Font
General
Full URL
https://getprimalflow.com/fonts/WorkSans-Regular.ttf
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
4e8b90b2380c6f73922e90ac611f7d79ed0ace91bbcd5fc73ea6f3b6d7cb3441

Request headers

Referer
https://getprimalflow.com/style.css
Origin
https://getprimalflow.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Tue, 19 Dec 2023 07:49:39 GMT
last-modified
Wed, 24 Feb 2021 04:31:29 GMT
server
DOSarrest
etag
"6035d6a1-21294"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
135828
x-dis-request-id
afbe12df96ab27870677009ae9b7c2a6
fontawesome-webfont.woff2
cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Origin
https://getprimalflow.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1827622
x-jsd-version
4.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
x-served-by
cache-fra-etou8220046-FRA, cache-mad22047-MAD
x-jsd-version-type
version
server
cloudflare
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfBIsJOf085v3e6AslnlFB7xybg4yzD%2BE4TXXTgclWJZxSFm2etFMDsTS4R1hN4KgSdvweYFPS5sZaZA4XbS36CcXzjc7HwII2wUiusOZznqvpnOW%2FQLb2LRXrnnQ5Gy2Fv%2BqkQwyHXyF9q%2BrXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
837e0cd87b27215c-MAD
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getprimalflow.com
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 17:38:07 GMT
x-content-type-options
nosniff
age
51092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Dec 2024 17:38:07 GMT
recordVisit.php
lizswannmiller.com/social-proof/
7 B
310 B
XHR
General
Full URL
https://lizswannmiller.com/social-proof/recordVisit.php?locationInfo=Madrid,%20Madrid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.198.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.redsmoothiedetoxfactor.com
Software
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Accept
*/*
Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Dec 2023 07:49:40 GMT
Server
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
player-dash-mse.min.js
quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/
2 MB
605 KB
XHR
General
Full URL
https://quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/player-dash-mse.min.js?hash=imujwqqom
Requested by
Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/loader.min.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
aa4030bb0559a5f6b6505f7d3961cf04e238d16f9d7135cba891dd7ed62e9cf7

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 12 Jan 2024 13:37:46 GMT
date
Tue, 19 Dec 2023 07:49:39 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
497513
x-guploader-uploadid
ABPtcPq95KqL0_pCWyxE7ty69LetV7qIt_9-OP7J4tO6OmMnw5PGsEZxipmXjXd72WngoxUtNLpa3L3pvWuTE_0LtmetlA
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
618768
x-served-by
cache-dfw-kdal2120073-DFW, cache-mad2200130-MAD
last-modified
Wed, 13 Dec 2023 13:19:01 GMT
server
UploadServer
x-timer
S1702972180.791277,VS0,VE3
etag
"c76ec16ffc70df63ff87edd0badaa06a"
vary
Accept-Encoding
x-goog-generation
1702473541468005
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=M3UX0w==, md5=x27Bb/xw32P/h+3Qutqgag==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=300, s-maxage=2592000
x-cdn-site
c5-prod
x-goog-stored-content-length
618768
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
88, 1
app-strings-en.json
prod.cbstatic.net/dist/i18n/
9 B
444 B
XHR
General
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:46:47 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 04e9e9d9b90b8bb096dac156f847c1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P3
age
3773
x-cache
Hit from cloudfront
content-length
9
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin
x-amz-cf-id
5n6wQZNWVQz2fy4PfuEK5oS_tiBjHsEmm2jvcNy--GJmTQqhVt0CNA==
logo-header-white-en.png
prod.cbstatic.net/dist/assets/
3 KB
3 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-white-en.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:46:47 GMT
x-amz-version-id
MDOIjhR_M6jNbjX8RkIPq2C7ONOX6nUv
via
1.1 4b204087b0bf47138f08161893f143c2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P3
age
3773
etag
"c5cd3bf3708ca18dc29907bca5361917"
x-cache
Hit from cloudfront
content-type
image/png
content-length
3010
x-amz-cf-id
WNOb4J8GYGuxbHpsuDB4hOSNdauTejFzJgLDANYCIAj91tB-AanGkg==
logo-tab-white-en.png
prod.cbstatic.net/dist/assets/
4 KB
4 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-white-en.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.233.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-233-111.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:46:47 GMT
x-amz-version-id
cNeRH7m7.WywkvAuxfTwU5dXD8BBTjq_
via
1.1 4b204087b0bf47138f08161893f143c2.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P3
age
3773
etag
"dc81e32fb5cefc7eb584522b0e2b6c2f"
x-cache
Hit from cloudfront
content-type
image/png
content-length
3779
x-amz-cf-id
hedQgKZEBTHeDtsI6MIGwhv2sUL1HVF1ViwwAltrb0SdLwhGJwc_bw==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/
4 KB
5 KB
Image
General
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=9388705e-c447-487a-96e2-dc7bb123fdf1&sid=1028916&h=N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash
55a8931783756b21f6c7db8edfc02d275a5aea009a5d8df7c792ff1f2f00085b

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
last-modified
Fri, 08 Dec 2023 21:34:58 GMT
server
keycdn
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4378
expires
Tue, 19 Dec 2023 11:49:40 GMT
awesome-log
stats.vidalytics.com/
43 B
414 B
XHR
General
Full URL
https://stats.vidalytics.com/awesome-log?cid=sBLUNzmU
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
server
istio-envoy
etag
"sBLUNzmU/U4ojIKfo7Ss6Gt2Q"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://getprimalflow.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
licensing
analytics-ingress-global.bitmovin.com/
117 B
369 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
licensing
licensing.bitmovin.com/
165 B
442 B
XHR
General
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
165
stream.mpd
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/
5 KB
5 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/stream.mpd
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
30176d6a5c73969fc90b6716bddabc60487fe47b6c881b237b044098ea2c5270

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 26 Oct 2024 10:58:55 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
4135845
x-guploader-uploadid
ABPtcPoKLmZ2O51J5AVYqAq1eldv-oto0ZO44bLOeAjd4yMTviax-W28o5cjSAA0mZ2W7PAhh0uWhcota99NnlaL1iRJeY-z5_7e
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:41:39.658Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357699556573
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4688
x-served-by
cache-dfw-kdal2120142-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:13 GMT
server
UploadServer
x-timer
S1702972180.129643,VS0,VE1
etag
"1acd3a2edc262a5958121b2c00ddbcf8"
x-goog-generation
1689244393624777
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-hash
crc32c=eQUKjw==, md5=Gs06LtwmKllYEhssAN28+A==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
4688
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
81, 1
truncated
/
696 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0ab1e741a49924be5242bb1451f9c1da06817437c6750153e5bff05b3679330

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0af9203a315291a4338f54e3ff814aeabac6a52b92392834384933246412754

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a800b458d39f5c08e2be481a84d1f45a94d1e230c4fc35df35f4ffb0ffe6d6a2

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
init.mp4
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/480x270_h264_157500/
674 B
2 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/480x270_h264_157500/init.mp4
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
814c15882c153ba64faa6f47e3e146b101263c93dfdcedc36e5d4c70e240c224

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 06 Sep 2024 20:32:22 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
322117
x-guploader-uploadid
ADPycdvI3xO4HUXYHcIqr9EsFbn08XHKR_5yj6JpHpK3Ixu1CEqP_8Dobth3oyj3VQmFEUxPHidu2Ui8UuvHDloiZrSdZg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:31.411Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357391331761
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
674
x-served-by
cache-dfw-kdfw8210047-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:39 GMT
server
UploadServer
x-timer
S1702972180.191815,VS0,VE2
etag
"ac03a4275a57afef601c90694e3a660d"
x-goog-generation
1689244419416594
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=4JcGag==, md5=rAOkJ1pXr+9gHJBpTjpmDQ==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
674
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
22, 1
init.mp4
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
606 B
1 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/init.mp4
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 29 Nov 2024 14:22:01 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1186058
x-guploader-uploadid
ABPtcPpMYj4u2LEAbof1KOm7HprElka7PhcsjV8sZpS4it229JZfl-CdOJBZFuxVx5h_WuJx8kaEO6XQZJz0EZsP22EXQq60_s62
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.048Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357420966095
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
606
x-served-by
cache-dfw-kdal2120105-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:34:00 GMT
server
UploadServer
x-timer
S1702972180.191798,VS0,VE1
etag
"af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation
1689244440703751
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
606
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
94, 1
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
s_0.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/480x270_h264_157500/
78 KB
78 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/480x270_h264_157500/s_0.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d826fecf23591bf7a009e5baa3e85dfd4c25c81fea49fee2e98c22e229c4b8d8

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Nov 2024 17:27:46 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1693313
x-guploader-uploadid
ABPtcPoPfMxDyGIejggT49uTffJeBNW_AfQG3frT4XxWy5DznPgebEdBYdu2bSYUnNGE6_8E_zrl_l24w_DK0DO7gwFwbieWm_Vy
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:31.585Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357391504853
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
79363
x-served-by
cache-dfw-kdal2120120-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:32 GMT
server
UploadServer
x-timer
S1702972180.443375,VS0,VE2
etag
"c3529b73acade46cd173bd3cbe1e630c"
x-goog-generation
1689244412993182
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=BQyzdg==, md5=w1Kbc6yt5GzRc708vh5jDA==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
79363
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
75, 1
s_0.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
47 KB
48 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/s_0.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
575d87c9d32652bac21eda5a51da4712ecce24709875b0db7fe5d1877ca8cd66

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Nov 2024 03:45:45 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1829035
x-guploader-uploadid
ABPtcPqzn6sKfm1_qvWfNpxSj8JfBARoxeE6haR7wfSj_JkM0M2tMBHZWfp0f513gIo2S1WMRBkX8VTgv9QjzLpUKWsMQIXUZVur
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.166Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357421086975
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
48036
x-served-by
cache-dfw-kdfw8210169-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:34:05 GMT
server
UploadServer
x-timer
S1702972180.443365,VS0,VE1
etag
"18b095d4ba1f9eb51a3005c1ac2f0ea2"
x-goog-generation
1689244445012153
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=PkwOXQ==, md5=GLCV1LofnrUaMAXBrC8Oog==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
48036
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
25, 1
s_1.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
46 KB
47 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/s_1.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
119681f715bad9417cf21956190fd124b2b21c09739040af6837775419485a81

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 08 Nov 2024 15:11:47 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
2997473
x-guploader-uploadid
ABPtcPrG3rfm8WJI-gV7ofjAP6V39fiFNcoQsOUmutHe76d8d4D9wZWUUo7Xxee5Ep7q4WJ5CtuttM3Md9AcKJuRbCqUnGO-Hhl_
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.184Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357421106620
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47591
x-served-by
cache-dfw-kdal2120074-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:34:04 GMT
server
UploadServer
x-timer
S1702972180.496342,VS0,VE1
etag
"338baa3f870960b218b635d644ca4d71"
x-goog-generation
1689244444358194
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=kO3eIQ==, md5=M4uqP4cJYLIYtjXWRMpNcQ==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
47591
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
155, 1
impression
licensing.bitmovin.com/
0
41 B
XHR
General
Full URL
https://licensing.bitmovin.com/impression
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
init.mp4
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/
674 B
2 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/init.mp4
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
90dfd678da8c1a0246126d241d1b379c6f746387edd64bf48fccb5fc4283d880

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 23 Nov 2024 17:40:10 GMT
date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1692570
x-guploader-uploadid
ABPtcPri23s-6YHz8rQG09r7MewODmVDugouLGtynXiv05vctRaXOKsuEFldnRVjthdAO1HeYYJufXH7m3WH3a8ZKsJY1LqSou5d
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:33.725Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357393627604
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
674
x-served-by
cache-dfw-kdal2120120-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:41 GMT
server
UploadServer
x-timer
S1702972181.534639,VS0,VE1
etag
"11d4d28c8bfaba585b781d1ff6d4c00b"
x-goog-generation
1689244421442356
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=O7PWFA==, md5=EdTSjIv6ulhbeB0f9tTACw==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
674
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
19, 1
scribe
stats.vidalytics.com/
16 B
81 B
XHR
General
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://getprimalflow.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
2
content-length
16
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:39 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
scribe
stats.vidalytics.com/
16 B
59 B
XHR
General
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://getprimalflow.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Dec 2023 07:49:40 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://getprimalflow.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
1
content-length
16
s_1.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/
982 KB
983 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/s_1.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bf58d95465c67d1ae2e1cb85c265a61b2c82d6d01dc152079ca9b58fb8f4f2d3

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 01 Dec 2024 11:57:57 GMT
date
Tue, 19 Dec 2023 07:49:41 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1021903
x-guploader-uploadid
ABPtcPqiyDmY4wNieNZzKvBkhFagVY9rKGgDLpxMaXj6ugWn7DUwci0fdIdsIZvBfOWOz7YCmbX3m1vMi1C_LU8xc2z4065wa8O_
x-cache
HIT, MISS
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:37.756Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357397691847
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1005527
x-served-by
cache-dfw-kdal2120049-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:38 GMT
server
UploadServer
x-timer
S1702972181.785054,VS0,VE788
etag
"c3558f0af1e2f20c7f57b5cfae3f4a0a"
x-goog-generation
1689244418398311
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=e8WRtQ==, md5=w1WPCvHi8gx/V7XPrj9KCg==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
1005527
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
260, 0
s_2.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
47 KB
47 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/s_2.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
054e9ff0420255aee1fac48ff37183429e48bd5f694639816b31ff0afd3079db

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Mon, 11 Nov 2024 08:56:11 GMT
date
Tue, 19 Dec 2023 07:49:41 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1103736
x-guploader-uploadid
ABPtcPqsMlF1mpP9AZ0f-CTeo_bCkilCchvUPCoFFNlTDZI1e5qZO_sarqZdUS5jB38giY05xX1zqgJjo0Ce6VPYFAGhcg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.322Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357421241290
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47686
x-served-by
cache-dfw-kdfw8210153-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:59 GMT
server
UploadServer
x-timer
S1702972182.645164,VS0,VE1
etag
"96435b8b24db78e5e6fae32fc02ad212"
x-goog-generation
1689244439090124
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=qU9Iag==, md5=lkNbiyTbeOXm+uMvwCrSEg==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
47686
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
30, 1
s_2.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/
969 KB
970 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/s_2.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
45d215f0ad40ee2fb65d6b9bf60b88a223ace873f70973257382878c4f271ef6

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 26 Oct 2024 01:29:47 GMT
date
Tue, 19 Dec 2023 07:49:41 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
4169995
x-guploader-uploadid
ABPtcPo9NTlXzieLHRGJngxc0i8as_DKbuWBVeQrtdt3-dofHPpKx9FH-hbFLffzGlqO5EwiNu3IEKEibuJD_DTJvq0EapHKfn5o
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:33.300Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357393225863
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
992376
x-served-by
cache-dfw-kdal2120137-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:42 GMT
server
UploadServer
x-timer
S1702972182.682626,VS0,VE4
etag
"b5ffbb32363d66f60c6772f80a24e20d"
x-goog-generation
1689244422730620
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=YfEjBg==, md5=tf+7MjY9ZvYMZ3L4CiTiDQ==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
992376
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
174, 1
s_3.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
46 KB
47 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/s_3.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5dd554bc1166909d2e310de22916c79b9acd6303f1d639950f67714beca369a9

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 28 Sep 2024 11:27:20 GMT
date
Tue, 19 Dec 2023 07:49:41 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1189833
x-guploader-uploadid
ADPycdtoi85ItxOWS31tOMeWoM84wpyIOT1ZrzWfmKxTmj15ismuz2gv2iaiFNZ2BAbEJplfDXlrBFJKnVBw3ggKL8ocRg
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.444Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357421363392
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47540
x-served-by
cache-dfw-kdfw8210101-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:40 GMT
server
UploadServer
x-timer
S1702972182.735554,VS0,VE1
etag
"c57c1be74546ec92b770118b304ffcc2"
x-goog-generation
1689244420384177
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=fdHngg==, md5=xXwb50VG7JK3cBGLME/8wg==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
47540
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
32, 1
s_3.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/
966 KB
967 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/s_3.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3e9e704c936c6242c8f3eee0ac9b859b16b6b1cb5dca6ac443c3ab050f142457

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 09 Nov 2024 17:40:51 GMT
date
Tue, 19 Dec 2023 07:49:41 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
2902130
x-guploader-uploadid
ABPtcPr_qdJ7mleyJI1ht-WdD6jsJJew99wam3U5aILmoyOOXpT5y_0Uvz6Ekqc7FuO9qV6a6SY8_V3J0d_CL9zQeJbv7Q
x-cache
HIT, MISS
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:34.350Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357394274678
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
988787
x-served-by
cache-dfw-kdal2120146-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:34 GMT
server
UploadServer
x-timer
S1702972182.845091,VS0,VE145
etag
"221da8d9b625068d714c1e4c87548c11"
x-goog-generation
1689244414680378
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=6B32sQ==, md5=Ih2o2bYlBo1xTB5Mh1SMEQ==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
988787
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
340, 0
s_4.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
47 KB
47 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/s_4.m4s
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/ptdhueoh/mogaakf18986rxnincne/N1-S3IauuZQbGI7tsYA9tJo44LLoGzV2NJPGUzmsgOE/-X2o163dhRnabVYuX5D8C6lzXAT7YP3LnusG0QsKXIaojUqcn2s9oDD5GUkdLV4H
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2278235db5b5bf1fbcf5819300da4b501a885945660e2d8959eaf52f87428751

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 25 Aug 2024 22:21:44 GMT
date
Tue, 19 Dec 2023 07:49:42 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
x-cdn
5
age
1584131
x-guploader-uploadid
ADPycdvvZVGEEK2mT9_ax1V7I1wMSnHTn43w6BY3X37lZCoERDsuDcm5zPq0zX40CALG_G3BH452mnbAnB8PMhgO8Nb-3EgKh9TQ
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.593Z
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-meta-x-goog-reserved-source-generation
1614357421505768
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47666
x-served-by
cache-dfw-kdfw8210036-DFW, cache-mad2200130-MAD
last-modified
Thu, 13 Jul 2023 10:33:44 GMT
server
UploadServer
x-timer
S1702972182.038830,VS0,VE1
etag
"b2442ed84a497350ddb394cf936625b6"
x-goog-generation
1689244424054331
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=4AC0kg==, md5=skQu2EpJc1Dds5TPk2Yltg==
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-cdn-site
c5-prod
x-goog-stored-content-length
47666
x-lb-backend
gcs-prod
x-lb-cache
miss
accept-ranges
bytes
x-cache-hits
57, 1
s_4.m4s
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
quick.vidalytics.com
URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/1280x720_h264_2000000/s_4.m4s

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __app function| recordEmailConversion function| $ function| jQuery object| bootstrap string| product string| url function| sleep function| popup function| recordVisit string| locationInfo object| Vidalytics object| VidalyticsL object| _vidalytics function| setCookie function| getCookie string| image function| socialProofPopUp undefined| Handlebars object| JSON3 undefined| returnExports function| cbtb object| Bounceback object| exit1 object| webpackChunkbitmovin_player_name_ object| bitmovin

9 Cookies

Domain/Path Name / Value
.clickbank.net/ Name: q
Value: 01.EE44351BC476C8D32F5F63959EE79B33AD80D67816EC6B15854EC9F89F271B3D30E6356F06ADB722C995BCC5FD1752415DB3B706
.clickbank.net/ Name: p
Value: XqoyCANEWZJY8vki1fq93WdtpC7EWP_lCPYLVeeEKsqrS5kK5n44w0jrS6rJTTZoVJT2IaOYlnEfVCn9UheNAdIOItrRMko-JYmEpt3rQaiNRUSBn5NCvk-du-QSX6bFRAqEy3Enq_b-hMqLpF4fRU_GksxDQ8pFhStwa_oZdKCCp2yHsl5gC_yqldbJBdCgTF6zNKEP2OaIcXKjujFTlgBNR84%3D
getprimalflow.com/ Name: user_id
Value: b59448cf2a6e30e1aa6920699c1d1cab
getprimalflow.com/ Name: user_id.sig
Value: -ja1EKkXnzpcjUaLWwOo1OtDbEM
getprimalflow.com/ Name: uid
Value: wKhaAWWBSxIgvgBDA8DWAg==
getprimalflow.com/ Name: cnid
Value: 0
cbtb.clickbank.net/ Name: AWSALBCORS
Value: jEGafdl82ea3Q39C0A+CZz6vzqY9Eyh6yq09D7szmr23TibtnPStw6gHJ11nWZQnymZ1Q09UDDSiktA6IOf2gEXPnNMUuawwecuDBO47l//iihIxfljHhlSCQEBs
getprimalflow.com/ Name: visitor_name
Value: old
getprimalflow.com/ Name: bitmovin_analytics_uuid
Value: be8915a8-7149-40f0-bdd7-857bf6691c18

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
cbtb.clickbank.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
getprimalflow.com
hop.clickbank.net
ipapi.co
jem212-primalflow.hop.clickbank.net
licensing.bitmovin.com
lizswannmiller.com
prod.cbstatic.net
quick.vidalytics.com
seal-boise.bbb.org
stats.vidalytics.com
www.dofast.ru.com
www.googletagmanager.com
quick.vidalytics.com
107.178.211.97
151.101.1.91
18.173.233.111
18.246.203.151
2600:1901:0:df23::
2606:4700:20::681a:92c
2606:4700:3031::ac43:ab2e
2606:4700::6810:5514
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
2a0b:4d07:101::1
34.217.168.56
35.190.27.197
67.227.198.234
69.172.200.220
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
0438c71e63bd9000f499d9d3291ba7c3af0dbaf4294cb1cfb5f50351f2680629
054e9ff0420255aee1fac48ff37183429e48bd5f694639816b31ff0afd3079db
0e79c5510cf7bac65f365b18b38911ae3293d57e11ee88c0e8f82eb74d9ac579
119681f715bad9417cf21956190fd124b2b21c09739040af6837775419485a81
1e384ca6d3d8d8279995ca77c3e3f8fd13106b0839fdae795e5b5b8b9ae52e2e
1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282
2278235db5b5bf1fbcf5819300da4b501a885945660e2d8959eaf52f87428751
22e10fe34441064aa9f299fa998528c5fa9b139ad8febc19721970d5c41089b6
23ac89ef70bf0d17be980a75c8cbe50b0a77c9f00900eafc5508cc9dfae39a4e
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ec855ca04e845f8224a48b7980e5909edfbfa3ffb06c3e70d8b3fd3a172907f
30176d6a5c73969fc90b6716bddabc60487fe47b6c881b237b044098ea2c5270
322edf2cf8791e8dbbc9b049ac302de21328e9933b27b7d8d4ba17646eb778eb
336da2ec17bfcfe41d933276eeab56479d4338d2b897a3f0801d79de69adbf8e
3e9e704c936c6242c8f3eee0ac9b859b16b6b1cb5dca6ac443c3ab050f142457
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
45d215f0ad40ee2fb65d6b9bf60b88a223ace873f70973257382878c4f271ef6
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02
4e8b90b2380c6f73922e90ac611f7d79ed0ace91bbcd5fc73ea6f3b6d7cb3441
55a8931783756b21f6c7db8edfc02d275a5aea009a5d8df7c792ff1f2f00085b
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
575d87c9d32652bac21eda5a51da4712ecce24709875b0db7fe5d1877ca8cd66
578981a7809ac96a90e27f51eb3a82864381918f903006c4bafbc25354816597
59abb56c718b009335e1e2556c998e72ead7b8dd3a58ed9a26550376dde0f324
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5dd554bc1166909d2e310de22916c79b9acd6303f1d639950f67714beca369a9
5f0dbfebbf17e9e56f08c8a27dd82e0b6aa5cd9ec7875eb94190fbff48abcc56
6022f98819fb4ef5388a053b10b9f6374125af06188c0e1b01375feb08107357
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9bb60c6e2c926f9d1277648f551538a2df88eaf83342b293074cd3ac9c1fc2
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
814c15882c153ba64faa6f47e3e146b101263c93dfdcedc36e5d4c70e240c224
8391079e9917034c6ed2cbc2d8fea76882b9d537738567db83f3c9b92e96e72d
839e08dd077b29cdcff873ce9d21d070e3e1178f043a09b21fa2d2a82c0ed7e5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87d3eb2b91b8017b7d57320fe7e4f202bf6fea59903aa9be7b7cb8ed44d62bbb
90dfd678da8c1a0246126d241d1b379c6f746387edd64bf48fccb5fc4283d880
9a2e89efe70fc311e0866f1f5735df23cc47edc414eec72b591b23b282ad3595
9d3901c6ab8122bfc1c077ec15bff1af594c1b306e7bfd68c5a630b698cfd7bd
9e2a69a9f29016b5be2159209e346191fc12ce7db358e41b284a1c538b425ba1
a0af9203a315291a4338f54e3ff814aeabac6a52b92392834384933246412754
a800b458d39f5c08e2be481a84d1f45a94d1e230c4fc35df35f4ffb0ffe6d6a2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4030bb0559a5f6b6505f7d3961cf04e238d16f9d7135cba891dd7ed62e9cf7
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bf58d95465c67d1ae2e1cb85c265a61b2c82d6d01dc152079ca9b58fb8f4f2d3
c8b059bf27bec7d51a8695eaebc73563914dca74c9a2ded19b04634bb85470cc
c92f673bfa45a5b598c4eede6e19da2da70d407849dbf3bed8fdaf7a681eaede
d187a25d21626bb537ac2078f4454970542d661bb410b14f3eacbfb2fea6b8fd
d826fecf23591bf7a009e5baa3e85dfd4c25c81fea49fee2e98c22e229c4b8d8
d93cc0e0616a3440691e050a2fa771342d94ebfacc3b8858e09eb3ab400a06bc
e0ab1e741a49924be5242bb1451f9c1da06817437c6750153e5bff05b3679330
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
f426ae11da854d43ee97f2437e23127c179d478bac0e75e4fff8f3b208e4ef3d
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
fac5133f08500f224d6d1fe1d87cb2eb9fd9629b304a658e5f319413123c6b3e