Submitted URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxR...
Effective URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwp...
Submission: On December 20 via manual from SE — Scanned from SE

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 52 HTTP transactions. The main IP is 69.172.200.220, located in Canada and belongs to DOSARREST, US. The main domain is getprimalflow.com.
TLS certificate: Issued by R3 on December 8th 2023. Valid for: 3 months.
This is the only time getprimalflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
20 getprimalflow.com
getprimalflow.com
664 KB
8 vidalytics.com
quick.vidalytics.com — Cisco Umbrella Rank: 257586
stats.vidalytics.com
622 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
153 KB
4 cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 185888
64 KB
3 bitmovin.com
analytics-ingress-global.bitmovin.com
licensing.bitmovin.com
853 B
3 lizswannmiller.com
lizswannmiller.com
7 KB
3 clickbank.net
hop.clickbank.net — Cisco Umbrella Rank: 130456
jem212-primalflow.hop.clickbank.net
cbtb.clickbank.net — Cisco Umbrella Rank: 177506
3 KB
3 ru.com
www.dofast.ru.com
35 KB
1 bbb.org
seal-boise.bbb.org — Cisco Umbrella Rank: 174747
5 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 15570
890 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
980 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
68 KB
52 13
Domain Requested by
20 getprimalflow.com getprimalflow.com
5 quick.vidalytics.com getprimalflow.com
quick.vidalytics.com
www.dofast.ru.com
5 cdn.jsdelivr.net getprimalflow.com
cdn.jsdelivr.net
4 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
getprimalflow.com
3 stats.vidalytics.com www.dofast.ru.com
3 lizswannmiller.com getprimalflow.com
cdn.jsdelivr.net
3 www.dofast.ru.com www.dofast.ru.com
2 analytics-ingress-global.bitmovin.com www.dofast.ru.com
1 licensing.bitmovin.com www.dofast.ru.com
1 seal-boise.bbb.org getprimalflow.com
1 fonts.gstatic.com fonts.googleapis.com
1 ipapi.co cdn.jsdelivr.net
1 fonts.googleapis.com getprimalflow.com
1 cbtb.clickbank.net getprimalflow.com
1 jem212-primalflow.hop.clickbank.net 1 redirects
1 hop.clickbank.net 1 redirects
1 www.googletagmanager.com www.dofast.ru.com
52 17

This site contains links to these domains. Also see Links.

Domain
www.bbb.org
vidalytics.com
primalflow.pay.clickbank.net
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
irolliemarketing.com
R3
2023-12-08 -
2024-03-07
3 months crt.sh
*.clickbank.net
Amazon RSA 2048 M01
2023-02-07 -
2024-03-08
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
mail.lizswannmiller.com
R3
2023-10-25 -
2024-01-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA
2023-11-14 -
2024-12-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.cbstatic.net
Amazon RSA 2048 M02
2023-07-19 -
2024-08-16
a year crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-26 -
2024-04-25
a year crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2
2023-05-08 -
2024-06-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Frame ID: 0D4A8947A1C3EFCF1DDDBAE6AA3F951C
Requests: 55 HTTP requests in this frame

Screenshot

Page Title

Discovery

Page URL History Show full URLs

  1. http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW4... Page URL
  2. http://www.dofast.ru.com/offer.php?id=7&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW4... Page URL
  3. http://hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028915&sid=1028915&h=JTLWTZhWzLProi... HTTP 307
    https://jem212-primalflow.hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028915&sid=1028915&h=JTLWTZhWzLProi... HTTP 307
    https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWz... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

52
Requests

94 %
HTTPS

47 %
IPv6

13
Domains

17
Subdomains

16
IPs

4
Countries

1639 kB
Transfer

3875 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ Page URL
  2. http://www.dofast.ru.com/offer.php?id=7&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ Page URL
  3. http://hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028915&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ HTTP 307
    https://jem212-primalflow.hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028915&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ HTTP 307
    https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/
1001 B
1 KB
Document
General
Full URL
http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:ab2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433695896b62e6f1f4484c0ef8378842c07f4734344dd56c0facb5709587bd27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
838b391ce9317063-GOT
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Dec 2023 22:11:47 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyCxrJu1eUupqgwuKQcRtz75OaKeclTi7D%2BL0eboHgLN5Y%2BoM%2BtjsDT3EnN1ERi%2FC%2FgSVMPV3YPUqo%2FAVNv2AdBgAhoDFKGaxtjF1xnc482mwU9Zipj49R5nTE7CcoRhtcf5dshlDn%2BK6JpOY74Grw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
jquery-1.11.0.min.js
www.dofast.ru.com/
94 KB
33 KB
Script
General
Full URL
http://www.dofast.ru.com/jquery-1.11.0.min.js
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:ab2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 22:11:47 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sat, 05 Aug 2023 00:37:57 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"64cd99e5-1787d"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNNZVrQwJ4X%2FK1MfH6h%2BYC1tMzbb%2BVu2qbUwZDk6biHkn%2F9%2FSEC1WJBbXxbH9uY3dbMjDx7dgIBX5AQavxtj9ul9ZE8U0ebKCDJq8UosV43IonOjUcnjT4V3E5dbZZZj2QxhfwmVQpfnU1GVceocfg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
838b391e0af97063-GOT
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e8a74e8b5d317f89629702af30ebf3350b3ec200ba1ecb0b6e6470c3a498a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
http://www.dofast.ru.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69038
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Dec 2023 22:11:47 GMT
offer.php
www.dofast.ru.com/
356 B
915 B
Document
General
Full URL
http://www.dofast.ru.com/offer.php?id=7&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
HTTP/1.1
Server
2606:4700:3031::ac43:ab2e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b216b7065e307a588eff990217e7e30486ae43ca2ca3a0dd7eafccc95501424b

Request headers

Referer
http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
838b39209dab7063-GOT
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Dec 2023 22:11:48 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJwjXTtuILOioxKZ5mf%2BMz5yabDofe0Iesfhs14j07Dd4EfdhIK5yb6DAcF75Jf2fvG1NKpdz4g9UtANDmSWNhrBTzVzISdI83YbW%2BPLZNYClsuF8a2G85%2BE%2FHmQBgj9yztku0lKI5Pvyve4rwLY%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
Primary Request discovery
getprimalflow.com/
Redirect Chain
  • http://hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028915&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
  • https://jem212-primalflow.hop.clickbank.net/?affiliate=jem212&vendor=primalflow&tid=1028915&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
  • https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
77 KB
19 KB
Document
General
Full URL
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
654456194fe808b14cfe47ab51c61125fa5b18adf7608c0c5acda5645e1d1819
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;

Request headers

Referer
http://www.dofast.ru.com/offer.php?id=7&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;
content-type
text/html; charset=utf-8
date
Wed, 20 Dec 2023 22:11:50 GMT
server
DOSarrest
vary
Accept-Encoding
x-dis-request-id
c6e2f56869709cec43110d0de1fbb8f7

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Model, Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Bitness
access-control-expose-headers
Server-Timing
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Wed, 20 Dec 2023 22:11:49 GMT
expires
0
location
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
pragma
no-cache
referrer-policy
no-referrer
server-timing
traceparent;desc="00-f431cfa621b4db699988fd58f72a7f17-9b20c5a41c6b394d-01"
strict-transport-security
max-age=0 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1 ; mode=block
/
cbtb.clickbank.net/
934 B
1 KB
Script
General
Full URL
https://cbtb.clickbank.net/?vendor=edelixir
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.168.56 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-168-56.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
f426ae11da854d43ee97f2437e23127c179d478bac0e75e4fff8f3b208e4ef3d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:50 GMT
cache-control
max-age=900
server
Apache
content-length
934
content-type
text/javascript;charset=UTF-8
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.2.1/dist/
85 KB
31 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2384482
x-jsd-version
3.2.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230122-FRA, cache-bma1654-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPZlRzDPwh3twKG%2BlHm3K9KpwB5TAltOMpjDnbjkeObN3vdS4kPxchytQiQgg8P3LYpbO7GrLA3%2F4U8qcgufdxmfXn7QHqxuv5bJCqFRk6HLgAiHoaToFUzJF25suUdiYNNPXNT27u1IznTg9%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
838b392ffd8dbe44-CPH
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/css/
150 KB
24 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/css/bootstrap.min.css
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
4.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220099-FRA, cache-lga21926-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"2565e-Oum7DnkpSJq9I3Nq6JKTnI/phkU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE18BDHLQIoEKxAss7ixH8de8IvLz%2F3DK0uL0VXapsRCYceBYhDa3lmfl54ErpUONqJOIeaKMgmvOV%2Fxwenc9t44m%2F82N42ykr4Vpot4yzpEN4P6%2FHVZqyuNCaRHjETZDAOaEvH86N57VSY%2BQSk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
838b392ffd8bbe44-CPH
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/
54 KB
15 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.2.1/dist/js/bootstrap.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
4.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220047-FRA, cache-lga21929-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"d9df-3pCMntGE1061Jfp6MESbZ/w6HBQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkdpmuUhyRkj7i%2Bj80pOuM8vmqD0E1F4JJHP9D3v%2FqpFA9YEqbaq%2FENApHpIZWAGzOUeygEZqa6Za8%2BaiBGOhCeOYgAoPwaWNgTXRakLxHweU%2BtbDc1rvgvyVp2ZIFKdpDQl3pdjKtyU0m7qg20%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
838b392ffd8ebe44-CPH
style.css
getprimalflow.com/
11 KB
3 KB
Stylesheet
General
Full URL
https://getprimalflow.com/style.css
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
0e79c5510cf7bac65f365b18b38911ae3293d57e11ee88c0e8f82eb74d9ac579

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:03:36 GMT
server
DOSarrest
etag
W/"6375f8e8-2adc"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
x-dis-request-id
5f5c3a7b54c816e9b7ba8b29bf2895bd
font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2303809
x-jsd-version
4.7.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220042-FRA, cache-bma1649-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpNGwG4NCTMx20ZeQlq%2FB%2BS0NeKs9ezKuQLC4SY0m2vfI6dbk9LAFF3fAi%2B45eEzXQ%2BdehjPX1owIY0UGnB0uOGnT34I72RcQwuGx13P%2FMFohY9o%2FsH1XwU46ATfP2OBGB5USieMnNDXvwBbZiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
838b392ffd8cbe44-CPH
social-proof.js
lizswannmiller.com/social-proof/
2 KB
3 KB
Script
General
Full URL
https://lizswannmiller.com/social-proof/social-proof.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.198.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.redsmoothiedetoxfactor.com
Software
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
fac5133f08500f224d6d1fe1d87cb2eb9fd9629b304a658e5f319413123c6b3e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 22:11:50 GMT
Last-Modified
Fri, 05 Jun 2020 12:28:53 GMT
Server
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9
ETag
"16032f-933-5a75567730ff0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2355
css
fonts.googleapis.com/
2 KB
980 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:900
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Dec 2023 22:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Dec 2023 22:11:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Dec 2023 22:11:50 GMT
Primal-Flow_06.webp
getprimalflow.com/images/
28 KB
29 KB
Image
General
Full URL
https://getprimalflow.com/images/Primal-Flow_06.webp
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
23ac89ef70bf0d17be980a75c8cbe50b0a77c9f00900eafc5508cc9dfae39a4e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 14 Sep 2023 04:54:08 GMT
server
DOSarrest
etag
"650291f0-70f6"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
28918
x-dis-request-id
0291dbb847e069bd84e6fa097e16b9c5
best_value.png
getprimalflow.com/images/primal-flow/
10 KB
10 KB
Image
General
Full URL
https://getprimalflow.com/images/primal-flow/best_value.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
839e08dd077b29cdcff873ce9d21d070e3e1178f043a09b21fa2d2a82c0ed7e5

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 04 Mar 2021 12:32:04 GMT
server
DOSarrest
etag
"6040d344-27fb"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
10235
x-dis-request-id
8103ba37ec9747f2a4eeaf3bb5a80d1a
atc-1.png
getprimalflow.com/images/
7 KB
7 KB
Image
General
Full URL
https://getprimalflow.com/images/atc-1.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
8391079e9917034c6ed2cbc2d8fea76882b9d537738567db83f3c9b92e96e72d

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Tue, 02 Mar 2021 12:31:50 GMT
server
DOSarrest
etag
"603e3036-1b88"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7048
x-dis-request-id
b0b686e53f5860f34e280f9717700966
payment-icons.png
getprimalflow.com/images/prima-power/
4 KB
4 KB
Image
General
Full URL
https://getprimalflow.com/images/prima-power/payment-icons.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
7a9bb60c6e2c926f9d1277648f551538a2df88eaf83342b293074cd3ac9c1fc2

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 27 May 2021 05:27:08 GMT
server
DOSarrest
etag
"60af2dac-e56"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
3670
x-dis-request-id
507f9b67c8dade5f313a753a0d0ba125
Primal-Flow_03.webp
getprimalflow.com/images/
26 KB
26 KB
Image
General
Full URL
https://getprimalflow.com/images/Primal-Flow_03.webp
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
6022f98819fb4ef5388a053b10b9f6374125af06188c0e1b01375feb08107357

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Thu, 14 Sep 2023 04:54:08 GMT
server
DOSarrest
etag
"650291f0-6864"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
26724
x-dis-request-id
7ba69ec14b8c8b7b3c68256da8727096
most_popular.png
getprimalflow.com/images/primal-flow/
11 KB
11 KB
Image
General
Full URL
https://getprimalflow.com/images/primal-flow/most_popular.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
59abb56c718b009335e1e2556c998e72ead7b8dd3a58ed9a26550376dde0f324

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 04 Mar 2021 12:32:04 GMT
server
DOSarrest
etag
"6040d344-2b8f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11151
x-dis-request-id
94e7a2ee1d9104a0d18b7652120a73e8
Primal-Flow_01.webp
getprimalflow.com/images/
11 KB
11 KB
Image
General
Full URL
https://getprimalflow.com/images/Primal-Flow_01.webp
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
d93cc0e0616a3440691e050a2fa771342d94ebfacc3b8858e09eb3ab400a06bc

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Thu, 14 Sep 2023 04:54:08 GMT
server
DOSarrest
etag
"650291f0-2b66"
vary
Accept-Encoding
content-type
image/webp
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
11110
x-dis-request-id
55c971bd55b4fd90ce7a77f423a991bc
MBG.png
getprimalflow.com/images/
39 KB
39 KB
Image
General
Full URL
https://getprimalflow.com/images/MBG.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
1e384ca6d3d8d8279995ca77c3e3f8fd13106b0839fdae795e5b5b8b9ae52e2e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Wed, 24 Feb 2021 04:44:39 GMT
server
DOSarrest
etag
"6035d9b7-9bce"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
39886
x-dis-request-id
4504068a9e9ea7baa2ccfd91c2e8d770
jonathan.png
getprimalflow.com/images/
68 KB
68 KB
Image
General
Full URL
https://getprimalflow.com/images/jonathan.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
322edf2cf8791e8dbbc9b049ac302de21328e9933b27b7d8d4ba17646eb778eb

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-11055"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
69717
x-dis-request-id
43f060de2bc5edbd0317cb2cc2cfc011
mark.png
getprimalflow.com/images/
53 KB
53 KB
Image
General
Full URL
https://getprimalflow.com/images/mark.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
2ec855ca04e845f8224a48b7980e5909edfbfa3ffb06c3e70d8b3fd3a172907f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-d303"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
54019
x-dis-request-id
7524f5c21bf5e655eef36f62756d88ea
chris.png
getprimalflow.com/images/
53 KB
53 KB
Image
General
Full URL
https://getprimalflow.com/images/chris.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
9d3901c6ab8122bfc1c077ec15bff1af594c1b306e7bfd68c5a630b698cfd7bd

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-d227"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
53799
x-dis-request-id
cd77800c56cbe966e9c70a327e9f7853
willie.png
getprimalflow.com/images/
49 KB
50 KB
Image
General
Full URL
https://getprimalflow.com/images/willie.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
0438c71e63bd9000f499d9d3291ba7c3af0dbaf4294cb1cfb5f50351f2680629

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:50 GMT
last-modified
Thu, 11 Mar 2021 07:08:01 GMT
server
DOSarrest
etag
"6049c1d1-c4cc"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
50380
x-dis-request-id
8946a32ca1d710eceab0a25945cfc83a
visits
getprimalflow.com/api/
556 B
554 B
Script
General
Full URL
https://getprimalflow.com/api/visits?page_id=6&page_version=&request_id=4621FD87%3ADB7E_D197C0D8%3A01BB_658366A5_38563%3A3E067B&querystring=hopId%3Dc23d3a46-0962-4a8f-b6e8-3443b5e6f156%26sid%3D1028915%26h%3DJTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4%2FtW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ&fbclid=&fbp=&fbc=&referrer=
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
069ef21c4530860430564d6cc4c0e2c3498e8d652217136620ffe9dadaa60cd9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
application/javascript; charset=utf-8
date
Wed, 20 Dec 2023 22:11:51 GMT
content-security-policy
frame-ancestors 'self' cbsplit.com getprimalflow.com getprimalflow-com.cbsplit.com ;
content-encoding
gzip
server
DOSarrest
vary
Accept-Encoding
x-dis-request-id
8ee7742db39b55b1ebeec441e400cfb6
index.js
lizswannmiller.com/social-proof/common/
4 KB
4 KB
Script
General
Full URL
https://lizswannmiller.com/social-proof/common/index.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.198.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.redsmoothiedetoxfactor.com
Software
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
9e2a69a9f29016b5be2159209e346191fc12ce7db358e41b284a1c538b425ba1

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Wed, 20 Dec 2023 22:11:51 GMT
Last-Modified
Wed, 22 Feb 2023 11:00:27 GMT
Server
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9
ETag
"21cec0-e87-5f547cdcd6f08"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3719
bounceback.min.js
getprimalflow.com/js/
3 KB
2 KB
Script
General
Full URL
https://getprimalflow.com/js/bounceback.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 04:07:14 GMT
server
DOSarrest
etag
W/"6035d0f2-b20"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
x-dis-request-id
9d65d32da9a5f5ca982e7ebb90a7610a
disable-right-click.js
getprimalflow.com/js/
64 B
352 B
Script
General
Full URL
https://getprimalflow.com/js/disable-right-click.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
c8b059bf27bec7d51a8695eaebc73563914dca74c9a2ded19b04634bb85470cc

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Wed, 24 Feb 2021 04:07:15 GMT
server
DOSarrest
etag
"6035d0f3-40"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
64
x-dis-request-id
757b4952c5b26dfd6ecc5177100a0984
/
ipapi.co/json/
769 B
890 B
XHR
General
Full URL
https://ipapi.co/json/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86dd0c037c74d34f3d07a3c5d3d08dfc1a23fd4da8cfead2f13e12d5e431ea56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Host, origin
allow
GET, POST, HEAD, OPTIONS, OPTIONS
content-type
application/json
access-control-allow-origin
https://getprimalflow.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1ndCplFtYtharIolrCK6kvvImeTkbQyCjIhJR%2B4UkRCet5bnlq57Y7qqosTArwDPhJ6UwpqmBCld69Hf6lD7tmAHWLMbE42kN57j0ZjMb3UdkldHHzQicMqI0apYEa4jVp5yaVb"}],"group":"cf-nel","max_age":604800}
x-frame-options
DENY
cf-ray
838b39340c6c9980-CPH
loader.min.js
quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/
42 KB
11 KB
Script
General
Full URL
https://quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/loader.min.js
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dac/9C19) /
Resource Hash
87d3eb2b91b8017b7d57320fe7e4f202bf6fea59903aa9be7b7cb8ed44d62bbb

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:51 GMT
content-encoding
gzip
via
1.1 google
x-envoy-decorator-operation
vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
x-cdn
3
age
78
x-cache
HIT
x-envoy-upstream-service-time
40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10597
surrogate-key
lb-api
last-modified
Wed, 20 Dec 2023 22:10:33 GMT
server
ECAcc (dac/9C19)
x-cdn-info
loader
vary
Accept-Encoding
x-cdn-site
c3-prod
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=60, s-maxage=600
x-lb-backend
api-prod
x-lb-cache
disabled
icon-man.png
getprimalflow.com/images/
5 KB
5 KB
Image
General
Full URL
https://getprimalflow.com/images/icon-man.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
c92f673bfa45a5b598c4eede6e19da2da70d407849dbf3bed8fdaf7a681eaede

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Wed, 24 Feb 2021 04:44:37 GMT
server
DOSarrest
etag
"6035d9b5-1402"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
5122
x-dis-request-id
bde3ae3be35a831f1a9c94ec22e3f5b8
WorkSans-SemiBold.ttf
getprimalflow.com/fonts/
139 KB
140 KB
Font
General
Full URL
https://getprimalflow.com/fonts/WorkSans-SemiBold.ttf
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
22e10fe34441064aa9f299fa998528c5fa9b139ad8febc19721970d5c41089b6

Request headers

Referer
https://getprimalflow.com/style.css
Origin
https://getprimalflow.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Wed, 24 Feb 2021 04:31:29 GMT
server
DOSarrest
etag
"6035d6a1-22cd4"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
142548
x-dis-request-id
cdf5f85f21a3906783348b1b5fc0c17e
WorkSans-Regular.ttf
getprimalflow.com/fonts/
133 KB
133 KB
Font
General
Full URL
https://getprimalflow.com/fonts/WorkSans-Regular.ttf
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.172.200.220 , Canada, ASN19324 (DOSARREST, US),
Reverse DNS
Software
DOSarrest /
Resource Hash
4e8b90b2380c6f73922e90ac611f7d79ed0ace91bbcd5fc73ea6f3b6d7cb3441

Request headers

Referer
https://getprimalflow.com/style.css
Origin
https://getprimalflow.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
pragma
public
date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Wed, 24 Feb 2021 04:31:29 GMT
server
DOSarrest
etag
"6035d6a1-21294"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
135828
x-dis-request-id
23d4073d3d081a8914eb7be933276818
fontawesome-webfont.woff2
cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Origin
https://getprimalflow.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2398535
x-jsd-version
4.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
x-served-by
cache-fra-etou8220046-FRA, cache-bma1677-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztR1WxKta9dGxrB7SyBD4XjinixUNGgc3XUP83hLSUao5wkM%2F9GYrgGgbwt6bqI82%2FHcqu7sY%2FGjD1bgmssHWkM76gHgtAQ6gj2lV4thv%2BBiCv0gCOFh8PvxaZl2faPM8%2BKsvNxth35CLe80C78%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
838b3933eda71d0a-CPH
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getprimalflow.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 09:03:45 GMT
x-content-type-options
nosniff
age
133686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 09:03:45 GMT
injectable.js
prod.cbstatic.net/dist/
187 KB
57 KB
Script
General
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=edelixir
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-99.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
zpB3jk7HcODNw4bU-GwjdydtfPC1eQHGPHQcngHv49I0rZYfrOn_EQ==
recordVisit.php
lizswannmiller.com/social-proof/
7 B
310 B
XHR
General
Full URL
https://lizswannmiller.com/social-proof/recordVisit.php?locationInfo=%C3%85rsta,%20Stockholm%20County
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@3.2.1/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.227.198.234 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.redsmoothiedetoxfactor.com
Software
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9 /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Accept
*/*
Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Dec 2023 22:11:51 GMT
Server
Apache/2.4.58 (cPanel) OpenSSL/1.1.1w mod_bwlimited/1.4 mod_fcgid/2.3.9
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
app-strings-en.json
prod.cbstatic.net/dist/i18n/
9 B
438 B
XHR
General
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-99.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin
content-length
9
x-amz-cf-id
y6r62R2E79UGo8G97yKWJRuWQE2_NEYDSSG6OF9ktEl8mdYjbKPIfQ==
logo-header-white-en.png
prod.cbstatic.net/dist/assets/
3 KB
3 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-white-en.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-99.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
x-amz-version-id
MDOIjhR_M6jNbjX8RkIPq2C7ONOX6nUv
via
1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
etag
"c5cd3bf3708ca18dc29907bca5361917"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3010
x-amz-cf-id
2JZX_wsY7pCwYEVtfJu76Lixo8LwsEYDY_je_Ju9IzQ0PpW971lLrQ==
logo-tab-white-en.png
prod.cbstatic.net/dist/assets/
4 KB
4 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-white-en.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-99.ams54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
x-amz-version-id
cNeRH7m7.WywkvAuxfTwU5dXD8BBTjq_
via
1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
AMS54-C1
etag
"dc81e32fb5cefc7eb584522b0e2b6c2f"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3779
x-amz-cf-id
zQgmOVc0fnUDYIgIpZzzdM_jxfSp1Z8H_eUq0PivyKDxHw48VfJH2Q==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/
4 KB
5 KB
Image
General
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: getprimalflow.com
URL: https://getprimalflow.com/discovery?hopId=c23d3a46-0962-4a8f-b6e8-3443b5e6f156&sid=1028915&h=JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash
8f00fb1b510c078f1c184a3e9aea8a56e70e641b8c2bef055a308845fc0710e4

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:51 GMT
last-modified
Wed, 20 Dec 2023 13:44:16 GMT
server
keycdn
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4413
expires
Thu, 21 Dec 2023 02:11:51 GMT
player-dash-mse.min.js
quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/
2 MB
604 KB
XHR
General
Full URL
https://quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/player-dash-mse.min.js?hash=imujwqqom
Requested by
Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/sBLUNzmU/zBgRlNBYZQ5Xq5gd/loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dac/9C2C) /
Resource Hash
aa4030bb0559a5f6b6505f7d3961cf04e238d16f9d7135cba891dd7ed62e9cf7

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
content-encoding
gzip
via
1.1 google
x-cdn
3
age
608950
x-guploader-uploadid
ABPtcPqd6EgnBj_G3fSrfn0ZGwjStSkLIlk4euItF9O63nFoeVd-6qIxTgj-7L86tY8ENLC6iqmUao-Nsei5NzPjAsiQ1FmhMQxN
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
618768
last-modified
Wed, 13 Dec 2023 13:19:01 GMT
server
ECAcc (dac/9C2C)
etag
"c76ec16ffc70df63ff87edd0badaa06a"
vary
Accept-Encoding
x-cdn-site
c3-prod
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-generation
1702473541468005
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=300, s-maxage=2592000
x-goog-hash
crc32c=M3UX0w==, md5=x27Bb/xw32P/h+3Qutqgag==
x-goog-stored-content-length
618768
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Fri, 19 Jan 2024 22:11:52 GMT
awesome-log
stats.vidalytics.com/
43 B
414 B
XHR
General
Full URL
https://stats.vidalytics.com/awesome-log?cid=sBLUNzmU
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:53 GMT
server
istio-envoy
etag
"sBLUNzmU/XixLOCIxwhtewPdf"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://getprimalflow.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
licensing
analytics-ingress-global.bitmovin.com/
117 B
369 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 -, , ASN (),
Reverse DNS
Software
v1.59.3 /
Resource Hash
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
licensing
licensing.bitmovin.com/
165 B
442 B
XHR
General
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Dec 2023 22:11:53 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
165
stream.mpd
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/
5 KB
5 KB
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/stream.mpd
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (sto/EA23) /
Resource Hash
30176d6a5c73969fc90b6716bddabc60487fe47b6c881b237b044098ea2c5270

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
via
1.1 google
x-cdn
3
age
12666771
x-guploader-uploadid
ADPycdtT8UZxTsyzvGVSUhe7sE5jrMaqAY9SgSo6frOXw_ULCX7Y3npJtFeWrM93ahGn7QHVJ4_BatEzvKd8cs9w0BCX9A
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:41:39.658Z
x-goog-metageneration
1
x-goog-meta-x-goog-reserved-source-generation
1614357699556573
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4688
last-modified
Thu, 13 Jul 2023 10:33:13 GMT
server
ECAcc (sto/EA23)
etag
"1acd3a2edc262a5958121b2c00ddbcf8"
x-cdn-site
c3-prod
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-generation
1689244393624777
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-goog-hash
crc32c=eQUKjw==, md5=Gs06LtwmKllYEhssAN28+A==
x-goog-stored-content-length
4688
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Sat, 14 Dec 2024 22:11:52 GMT
truncated
/
696 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0ab1e741a49924be5242bb1451f9c1da06817437c6750153e5bff05b3679330

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0af9203a315291a4338f54e3ff814aeabac6a52b92392834384933246412754

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a800b458d39f5c08e2be481a84d1f45a94d1e230c4fc35df35f4ffb0ffe6d6a2

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
init.mp4
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/480x270_h264_157500/
674 B
711 B
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/video/480x270_h264_157500/init.mp4
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dac/9C07) /
Resource Hash
814c15882c153ba64faa6f47e3e146b101263c93dfdcedc36e5d4c70e240c224

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:53 GMT
via
1.1 google
x-cdn
3
age
3675961
x-guploader-uploadid
ABPtcPp-aZng-_AAOSp2kXQaNqbXmlqypCjzdEmhMrRViHI1fT-V07KltIxf2RhPp1CAW5WI0TposPO1-lXlPomQjc4nFw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:36:31.411Z
x-goog-metageneration
1
x-goog-meta-x-goog-reserved-source-generation
1614357391331761
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
674
last-modified
Thu, 13 Jul 2023 10:33:39 GMT
server
ECAcc (dac/9C07)
etag
"ac03a4275a57afef601c90694e3a660d"
x-cdn-site
c3-prod
content-type
video/mp4
access-control-allow-origin
*
x-goog-generation
1689244419416594
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-goog-hash
crc32c=4JcGag==, md5=rAOkJ1pXr+9gHJBpTjpmDQ==
x-goog-stored-content-length
674
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Sat, 14 Dec 2024 22:11:53 GMT
init.mp4
quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/
606 B
645 B
XHR
General
Full URL
https://quick.vidalytics.com/video/sBLUNzmU/ZfT72NhUH1tWjYqM/30806/24461/fmp4/audio/h265_96000/init.mp4
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dac/9C8D) /
Resource Hash
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://getprimalflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 22:11:53 GMT
via
1.1 google
x-cdn
3
age
12666771
x-guploader-uploadid
ADPycduf5x8ST26UDhofQBMhZreCGW9PJ73po7NgOWjoUYq--ZcXnCSQXbobJFiJGJ6Grm0Qx9ckQM-J4wHoynBjlIm47w
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2021-02-26T16:37:01.048Z
x-goog-metageneration
1
x-goog-meta-x-goog-reserved-source-generation
1614357420966095
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
606
last-modified
Thu, 13 Jul 2023 10:34:00 GMT
server
ECAcc (dac/9C8D)
etag
"af3d86596c83ba8ac236796a59f6d6dc"
x-cdn-site
c3-prod
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1689244440703751
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=31104000
x-goog-hash
crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
x-goog-stored-content-length
606
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Sat, 14 Dec 2024 22:11:53 GMT
analytics
analytics-ingress-global.bitmovin.com/
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 -, , ASN (),
Reverse DNS
Software
v1.59.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Dec 2023 22:11:52 GMT
via
1.1 google
server
v1.59.3
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
scribe
stats.vidalytics.com/
16 B
81 B
XHR
General
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Dec 2023 22:11:53 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://getprimalflow.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
2
content-length
16
scribe
stats.vidalytics.com/
16 B
59 B
XHR
General
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: www.dofast.ru.com
URL: http://www.dofast.ru.com/uxiwltf/saqele18987nficrdssu/JTLWTZhWzLProikHy5uapRJ-0zmwpIhbMYRSQeOfDm4/tW476hS9BaFO6I4K0LZtgxRcvm4kahiMh54zPESgFFQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://getprimalflow.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Dec 2023 22:11:53 GMT
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://getprimalflow.com
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
x-envoy-upstream-service-time
1
content-length
16

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __app function| recordEmailConversion function| $ function| jQuery object| bootstrap string| product string| url function| sleep function| popup function| recordVisit string| locationInfo object| Vidalytics object| VidalyticsL object| _vidalytics function| setCookie function| getCookie string| image function| socialProofPopUp object| Bounceback undefined| Handlebars object| JSON3 undefined| returnExports function| cbtb object| exit1 object| webpackChunkbitmovin_player_name_ object| bitmovin

9 Cookies

Domain/Path Name / Value
.clickbank.net/ Name: q
Value: 01.755C0139A89F6DE3189A4F951A5004F998F5C2CEA946D44904A0D4E958B12270324CAA342AD2B31A47BCA10FC2641BED5A3DA028
.clickbank.net/ Name: p
Value: UuGblwMNMrTwSeWqdEjPZsO5rb8biBULXocMYps2KrEbQF3FI_XlReQCq20Yg7KRFL6e7nSqyMjMomDK6DUd_9nuj2dUCt56oze8UrEdhB5US9wlZHrmcM6obcYb9XoX5uM4lHj3j5TaayUHIegVBQdo54cKjelunbPNELfwjmq0DYOmE39SG5JGCAg8fE1HOQ9VmkxrBpe7RsIu0gFVa2cF280%3D
getprimalflow.com/ Name: user_id
Value: 7e2756b937141895fa307fb62efa1822
getprimalflow.com/ Name: user_id.sig
Value: -ea--qdKOsfG64Cqe5NbFLVtHik
getprimalflow.com/ Name: uid
Value: wKhaAWWDZqYgvgBDA8siAg==
getprimalflow.com/ Name: cnid
Value: 0
cbtb.clickbank.net/ Name: AWSALBCORS
Value: 9jfAZuIohy1Ks35K82ASNv9hPn4llpVO4oiGNtrZzR2/SotscYWM7m8xJ5/5yT0Xp+M3xSEMRE3o3Ixce+q/3dRVELlEMSRtlcL/fvsqznTyG+qQYAieGHIGaek1
getprimalflow.com/ Name: visitor_name
Value: old
getprimalflow.com/ Name: bitmovin_analytics_uuid
Value: 88280710-a9f5-48b2-986d-4f8c479a90cf

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
cbtb.clickbank.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
getprimalflow.com
hop.clickbank.net
ipapi.co
jem212-primalflow.hop.clickbank.net
licensing.bitmovin.com
lizswannmiller.com
prod.cbstatic.net
quick.vidalytics.com
seal-boise.bbb.org
stats.vidalytics.com
www.dofast.ru.com
www.googletagmanager.com
107.178.211.97
13.227.219.99
192.229.220.49
2600:1901:0:df23::
2606:4700:20::681a:92c
2606:4700:3031::ac43:ab2e
2606:4700::6810:5914
2a00:1450:4001:812::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a0b:4d07:102::1
34.217.168.56
34.223.164.53
35.190.27.197
44.235.40.124
67.227.198.234
69.172.200.220
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
0438c71e63bd9000f499d9d3291ba7c3af0dbaf4294cb1cfb5f50351f2680629
069ef21c4530860430564d6cc4c0e2c3498e8d652217136620ffe9dadaa60cd9
0e79c5510cf7bac65f365b18b38911ae3293d57e11ee88c0e8f82eb74d9ac579
1e384ca6d3d8d8279995ca77c3e3f8fd13106b0839fdae795e5b5b8b9ae52e2e
1fbbfbf2aff3f6cb01ac1967abafda6695aa9ee86e28862b0c45f62bffe51282
22e10fe34441064aa9f299fa998528c5fa9b139ad8febc19721970d5c41089b6
23ac89ef70bf0d17be980a75c8cbe50b0a77c9f00900eafc5508cc9dfae39a4e
2480b0e815e72badeae95b3ea9bc8f83d9c08391fafbe6b87ea756b7f26448ac
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ec855ca04e845f8224a48b7980e5909edfbfa3ffb06c3e70d8b3fd3a172907f
30176d6a5c73969fc90b6716bddabc60487fe47b6c881b237b044098ea2c5270
322edf2cf8791e8dbbc9b049ac302de21328e9933b27b7d8d4ba17646eb778eb
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
433695896b62e6f1f4484c0ef8378842c07f4734344dd56c0facb5709587bd27
463f0ce8002a6099321101b5fba38ffd479e524467f96b1b47bf5f7f3d98be02
4e8b90b2380c6f73922e90ac611f7d79ed0ace91bbcd5fc73ea6f3b6d7cb3441
5700bfcb505c60e0f1a05212cb1f4d394dee20e56920da711271b926938f4d6b
59abb56c718b009335e1e2556c998e72ead7b8dd3a58ed9a26550376dde0f324
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5e8a74e8b5d317f89629702af30ebf3350b3ec200ba1ecb0b6e6470c3a498a91
6022f98819fb4ef5388a053b10b9f6374125af06188c0e1b01375feb08107357
654456194fe808b14cfe47ab51c61125fa5b18adf7608c0c5acda5645e1d1819
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9bb60c6e2c926f9d1277648f551538a2df88eaf83342b293074cd3ac9c1fc2
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
814c15882c153ba64faa6f47e3e146b101263c93dfdcedc36e5d4c70e240c224
8391079e9917034c6ed2cbc2d8fea76882b9d537738567db83f3c9b92e96e72d
839e08dd077b29cdcff873ce9d21d070e3e1178f043a09b21fa2d2a82c0ed7e5
86dd0c037c74d34f3d07a3c5d3d08dfc1a23fd4da8cfead2f13e12d5e431ea56
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87d3eb2b91b8017b7d57320fe7e4f202bf6fea59903aa9be7b7cb8ed44d62bbb
8f00fb1b510c078f1c184a3e9aea8a56e70e641b8c2bef055a308845fc0710e4
9d3901c6ab8122bfc1c077ec15bff1af594c1b306e7bfd68c5a630b698cfd7bd
9e2a69a9f29016b5be2159209e346191fc12ce7db358e41b284a1c538b425ba1
a0af9203a315291a4338f54e3ff814aeabac6a52b92392834384933246412754
a800b458d39f5c08e2be481a84d1f45a94d1e230c4fc35df35f4ffb0ffe6d6a2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4030bb0559a5f6b6505f7d3961cf04e238d16f9d7135cba891dd7ed62e9cf7
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b216b7065e307a588eff990217e7e30486ae43ca2ca3a0dd7eafccc95501424b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c8b059bf27bec7d51a8695eaebc73563914dca74c9a2ded19b04634bb85470cc
c92f673bfa45a5b598c4eede6e19da2da70d407849dbf3bed8fdaf7a681eaede
d93cc0e0616a3440691e050a2fa771342d94ebfacc3b8858e09eb3ab400a06bc
e0ab1e741a49924be5242bb1451f9c1da06817437c6750153e5bff05b3679330
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
f426ae11da854d43ee97f2437e23127c179d478bac0e75e4fff8f3b208e4ef3d
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
fac5133f08500f224d6d1fe1d87cb2eb9fd9629b304a658e5f319413123c6b3e