Report - links.totalwellnessconsulting.ca/clk/202/10252566/743258371/_405818fc8f5545d8259b2945a7725996808bae55/20f535401b11c3719fa7f79a4a1204530431da7d/aHR0cHM6Ly9zZXJ2ZWRieWFkYnV0bGVyLmNvbS9nbzIvO0lEPTE3OTc4NztzaXplPTMwMHgyNTA7c2V0SUQ9NDU0NzM3O3VpZD00N2ZjODE4MC1lY2Y3LTAxM2MtOTI2YS0yMjYzOGQ1Nzg4ZDdAdG90YWx3ZWxsbmVzc2NvbnN1bHRpbmcuY2E7Y2xpY2s9Q0xJQ0tfTUFDUk9fUExBQ0VIT0xERVI=

Report Overview

Submitted URL
links.totalwellnessconsulting.ca/clk/202/10252566/743258371/_405818fc8f5545d8259b2945a7725996808bae55/20f535401b11c3719fa7f79a4a1204530431da7d/aHR0cHM6Ly9zZXJ2ZWRieWFkYnV0bGVyLmNvbS9nbzIvO0lEPTE3OTc4NztzaXplPTMwMHgyNTA7c2V0SUQ9NDU0NzM3O3VpZD00N2ZjODE4MC1lY2Y3LTAxM2MtOTI2YS0yMjYzOGQ1Nzg4ZDdAdG90YWx3ZWxsbmVzc2NvbnN1bHRpbmcuY2E7Y2xpY2s9Q0xJQ0tfTUFDUk9fUExBQ0VIT0xERVI=
IP
35.238.129.105
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2024-05-05 10:23:17
Access
public
Website Title
(1) Unread Message
Final URL
glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
glucofreeze.com	unknown	2021-05-26	2021-05-26	2024-02-29	3.5 kB	972 kB	69.172.200.220
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-05	535 B	34 kB	216.58.207.227
fast.wistia.com	5153	2007-03-18	2012-07-04	2024-05-04	5.1 kB	489 kB	151.101.194.132
distillery.wistia.com	6708	2007-03-18	2012-09-30	2024-05-03	992 B	820 B	54.230.111.55
embed-ssl.wistia.com	22795	2007-03-18	2017-01-29	2024-05-04	1.1 kB	50 kB	143.204.55.103
display.buygoods.com	389768	2003-06-23	2020-11-11	2024-04-11	467 B	1.9 kB	172.66.43.115
www.wm74trk.com	unknown	2020-04-22	2020-04-27	2024-02-25	576 B	982 B	34.107.190.195
embed-cloudfront.wistia.com	unknown	2007-03-18	2022-11-08	2024-05-04	4.7 kB	5.2 MB	143.204.55.51
pipedream.wistia.com	6958	2007-03-18	2017-01-30	2024-05-04	2.7 kB	2.3 kB	143.204.55.51
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22	2024-05-04	668 B	5.3 kB	192.124.249.22
glucofreezecurrent.com	unknown	2023-04-18	2023-04-19	2024-02-28	1.9 kB	53 kB	69.172.200.220
www.buygoods.com	470240	2003-06-23	2017-09-10	2024-03-20	458 B	422 B	172.66.43.115
a.clickcertain.com	3511	2012-03-30	2012-11-04	2024-05-03	3.7 kB	565 kB	104.26.9.50
px.liftcertain.com	unknown	2020-05-06	2021-05-01	2024-03-07	465 B	5.5 kB	104.21.68.54
links.totalwellnessconsulting.ca	unknown	2005-10-30	2017-03-02	2021-12-22	821 B	1.1 kB	35.238.129.105
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-05	1.4 kB	19 kB	142.250.74.170
trk.consumptionusdaily.com	unknown	2023-03-23	2023-03-23	2024-03-24	1.0 kB	0 B	0.0.0.0
trkw.fitterufitness.com	unknown	2009-03-27	2024-01-26	2024-04-10	707 B	1.0 kB	143.204.55.9
a.usbrowserspeed.com	unknown	2022-11-30	2022-12-01	2024-05-03	1.4 kB	847 B	34.210.230.91
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-04	1.4 kB	68 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-05	427 B	65 kB	142.250.74.40
buygoods.com	125874	2003-06-23	2015-10-28	2024-04-17	454 B	5.1 kB	172.66.43.115
a.remarketstats.com	38181	2012-04-23	2012-11-23	2024-05-03	524 B	1.5 kB	104.26.2.122
tracking.buygoods.com	303552	2003-06-23	2017-10-16	2024-04-11	740 B	8.7 kB	172.66.43.115
servedbyadbutler.com	14725	2003-10-24	2012-11-04	2024-05-03	613 B	8.6 kB	178.162.175.77
d10lpsik1i8c69.cloudfront.net	unknown	2008-04-25	2016-05-17	2024-03-11	415 B	4.3 kB	54.230.241.104
tag.trovo-tag.com	unknown	2022-04-26	2022-06-09	2024-05-02	1.2 kB	2.6 kB	54.230.111.124
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	437 B	32 kB	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-05	medium	consumptionusdaily.com	Sinkholed
2024-05-05	medium	consumptionusdaily.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	Size	First Seen	Last Seen
	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	477 B	2023-03-13	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 01:40:08 Last Seen2024-05-18 16:11:02 Times Seen82 Hash 3ec789d2138e6e984881027980712b96 109973fb1fa1645b1c1c1de3d3cf0fdf322cd57c 7e729400252647acdf27c968119e3ad6f7ccce0244cf00becdf4dc950418ac64 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	341 B	2023-04-19	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 14:53:33 Last Seen2024-05-18 16:11:02 Times Seen75 Hash a624b44f90e93498e0a4fdf17b2ac3c5 aa52b014e2cd3d18abed53173f932dbdd551fb0d 0b6e2389cd9aa32df566dceb1d98128747a550faaf2b20258c41af89056ef473 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	302 B	2023-03-29	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:38:12 Last Seen2024-05-18 16:11:02 Times Seen79 Hash 2a5928445792ce2bd250271033a0c4b8 1444e13ab86beb255f88ee0de699f9cf05619ed6 c1bd679d2480b5f4e15124d169578cc81118613d0de137d4d6a4559f0fc4e105 Loading...

	fast.wistia.com/assets/external/E-v1.js	821 kB	2024-05-03	2024-05-06
Pretty URL fast.wistia.com/assets/external/E-v1.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 20:42:22 Last Seen2024-05-06 00:11:33 Times Seen22 Hash 80614b8d803f2c906aa3c7e77f8960ff 7a19443f27fb47fc8af0d969cd7872d4ad838c09 c0565c7259c86537c464248d3a2388eaea8fe765e69d6eb624b42f19e5951cf7 Loading...

	fast.wistia.com/assets/external/engines/manual_quality_video.js	87 kB	2024-04-10	2024-05-06
Pretty URL fast.wistia.com/assets/external/engines/manual_quality_video.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:40:57 Last Seen2024-05-06 00:11:34 Times Seen79 Hash bb20e03aebfbf9c61988b03ad122b818 99de8b740083c320585c571ca5f2c104c41a5dbf 5aa1dbc9abb135ee1fa2a925e40ed1eff109e50ea3a88d55b735a00b0792e991 Loading...

	d10lpsik1i8c69.cloudfront.net/w.js	5.3 kB	2024-01-25	2024-05-18
Pretty URL d10lpsik1i8c69.cloudfront.net/w.js IP 54.230.241.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-25 23:36:04 Last Seen2024-05-18 16:11:03 Times Seen167 Hash e31293f40e8a324de552ff593ee76a9b 8dc5eda61e77f52f2a4f914e2a69976f9a0825e3 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	389 B	2023-03-13	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 01:40:08 Last Seen2024-05-18 16:11:02 Times Seen82 Hash db0d9adedfd2ae7573d0fabbdfb34085 6c4cb7fc5863685356654c14e0b98dbf0bdbc35d daf4728d775b2c06d7c9b00e802c223362619729659396acb541242a0ecc2ba8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-18 19:31:22 Times Seen145328 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	1.1 kB	2023-04-19	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 14:53:33 Last Seen2024-05-18 16:11:02 Times Seen75 Hash ec99552eec99274aa3b7271f63e701b7 f2159ddb6cc73b5750a329ef5ada236800bac77e 624f7a923c5d6a9f27403e41fd5a4496c6fc0c5d85c628c32da1374d3f52a986 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	1.3 kB	2023-08-13	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-13 21:47:36 Last Seen2024-05-18 16:11:02 Times Seen66 Hash 9d06639bbc9896cab58d3ca565451d52 d418167551cc1c185e5266b1a116f8b3562e51c8 5cd810c4124fbc62e14f9461bb23d138119d72924a1f5d6608365c0fb5edd893 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	1.5 kB	2023-06-10	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-10 21:07:34 Last Seen2024-05-18 16:11:02 Times Seen73 Hash 6615bc24f4a77f2ca97c62e7b22aa13c 129a5e27fc6036b62dfc185a40ab50ec44e9c904 674a937ba2346a51a16fe27ecf7064cb3fc88fdd4df524fc0d96cf72deeae8cc Loading...

	display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white	1.3 kB	2023-03-13	2024-05-18
Pretty URL display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white IP 172.66.43.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:40:08 Last Seen2024-05-18 16:11:02 Times Seen85 Hash 297397072c9f43bbe283628c0c014bd0 8e6ce9988b80049b88d459b08af31ed6863f043b bf4fa464d20fe3b9ff1c550dd8d0ae0d3e22579019233d974ae40c21b6671338 Loading...

	fast.wistia.com/embed/medias/ncv3mm9rsz.jsonp	70 kB	2024-05-01	2024-05-05
Pretty URL fast.wistia.com/embed/medias/ncv3mm9rsz.jsonp IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 12:09:44 Last Seen2024-05-05 12:23:21 Times Seen4 Hash 33fab3022d9bdb1d0cef9ed217067473 d14533fd3fbfacbb0f039011bd569ed75645bfe4 e4d64f9d98b23a84edf8510a995d3ea66275ce360b73e8ef29b63244d887c67d Loading...

	a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f	0 B	2023-03-07	2024-05-18
Pretty URL a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f IP 104.26.9.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 19:34:15 Times Seen37794375 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TB9D7HB	177 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TB9D7HB IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:23:20 Last Seen2024-05-05 12:23:20 Times Seen2 Hash 595426447484e9d0a06014d07d3465c5 4badd7bd5725cfa014d18bce35da6c95caee1634 9ca7b57523eef98276c61f045e80121c8fe985100c9f51b8aeddfe0c745a8fe7 Loading...

	glucofreezecurrent.com/special-announcement/assets/js/main.js	0 B	2023-03-07	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/assets/js/main.js IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 19:34:15 Times Seen37794375 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	fast.wistia.com/assets/external/captions.js	177 kB	2024-05-05	2024-05-06
Pretty URL fast.wistia.com/assets/external/captions.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:23:20 Last Seen2024-05-06 00:11:34 Times Seen4 Hash 40fb401e8baf4cd13c41143e72efe467 7bfd85832ad53b4502ba5733d109530ff38b42a5 23b44416127ccfb3435aacf23627d7591c4f89067d5c69c20317950e7834335f Loading...

	a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f	0 B	2023-03-07	2024-05-18
Pretty URL a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f IP 104.26.9.50 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 19:34:15 Times Seen37794375 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	465 B	2023-07-14	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-14 17:42:27 Last Seen2024-05-18 16:11:02 Times Seen72 Hash d7c6db94b4dce3e74fd84e1f45e79ace 298ae27efe2d39aaeda47f0374c2ffffaf636443 ce173b370049d782f3c6c438c67730aeaf30ab9ea31720cc2f88dbcaa1652734 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	832 B	2023-08-17	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-17 16:43:08 Last Seen2024-05-18 16:11:02 Times Seen65 Hash 2ed32cab2d62bda1946fe4c4fa484d77 75b337d24d9a0d076f1e4ee679682a1c01d0ffef a0b624c53018d30c5d24175b9921c8037cd213848b0022f0ba6ce243d068ffb7 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	444 B	2023-11-15	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 17:53:36 Last Seen2024-05-18 16:11:02 Times Seen40 Hash ed2cad0f20b3c63c5a19b51c3328d4a8 4e50414d976ab46c9aeb8b3b183a67e6248c70e6 7cfaa5eecb9ba16faea53c08ce20fa779060f0e3a6218909b0f3646e0f7e11a7 Loading...

	tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fglucofreezecurrent.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D7990%26subid%3Dab5_adbutler-%257B%257Bcampaign.name%257D%257D%26subid5%3D5e9759a020b14b69bbe6b6dd915eb780	7.2 kB	2024-05-05	2024-05-05
Pretty URL tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fglucofreezecurrent.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D7990%26subid%3Dab5_adbutler-%257B%257Bcampaign.name%257D%257D%26subid5%3D5e9759a020b14b69bbe6b6dd915eb780 IP 172.66.43.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:23:20 Last Seen2024-05-05 12:23:20 Times Seen1 Hash aab62b8bc985cc8f9cb6aca8db2289c5 45935111a1c2f55ee1dc2c6884dd5b4adbdb030e 2502e6b529373aae92ac27ef3b347dfcc2a229c4f21f06e7723afe28cd49da2d Loading...

	fast.wistia.com/assets/external/engines/hls_video.js	486 kB	2024-04-30	2024-05-06
Pretty URL fast.wistia.com/assets/external/engines/hls_video.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 06:28:52 Last Seen2024-05-06 00:11:34 Times Seen42 Hash 684734572ab20dfca09fb5b6ddccd95b 9a90f98c201e64522c24d3ec55de54885a220354 fc04939bd10e64a44b9614e6e657bcb9b3f15cc2870b5358ac6aca80ddc461e1 Loading...

	fast.wistia.com/assets/external/playPauseLoadingControl.js	83 kB	2024-04-10	2024-05-06
Pretty URL fast.wistia.com/assets/external/playPauseLoadingControl.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:36:41 Last Seen2024-05-06 00:11:34 Times Seen273 Hash 7845f53703880c301c91e55dacfb2730 a91923e2fe5f5a139f65a41682cee83637c636bf 441f641db8dc0a94620a07d59cfdad03e6fd3630fe3af81f82ce80d9d8ac3942 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	444 B	2023-11-30	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 02:19:40 Last Seen2024-05-18 16:11:03 Times Seen36 Hash dd9e53f53bcf1fd1c85486d7247b3c86 d47e5f7f09534575d03881f0d0b26b91609b2209 7555a72eac936e2d5f57943f4913a5d6cfbfa2fe731b7b4d3f33e9bad468db16 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	309 B	2024-05-01	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 12:09:44 Last Seen2024-05-18 16:11:03 Times Seen14 Hash 2d6d0981ffbffa9d3f5ea6c9f94ccb5e d42c954491795d534960f364c0329da11168f590 59190149d342b9c8a0641f8f9fe84e23b5d9910f57116b865fbf83f11954a41a Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	373 B	2024-05-01	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 12:09:44 Last Seen2024-05-18 16:11:03 Times Seen14 Hash 680cc1df646cd60949731233bb42bb20 752ee5c5c63de6eaafcbecf3030d004d35a2fdf5 68b27d8688d59ebfd814e8e82beea1806191eba601506409af8c7afa38baee4c Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	444 B	2024-05-01	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-01 12:09:45 Last Seen2024-05-18 16:11:03 Times Seen14 Hash ad01158b7ed9e28c2c60f314060d109f a2b0040824e94bb47e2f1e046f24baadac4d4488 d3af1b8bbc4a5e7636930b723e7cfe017faf8b244d81d1dcdaa3a7ebcb29834a Loading...

	px.liftcertain.com/px/smart/?c=2558a4a33dad622&seg=special-announcement/index.html	4.7 kB	2024-05-05	2024-05-05
Pretty URL px.liftcertain.com/px/smart/?c=2558a4a33dad622&seg=special-announcement/index.html IP 104.21.68.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:23:20 Last Seen2024-05-05 12:23:20 Times Seen1 Hash 152bbd0466229e132be20f2dd194a8c1 56cab05ff47592e5af2d7b73755f35aae8d2a900 85d608b55479fbca928fd632a1fe9ed4a7ad2616935a297b16cab7a100077601 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	4.9 kB	2023-04-19	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-19 14:53:33 Last Seen2024-05-18 16:11:03 Times Seen75 Hash 9666c41aedf03401e6e4c2636fa5a31c e8d822acfd1162ca16ae5a1ddeda041021c6af05 cfa39c58aad859f89a0b05e6dac071bef5d025d97e9c384e53b14542104c83d4 Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	678 B	2023-03-13	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 01:40:08 Last Seen2024-05-18 16:11:03 Times Seen84 Hash d3fec2fb34bb78e6961b9ee97936e35d 34a62eb757bf399891c5045f5b7902a714c0eaaf bfee5200bd297bd79b7bd7bf041649ed5cb98638ab268cf6705a6720cff314c0 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js	81 kB	2023-03-07	2024-05-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-18 16:11:03 Times Seen593 Hash 21f815ff6d1883c4e81d821d38ff4070 386ea8bd17f21149c4e3a2303665fe6398e4e7d0 f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f Loading...

	glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780	565 B	2023-05-16	2024-05-18
Pretty URL glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 IP 69.172.200.220 ASN #19324 DOSARREST Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-16 04:13:20 Last Seen2024-05-18 16:11:03 Times Seen79 Hash 9d0dd6ddaca49d355cd31c064422abb6 bf4cccc0ba5973a86ca141dcd38d4f3915ddd7a1 48397fe38a612532ae3889b6170dbf03a19e60c879b4b8746ee59280dcb682be Loading...

	fast.wistia.com/assets/external/interFontFace.js	46 kB	2024-02-16	2024-05-16
Pretty URL fast.wistia.com/assets/external/interFontFace.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-16 10:47:34 Last Seen2024-05-16 00:23:42 Times Seen282 Hash 3f2ff79e381b7c62a91d075126305db2 ab1b8e079885bccee11feea592dad6ceba5b98d2 1c0cc58f170530f1abed279be1d4e4c79f817fae7d45a2d8faf1c0cbe768bb7e Loading...

	tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456	1.2 kB	2023-12-03	2024-05-18
Pretty URL tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456 IP 54.230.111.124 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 02:37:54 Last Seen2024-05-18 16:11:03 Times Seen145 Hash d35669952016120e82e2257b4aff9a54 ccc2aeb6d869b1a38ee0a70f8568c98e72f6b68a 42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d Loading...

	fast.wistia.com/assets/external/vulcanV2Player/video/controls/LastFrameCanvasControl.js	54 kB	2024-04-10	2024-05-13
Pretty URL fast.wistia.com/assets/external/vulcanV2Player/video/controls/LastFrameCanvasControl.js IP 151.101.194.132 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 21:40:57 Last Seen2024-05-13 01:53:54 Times Seen101 Hash 4731bc042455e46e6736bff1015fa1b0 303453377f8d086b8bb5de37850da2fc2caedf6a e2e72cc04efcdf450c9e399f18536146298e8924511b7f6705173399bd6ee803 Loading...

HTTP Transactions (74)

URL IP Response Size

links.totalwellnessconsulting.ca/clk/202/10252566/743258371/_405818fc8f5545d8259b2945a7725996808bae55/20f535401b11c3719fa7f79a4a1204530431da7d/aHR0cHM6Ly9zZXJ2ZWRieWFkYnV0bGVyLmNvbS9nbzIvO0lEPTE3OTc4NztzaXplPTMwMHgyNTA7c2V0SUQ9NDU0NzM3O3VpZD00N2ZjODE4MC1lY2Y3LTAxM2MtOTI2YS0yMjYzOGQ1Nzg4ZDdAdG90YWx3ZWxsbmVzc2NvbnN1bHRpbmcuY2E7Y2xpY2s9Q0xJQ0tfTUFDUk9fUExBQ0VIT0xERVI=

35.238.129.105

302 Found

233 B

URL User Request GET HTTP/1.1
links.totalwellnessconsulting.ca/clk/202/10252566/743258371/_405818fc8f5545d8259b2945a7725996808bae55/20f535401b11c3719fa7f79a4a1204530431da7d/aHR0cHM6Ly9zZXJ2ZWRieWFkYnV0bGVyLmNvbS9nbzIvO0lEPTE3OTc4NztzaXplPTMwMHgyNTA7c2V0SUQ9NDU0NzM3O3VpZD00N2ZjODE4MC1lY2Y3LTAxM2MtOTI2YS0yMjYzOGQ1Nzg4ZDdAdG90YWx3ZWxsbmVzc2NvbnN1bHRpbmcuY2E7Y2xpY2s9Q0xJQ0tfTUFDUk9fUExBQ0VIT0xERVI=
IP
35.238.129.105:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectlinks.totalwellnessconsulting.ca
Fingerprint8D:F6:B7:61:EB:59:70:F6:B4:4F:90:4B:31:CE:BE:EC:06:1A:0E:78
ValidityThu, 04 Apr 2024 07:48:26 GMT - Wed, 03 Jul 2024 07:48:25 GMT

File type
HTML document, ASCII text, with no line terminators
Size
233 B (233 bytes)
Hash
ec28f4e6eeaf6514417ecffc39fa4815
5e230f29e0c547ee5400a08a71c910c642335af8
c62255d420fde0cdcef641f685e5191e3f72e2f505b3b3bd1414e9621f563229

HTTP Headers

GET /clk/202/10252566/743258371/_405818fc8f5545d8259b2945a7725996808bae55/20f535401b11c3719fa7f79a4a1204530431da7d/aHR0cHM6Ly9zZXJ2ZWRieWFkYnV0bGVyLmNvbS9nbzIvO0lEPTE3OTc4NztzaXplPTMwMHgyNTA7c2V0SUQ9NDU0NzM3O3VpZD00N2ZjODE4MC1lY2Y3LTAxM2MtOTI2YS0yMjYzOGQ1Nzg4ZDdAdG90YWx3ZWxsbmVzc2NvbnN1bHRpbmcuY2E7Y2xpY2s9Q0xJQ0tfTUFDUk9fUExBQ0VIT0xERVI= HTTP/1.1
Host: links.totalwellnessconsulting.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
transfer-encoding: chunked
status: 302 Found
cache-control: no-cache
vary: Origin
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 346642df-3127-4fb8-a24c-fe50e6bc76cd
location: https://servedbyadbutler.com/go2/;ID=179787;size=300x250;setID=454737;uid=47fc8180-ecf7-013c-926a-22638d5788d7@totalwellnessconsulting.ca;click=CLICK_MACRO_PLACEHOLDER
x-download-options: noopen
x-runtime: 0.035790
x-content-type-options: nosniff
date: Sun, 05 May 2024 10:22:45 GMT
set-cookie: _session_id=e585d46cd8aa68414a9bb49dbeed268e; path=/; expires=Fri, 10 May 2024 10:22:45 GMT; HttpOnly
x-powered-by: Phusion Passenger 5.3.7
server: nginx/1.22.1 + Phusion Passenger(R) 6.0.18

trkw.fitterufitness.com/6adc195d-549f-46b8-879a-1b9589d1fe98?offer=fc-v3-diabetics-heres-how-to-lower-blood-sugar&sub2={{contact.email}}&from={{campaign.from_name}}-{{campaign.from_email}}&subject={{campaign.subject}}&sub1=ab5_adbutler-{{campaign.name}}

143.204.55.9

302 Found

0 B

URL User Request GET HTTP/2
trkw.fitterufitness.com/6adc195d-549f-46b8-879a-1b9589d1fe98?offer=fc-v3-diabetics-heres-how-to-lower-blood-sugar&sub2={{contact.email}}&from={{campaign.from_name}}-{{campaign.from_email}}&subject={{campaign.subject}}&sub1=ab5_adbutler-{{campaign.name}}
IP
143.204.55.9:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subjecttrkw.fitterufitness.com
Fingerprint02:55:44:28:89:6D:85:F1:1B:D9:59:03:04:3B:08:7F:59:B1:2C:7B
ValidityWed, 10 Apr 2024 00:00:00 GMT - Fri, 09 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /6adc195d-549f-46b8-879a-1b9589d1fe98?offer=fc-v3-diabetics-heres-how-to-lower-blood-sugar&sub2={{contact.email}}&from={{campaign.from_name}}-{{campaign.from_email}}&subject={{campaign.subject}}&sub1=ab5_adbutler-{{campaign.name}} HTTP/1.1
Host: trkw.fitterufitness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-length: 0
location: https://www.wm74trk.com/28KL6/24PQD1K/?sub1=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&sub5=wi9hkdhpu8ketq21j36q62ns&sub3=91.90.42.154
date: Sun, 05 May 2024 10:22:45 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 6adc195d-549f-46b8-879a-1b9589d1fe98-v4=4DBImDaQqT6YryHkjRo3-ur4bbWJwrpMtEz_-18pfiQ; Max-Age=86400; Expires=Mon, 06-May-2024 10:22:45 GMT; Domain=trkw.fitterufitness.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wi9hkdhpu8ketq21j36q62ns%22%2C%22caid%22%3A%226adc195d-549f-46b8-879a-1b9589d1fe98%22%7D; Max-Age=31536000; Expires=Mon, 05-May-2025 10:22:45 GMT; Domain=trkw.fitterufitness.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xc8TBc9WWL48wHNVBkK14lX818xou9lStiPhxS3qDYzdvxJjZb_JHA==
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.22

2.1 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2149 bytes)
Hash
286b9364e575f06839bbd8b1bd716ca8
e326515be10744446395d35bb79b5c6d15580452
22641b8ae3f58b7c6a06eeb29dbb47af1373d54660ee0e5b3737ef437a164ed8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 May 2024 10:22:45 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 May 2024 06:03:28 GMT
Expires: Mon, 06 May 2024 06:03:28 GMT
ETag: "e326515be10744446395d35bb79b5c6d15580452"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.wm74trk.com/28KL6/24PQD1K/?sub1=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&sub5=wi9hkdhpu8ketq21j36q62ns&sub3=91.90.42.154

34.107.190.195

302 Found

190 B

URL User Request GET HTTP/2
www.wm74trk.com/28KL6/24PQD1K/?sub1=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&sub5=wi9hkdhpu8ketq21j36q62ns&sub3=91.90.42.154
IP
34.107.190.195:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerStarfield Technologies, Inc.
Subjectwm74trk.com
FingerprintE2:B1:32:1E:F7:31:52:44:A3:2D:68:62:84:6C:DB:C1:68:95:DE:60
ValidityWed, 03 Jan 2024 16:10:54 GMT - Mon, 03 Feb 2025 16:10:54 GMT

File type
HTML document, ASCII text
Size
190 B (190 bytes)
Hash
f3ffdf691284493211fc244be3ae3127
7c675ea4bd5a0104cef9db23209ce09820437bf8
c4cd736bb9973b65a63b4a3270aa319287ab071c4c4e3e4749264b8a7ddc9191

HTTP Headers

GET /28KL6/24PQD1K/?sub1=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&sub5=wi9hkdhpu8ketq21j36q62ns&sub3=91.90.42.154 HTTP/1.1
Host: www.wm74trk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sun, 05 May 2024 10:22:45 GMT
content-type: text/html; charset=utf-8
content-length: 190
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
set-cookie: uniqueClick_24PQD1K=f8f1a153-d336-428c-9827-b737218a2036:1714904565; Path=/; Expires=Wed, 08 May 2024 10:22:45 GMT; Secure; SameSite=None
transaction_id=5e9759a020b14b69bbe6b6dd915eb780; Path=/; Expires=Sat, 03 Aug 2024 10:22:45 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 4f801792-3259-4856-9f07-7c25dc979a25
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

servedbyadbutler.com/go2/;ID=179787;size=300x250;setID=454737;uid=47fc8180-ecf7-013c-926a-22638d5788d7@totalwellnessconsulting.ca;click=CLICK_MACRO_PLACEHOLDER

178.162.175.77

302 Found

7.9 kB

URL User Request GET HTTP/2
servedbyadbutler.com/go2/;ID=179787;size=300x250;setID=454737;uid=47fc8180-ecf7-013c-926a-22638d5788d7@totalwellnessconsulting.ca;click=CLICK_MACRO_PLACEHOLDER
IP
178.162.175.77:443
ASN
#60781 LeaseWeb Netherlands B.V.

Certificate
IssuerSectigo Limited
Subjectservedbyadbutler.com
FingerprintAC:0D:46:DA:98:36:21:A9:17:1A:78:AE:A4:F4:B6:0B:58:88:2B:00
ValidityWed, 24 Apr 2024 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Size
7.9 kB (7853 bytes)
Hash
0415c575c61c879809bbf0b51878c345
0c38e80f6c03b2112bc918c3dcb1c0b5b0495514
9fa626b7ac342d64cd99e9ae7fa094cd3f2b7d69cda29a900360f17ef18e8318

HTTP Headers

GET /go2/;ID=179787;size=300x250;setID=454737;uid=47fc8180-ecf7-013c-926a-22638d5788d7@totalwellnessconsulting.ca;click=CLICK_MACRO_PLACEHOLDER HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sun, 05 May 2024 10:22:45 GMT
content-type: text/html; charset=UTF-8
location: https://trkw.fitterufitness.com/6adc195d-549f-46b8-879a-1b9589d1fe98?offer=fc-v3-diabetics-heres-how-to-lower-blood-sugar&sub2={{contact.email}}&from={{campaign.from_name}}-{{campaign.from_email}}&subject={{campaign.subject}}&sub1=ab5_adbutler-{{campaign.name}}
p3p: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
set-cookie: _adbc=OJPvkSp6cwXOZVaYh%3Dve%3DWWRLlcQt7Qp99ovJDdz8yJwaoH%2FeI9MG3nVGpdnOlJ8TwSNl5jN%2BS21Sbs2Wr9JezNYhHJQuRLFaoqXQplgRRjY%2BaeAcj%2FqpRUW; expires=Fri, 01 Nov 2024 10:22:45 GMT; Max-Age=15552000; path=/; domain=servedbyadbutler.com; secure; SameSite=None
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css

104.17.24.14

200 OK

18 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65326)
Size
18 kB (17550 bytes)
Hash
816af0eddd3b4822c2756227c7e7b7ee
c470239d4c7db36d56dc3a74a080c62218c6edc4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:47 GMT
content-type: text/css; charset=utf-8
content-length: 17550
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f2c377f-2722e"
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 406555
expires: Fri, 25 Apr 2025 10:22:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2B4MtPyXtlIhyN0fjDj9%2BtbbRNLxJdpsBg4LRKyZhExyougGR32oQysWRqMxxZvH5h%2BgHXAHAO6BGyVZUIz6250VVc2PUElgvv%2FnUs33D06yN19Y1wplipS4l88%2FY%2BsWr%2BUiRLZ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f002eaeffab4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
19 kB (19030 bytes)
Hash
21f815ff6d1883c4e81d821d38ff4070
386ea8bd17f21149c4e3a2303665fe6398e4e7d0
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f

HTTP Headers

GET /ajax/libs/twitter-bootstrap/4.5.2/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 19030
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f2c377f-13c1f"
last-modified: Thu, 06 Aug 2020 17:01:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 389846
expires: Fri, 25 Apr 2025 10:22:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hq3%2Bq6UKBzfsqXZPKxaD%2B%2BsYqV52Xoy90EGOmYKyN8WrMdsGv8%2FZIwRTS95UO66KJBdrH2bTN8HBUXvRNOrz4pwnosXqEpvbYYAju9fdHKFcXFfcfBUXb6eZ66HLvUizXyZFxEu8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f002eafffcb4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.24.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
28 kB (27958 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 307765
expires: Fri, 25 Apr 2025 10:22:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ilm%2F%2B0qfc4IcFmWHq61dQBC5lmzFecxXVVoLFLzzwwsma7J8sUWzDPLfoduzUZ27jqBuCJCBQHN5sQouIxRnAijywRelxd23Wz08JVf1p%2FhbESyesVAFcUV3E8gTrhEjgZ%2BCjr%2Bf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87f002eaeffbb4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780

69.172.200.220

200 OK

50 kB

URL User Request GET HTTP/2
glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Certificate
IssuerLet's Encrypt
Subjectcbs.earthechoislandbliss.com
Fingerprint25:5B:BD:32:1C:3E:3A:F5:89:1D:CC:8A:F6:56:07:41:E7:8F:34:B2
ValidityMon, 22 Apr 2024 13:54:36 GMT - Sun, 21 Jul 2024 13:54:35 GMT

File type
gzip compressed data, from Unix
Size
50 kB (50534 bytes)
Hash
dfd4cecbd9ba4b1d9d7da641e8f978dd
1999cf11dbc76f944217e69cea4a5c9489b8df36
dd523ea2addf2516a63d3a0e35a7a8d4835560e92515deec2f6ef1a85da64e3e

HTTP Headers

GET /special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780 HTTP/1.1
Host: glucofreezecurrent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:46 GMT
content-type: text/html
last-modified: Sat, 17 Feb 2024 13:21:47 GMT
etag: W/"65d0b2eb-1ff92"
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaA2Y3XfaUYABIA2UvAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
cache-control: public, private
x-dis-request-id: a741d202a508f45685c11cad1feb2c20
server: DOSarrest
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/E-v1.js

151.101.194.132

200 OK

137 kB

URL GET HTTP/2
fast.wistia.com/assets/external/E-v1.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65474)
Size
137 kB (136902 bytes)
Hash
80614b8d803f2c906aa3c7e77f8960ff
7a19443f27fb47fc8af0d969cd7872d4ad838c09
c0565c7259c86537c464248d3a2388eaea8fe765e69d6eb624b42f19e5951cf7

HTTP Headers

GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Fri, 03 May 2024 17:44:50 GMT
etag: "91d641ace2bbc02e4c4b16d6564d8895"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:47 GMT
age: 2229
x-served-by: cache-iad-kcgs7200157-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 62, 721
x-timer: S1714904568.655987,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 136902
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:27:35 GMT
expires: Sat, 03 May 2025 02:27:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 201312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glucofreezecurrent.com/special-announcement/assets/js/main.js

69.172.200.220

200 OK

0 B

URL GET HTTP/2
glucofreezecurrent.com/special-announcement/assets/js/main.js
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectcbs.earthechoislandbliss.com
Fingerprint25:5B:BD:32:1C:3E:3A:F5:89:1D:CC:8A:F6:56:07:41:E7:8F:34:B2
ValidityMon, 22 Apr 2024 13:54:36 GMT - Sun, 21 Jul 2024 13:54:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /special-announcement/assets/js/main.js HTTP/1.1
Host: glucofreezecurrent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Cookie: uid=wKhaA2Y3XfaUYABIA2UvAg==; cnid=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: application/javascript
content-length: 0
last-modified: Mon, 11 Sep 2023 21:25:15 GMT
etag: "64ff85bb-0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
x-dis-request-id: e7a0f2b176fb014fe05df80e8f4166fc
server: DOSarrest
X-Firefox-Spdy: h2

glucofreezecurrent.com/special-announcement/assets/css/styles.min.css

69.172.200.220

200 OK

1.0 kB

URL GET HTTP/2
glucofreezecurrent.com/special-announcement/assets/css/styles.min.css
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectcbs.earthechoislandbliss.com
Fingerprint25:5B:BD:32:1C:3E:3A:F5:89:1D:CC:8A:F6:56:07:41:E7:8F:34:B2
ValidityMon, 22 Apr 2024 13:54:36 GMT - Sun, 21 Jul 2024 13:54:35 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1001 bytes)
Hash
aedbcd562ee9fa3a41e2d0aab565eeac
16234eec1186f3d9b57ed0b3b00c243a785e9f39
c7096b30b2b0fd4d7c966a9dcfc04ab6e234cd899f82fd52cca10382621138a1

HTTP Headers

GET /special-announcement/assets/css/styles.min.css HTTP/1.1
Host: glucofreezecurrent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Cookie: uid=wKhaA2Y3XfaUYABIA2UvAg==; cnid=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 16:23:44 GMT
etag: W/"650dbf90-5ba"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
x-dis-request-id: c0574a53ceeaab740caae273dab8cebf
server: DOSarrest
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TB9D7HB

142.250.74.40

200 OK

64 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TB9D7HB
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
64 kB (64335 bytes)
Hash
595426447484e9d0a06014d07d3465c5
4badd7bd5725cfa014d18bce35da6c95caee1634
9ca7b57523eef98276c61f045e80121c8fe985100c9f51b8aeddfe0c745a8fe7

HTTP Headers

GET /gtm.js?id=GTM-TB9D7HB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 10:22:48 GMT
expires: Sun, 05 May 2024 10:22:48 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.24

2.1 kB

URL
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
2.1 kB (2149 bytes)
Hash
286b9364e575f06839bbd8b1bd716ca8
e326515be10744446395d35bb79b5c6d15580452
22641b8ae3f58b7c6a06eeb29dbb47af1373d54660ee0e5b3737ef437a164ed8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 May 2024 10:22:47 GMT
Content-Type: application/ocsp-response
Content-Length: 2149
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 May 2024 06:03:28 GMT
Expires: Mon, 06 May 2024 06:03:28 GMT
ETag: "e326515be10744446395d35bb79b5c6d15580452"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

glucofreeze.com/controlScript.js

69.172.200.220

404 Not Found

9 B

URL GET HTTP/2
glucofreeze.com/controlScript.js
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /controlScript.js HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sun, 05 May 2024 10:22:48 GMT
content-type: text/plain; charset=utf-8
content-length: 9
set-cookie: user_id=93d262288ab1d0aec04b8642b731579e; path=/; expires=Fri, 05 May 2034 10:22:48 GMT; secure
user_id.sig=9SooApoPKPQ08cB45m7WXJROLm8; path=/; expires=Fri, 05 May 2034 10:22:48 GMT; secure
persistedParams=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
persistedParams.sig=qQIP2OdsTFa87s1ohgL1NB6ingI; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; secure; httponly
uid=wKhaAWY3Xfi1tgBJFXIrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=0; path=/
cache-control: private
x-dis-request-id: 47e40329904e1b080c31fe22aa67530f
server: DOSarrest
X-Firefox-Spdy: h2

glucofreeze.com/xkm(1).jpg

69.172.200.220

200 OK

34 kB

URL GET HTTP/2
glucofreeze.com/xkm(1).jpg
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 1100x527, components 3
Size
34 kB (34327 bytes)
Hash
9d5760f9946d6556a7ff2623b177800c
6fca3c35cb7ce23d55d46fa9a0ad3e7a16ba9ea8
98b8581981e293666aae1977953931103c850844e9a564b088c383cf7e060f33

HTTP Headers

GET /xkm(1).jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: image/jpeg
content-length: 34327
last-modified: Sat, 04 Sep 2021 09:35:29 GMT
etag: "61333de1-8617"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
set-cookie: uid=wKhaA2Y3XfgP4QBNFWonAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
x-dis-request-id: ecaed7bc9d5a4354bed156fcf77a680b
server: DOSarrest
X-Firefox-Spdy: h2

www.buygoods.com/images/buygoods_black.png

172.66.43.115

301 Moved Permanently

0 B

URL GET HTTP/3
www.buygoods.com/images/buygoods_black.png
IP
172.66.43.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectbuygoods.com
Fingerprint19:69:B3:E8:13:6C:1D:19:3A:7C:5A:16:8C:67:20:3B:60:DC:31:6F
ValidityMon, 29 Apr 2024 07:13:53 GMT - Sun, 28 Jul 2024 08:12:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/buygoods_black.png HTTP/1.1
Host: www.buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sun, 05 May 2024 10:22:49 GMT
content-length: 0
location: https://buygoods.com/images/buygoods_black.png
cf-cache-status: HIT
age: 6717
expires: Sun, 05 May 2024 14:22:49 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87f002f48cb80b49-OSL
alt-svc: h3=":443"; ma=86400

glucofreeze.com/1xm.jpg

69.172.200.220

200 OK

196 kB

URL GET HTTP/2
glucofreeze.com/1xm.jpg
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 3235x2241, components 3
Size
196 kB (195669 bytes)
Hash
b898f3bd70288fae2bc5f6cd323c5fa5
5a648c90e121ec625ef1672f77a0d78da17a1461
a187f43a898d99d8220262f6a48bf64fd36d26fd7bad72750706829e9a28f373

HTTP Headers

GET /1xm.jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: image/jpeg
content-length: 195669
last-modified: Fri, 17 Mar 2023 18:07:56 GMT
etag: "6414ac7c-2fc55"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
set-cookie: uid=wKhaA2Y3XfgP4QBNFWomAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
x-dis-request-id: ddd06d480d191e8e3a471136035fe175
server: DOSarrest
X-Firefox-Spdy: h2

glucofreeze.com/3xm.jpg

69.172.200.220

200 OK

334 kB

URL GET HTTP/2
glucofreeze.com/3xm.jpg
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 3235x2241, components 3
Size
334 kB (333452 bytes)
Hash
f36a4269c73b6444389c9c4a7d90174d
340f315e247b296bd99ac216d1148bba24ffed25
91007afc973bc87a4063713326eb53007f0ec7d2280df2110226c6de024ab59c

HTTP Headers

GET /3xm.jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: image/jpeg
content-length: 333452
last-modified: Fri, 17 Mar 2023 18:07:57 GMT
etag: "6414ac7d-5168c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
set-cookie: uid=wKhaAWY3Xfi1tgBJFXIsAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=0; path=/
x-dis-request-id: 062c11bc7d7b83b6570ffdbe3553e8cc
server: DOSarrest
X-Firefox-Spdy: h2

buygoods.com/images/buygoods_black.png

172.66.43.115

200 OK

4.5 kB

URL GET HTTP/3
buygoods.com/images/buygoods_black.png
IP
172.66.43.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectbuygoods.com
Fingerprint19:69:B3:E8:13:6C:1D:19:3A:7C:5A:16:8C:67:20:3B:60:DC:31:6F
ValidityMon, 29 Apr 2024 07:13:53 GMT - Sun, 28 Jul 2024 08:12:15 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.5 kB (4492 bytes)
Hash
72bfa5a711311050989a65056ed84e7d
dd99b3f59b3bc9c1139cfcbf7e6c96974518beb1
33123ac79fae6dd7ea03a3b2d7784cbac68cb4e4ca4527d570fdc8a628210159

HTTP Headers

GET /images/buygoods_black.png HTTP/1.1
Host: buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:22:49 GMT
content-type: image/webp
content-length: 4492
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=9596
content-disposition: inline; filename="buygoods_black.webp"
vary: Accept
cache-control: public, max-age=315360000
etag: "59b77ee8-257c"
expires: Wed, 03 May 2034 10:22:49 GMT
last-modified: Tue, 12 Sep 2017 06:30:00 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
x-server: WEB_7
cf-cache-status: HIT
age: 143500
accept-ranges: bytes
server: cloudflare
cf-ray: 87f002f53d340b49-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:38:02 GMT
expires: Fri, 02 May 2025 02:38:02 GMT
cache-control: public, max-age=31536000
age: 287087
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

glucofreeze.com/6xm.jpg

69.172.200.220

200 OK

404 kB

URL GET HTTP/2
glucofreeze.com/6xm.jpg
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 3235x2241, components 3
Size
404 kB (403963 bytes)
Hash
81d67a3e4afc9b3e809e0beb835c38d5
f0e253508f7e5a24de9de1ad24a2e92180906e3c
bef4719502715cbd133ce329f4527db8c45fc412a80186a09f3c7566a07bb509

HTTP Headers

GET /6xm.jpg HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: image/jpeg
content-length: 403963
last-modified: Fri, 17 Mar 2023 18:08:05 GMT
etag: "6414ac85-629fb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding
accept-ranges: bytes
set-cookie: uid=wKhaAmY3XfgY2ABJFW+xAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
x-dis-request-id: 27dc59bcff5b6929f1cd0677ca4b0908
server: DOSarrest
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/captions.js

151.101.194.132

200 OK

37 kB

URL GET HTTP/2
fast.wistia.com/assets/external/captions.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65470)
Size
37 kB (36636 bytes)
Hash
40fb401e8baf4cd13c41143e72efe467
7bfd85832ad53b4502ba5733d109530ff38b42a5
23b44416127ccfb3435aacf23627d7591c4f89067d5c69c20317950e7834335f

HTTP Headers

GET /assets/external/captions.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 03 May 2024 17:44:50 GMT
etag: "b7d222646813e56355456c68e098df17"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:49 GMT
age: 2337
x-served-by: cache-iad-kcgs7200155-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 67, 6411
x-timer: S1714904569.464223,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 36636
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/interFontFace.js

151.101.194.132

200 OK

18 kB

URL GET HTTP/2
fast.wistia.com/assets/external/interFontFace.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (46268)
Size
18 kB (18353 bytes)
Hash
3f2ff79e381b7c62a91d075126305db2
ab1b8e079885bccee11feea592dad6ceba5b98d2
1c0cc58f170530f1abed279be1d4e4c79f817fae7d45a2d8faf1c0cbe768bb7e

HTTP Headers

GET /assets/external/interFontFace.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Fri, 03 May 2024 17:44:50 GMT
etag: "016e5456d3ad608e42cc5ba5f2f1a3d7"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:49 GMT
age: 2227
x-served-by: cache-iad-kcgs7200107-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 70, 51
x-timer: S1714904570.602223,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 18353
X-Firefox-Spdy: h2

fast.wistia.com/embed/captions/ncv3mm9rsz.json

151.101.194.132

200 OK

38 kB

URL GET HTTP/2
fast.wistia.com/embed/captions/ncv3mm9rsz.json
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JSON text data
Size
38 kB (38249 bytes)
Hash
cb151b0e0ba5e691bbd1499580196654
560bf7137460b78321beb015573ea5f5609b3c51
55be3572e39ff54c911ef349351d3c99a9072d9ad74c275572c1d591edfa703d

HTTP Headers

GET /embed/captions/ncv3mm9rsz.json HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"55be3572e39ff54c911ef349351d3c99"
x-request-id: 47dfd70a-ad59-4cf6-b585-f62be597bf99
x-runtime: 0.310305
content-encoding: br
x-envoy-upstream-service-time: 313
via: 1.1 23c9ec01b6f4151f654547c0190aeebe.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: ZYua_TwnOD9xDK6qOs2a7y8YqbtnhpcUHpSc5bpNDEAvETJVEPq2QA==
accept-ranges: bytes
age: 1853
date: Sun, 05 May 2024 10:22:49 GMT
x-served-by: cache-iad-kjyo7100138-IAD, cache-hel1410029-HEL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 9949, 0
x-timer: S1714904570.575164,VS0,VE98
vary: Accept-Encoding,X-Forwarded-Proto
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 38249
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/engines/hls_video.js

151.101.194.132

200 OK

118 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/hls_video.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
118 kB (118191 bytes)
Hash
684734572ab20dfca09fb5b6ddccd95b
9a90f98c201e64522c24d3ec55de54885a220354
fc04939bd10e64a44b9614e6e657bcb9b3f15cc2870b5358ac6aca80ddc461e1

HTTP Headers

GET /assets/external/engines/hls_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Fri, 03 May 2024 17:44:50 GMT
etag: "f3fe789bd36b9718e55118c2f924f9f8"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:49 GMT
age: 2327
x-served-by: cache-iad-kcgs7200054-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 53, 69
x-timer: S1714904570.674811,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 118191
X-Firefox-Spdy: h2

fast.wistia.com/assets/images/blank.gif

151.101.194.132

200 OK

1.2 kB

URL GET HTTP/2
fast.wistia.com/assets/images/blank.gif
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
GIF image data, version 89a, 100 x 100
Size
1.2 kB (1214 bytes)
Hash
fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

HTTP Headers

GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Wed, 10 May 2023 19:48:54 GMT
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
x-amz-server-side-encryption: AES256
content-type: image/gif
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:49 GMT
age: 1158
x-served-by: cache-iad-kcgs7200077-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 48
x-timer: S1714904570.843058,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2

d10lpsik1i8c69.cloudfront.net/w.js

54.230.241.104

200 OK

3.7 kB

URL GET HTTP/2
d10lpsik1i8c69.cloudfront.net/w.js
IP
54.230.241.104:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
3.7 kB (3738 bytes)
Hash
4c9eb0c9c5dc7877f484f33255c102eb
65dd192db1c3c8f0115f74b73bbc2573cf0aa0ea
c0e4afb93d7de76d7c3b6b0dae85defe7b868b47d9438b17b0198c53770e5a9e

HTTP Headers

GET /w.js HTTP/1.1
Host: d10lpsik1i8c69.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 05 May 2024 09:23:39 GMT
cache-control: max-age=3600
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tsUv24oFl4Gpx8X2ENe-RTZGXFQmz4EWK-3P6SlkzUFwTFKzbFVZvA==
age: 3551
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/837257c51f6d590610c2d37772dc3a337a07c04a.m3u8

143.204.55.51

200 OK

93 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/837257c51f6d590610c2d37772dc3a337a07c04a.m3u8
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
93 kB (93305 bytes)
Hash
78fd43edf5cee68de87d496a532ed001
f5baa286a450a69e9f456c24ce548a83b436e53e
49309f8c2dd292a90875d448d929b4a02d0d20c7b0d29b1901f98a451d36e1df

HTTP Headers

GET /deliveries/837257c51f6d590610c2d37772dc3a337a07c04a.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 93305
server: envoy
date: Sun, 05 May 2024 06:05:46 GMT
expires: Mon, 05 May 2025 06:05:46 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 837257c51f6d590610c2d37772dc3a337a07c04a-hls-segment
surrogate-key: 837257c51f6d590610c2d37772dc3a337a07c04a-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 150
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kAH-tg9ZGCSfMSksPAWX2g6Hps46wq_mucUoGefeYo_OKUarcn7zQA==
age: 15424
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/837257c51f6d590610c2d37772dc3a337a07c04a.m3u8/seg-1-v1-a1.ts

143.204.55.51

200 OK

2.0 MB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/837257c51f6d590610c2d37772dc3a337a07c04a.m3u8/seg-1-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
2.0 MB (2006712 bytes)
Hash
b78036bc8df1b14f4cbebb09d659e893
065935f9daf24a503052d976f85bf182dd7b86a0
6e58831d439206ec268826d265b2739cb1e498a260fcbf0bfc94268030808c8f

HTTP Headers

GET /deliveries/837257c51f6d590610c2d37772dc3a337a07c04a.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 2006712
server: envoy
date: Sun, 05 May 2024 10:22:50 GMT
expires: Mon, 05 May 2025 10:22:50 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 837257c51f6d590610c2d37772dc3a337a07c04a-hls-segment
surrogate-key: 837257c51f6d590610c2d37772dc3a337a07c04a-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 95
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2JYYHzJJqJ7cNgj-X_Pa2Aua2G3l23Szk45q_SpXjXiauP76Pg7Ghg==
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/playPauseLoadingControl.js

151.101.194.132

200 OK

22 kB

URL GET HTTP/2
fast.wistia.com/assets/external/playPauseLoadingControl.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
22 kB (21596 bytes)
Hash
7845f53703880c301c91e55dacfb2730
a91923e2fe5f5a139f65a41682cee83637c636bf
441f641db8dc0a94620a07d59cfdad03e6fd3630fe3af81f82ce80d9d8ac3942

HTTP Headers

GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Fri, 03 May 2024 17:44:50 GMT
etag: "054f6647c2b3166c5479ecec2e1cdb23"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:50 GMT
age: 2232
x-served-by: cache-iad-kcgs7200088-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 59, 108
x-timer: S1714904571.859563,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 21596
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8

143.204.55.51

200 OK

93 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
93 kB (93305 bytes)
Hash
ecaafc6dd4b429bb2bb2702349d038f1
2f217e3aeded3d388f9124c933193591950e2718
8b36b3a7598181d71efb0ddca356a7a8aca53fae1113fa7134c4efd3d6ed1f08

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8 HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/vnd.apple.mpegurl
content-length: 93305
server: envoy
date: Sat, 04 May 2024 15:04:23 GMT
expires: Sun, 04 May 2025 15:04:23 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 145
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FEVCQy9-kEqVuQxnMsnn-CQcJaAwHD3AMINAtFn0lDcKfr6Wb21Dow==
age: 69508
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

distillery.wistia.com/x

54.230.111.55

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.55:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: text/plain
Content-Length: 1854
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sun, 05 May 2024 10:22:51 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 1
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zaF5_cnsWBjk_eWAZ7eikYOPWV-dKAP4IHQdlc99dir2GmoCXi036w==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-2-v1-a1.ts

143.204.55.51

200 OK

548 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-2-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
548 kB (547832 bytes)
Hash
b5f3667192a4aff3a89186dea5542019
105649ab1177d5fd983e590a1feedc3d705f2c5f
4146448b40fdce20263f784a52497a50f62080bfb60604a3c16913eb39592e1c

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-2-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 547832
server: envoy
date: Wed, 01 May 2024 10:09:18 GMT
expires: Thu, 01 May 2025 10:09:18 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 249
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YJj8qxMmzGQPAu2PHRJrDTvoL93MSAtQyBpTgHGWBsfTvN9nv1P8fQ==
age: 346413
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 807
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sun, 05 May 2024 10:22:51 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
server: envoy
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DrHdf7gAx5LdFlxczUyAGYGcp0fI41Me54A_N50RPkoci_bPSM6kbA==
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2213
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sun, 05 May 2024 10:22:51 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
server: envoy
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bUhsqJotU_KRxDY1su8dOK4uwiZutLLDrCvDs_5CBZpJ0vfBNfXJoA==
X-Firefox-Spdy: h2

tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456

54.230.111.124

200 OK

1.2 kB

URL GET HTTP/2
tag.trovo-tag.com/ldc.js?pid=193f0456&aid=193f0456
IP
54.230.111.124:443
ASN
#16509 AMAZON-02

Requested by
https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerAmazon
Subjecttrovo-tag.com
FingerprintBF:B5:B8:52:28:96:DD:DF:DB:5D:9F:CD:0D:54:13:66:9C:DE:DA:A8
ValiditySat, 09 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1164), with no line terminators
Size
1.2 kB (1164 bytes)
Hash
d35669952016120e82e2257b4aff9a54
ccc2aeb6d869b1a38ee0a70f8568c98e72f6b68a
42b4421435906a79bd519a7bb10fc226b362b9c24ae23084f4c3578002401e0d

HTTP Headers

GET /ldc.js?pid=193f0456&aid=193f0456 HTTP/1.1
Host: tag.trovo-tag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-length: 1164
server: CloudFront
date: Sun, 05 May 2024 10:22:51 GMT
cache-control: no-cache
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4gUKNIc-YCwjiJj0deOwmGjfGIK887oXW1eliloTUpazVFURy8NSOQ==
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-1-v1-a1.ts

143.204.55.51

200 OK

713 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-1-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
713 kB (713272 bytes)
Hash
551e42f56d5458d7fe68243985ab8aa6
32a0398d23a4a38af064871a18a1aca34ae01a92
7b8611bdd300e8797b669dd626202cbb0144e4a1a9c95699d5582af5572671ba

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 713272
server: envoy
date: Sat, 04 May 2024 21:53:41 GMT
expires: Sun, 04 May 2025 21:53:41 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 410
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VljqIv_OsNouuzBJDi0UPFNMxqFrFPTjsP0etn3L7BU98JP8KDVV1w==
age: 44950
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

a.clickcertain.com/px/r/?ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605

104.26.9.50

302 Found

548 kB

URL GET HTTP/2
a.clickcertain.com/px/r/?ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605
IP
104.26.9.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerLet's Encrypt
Subjectclickcertain.com
Fingerprint08:B9:6F:23:A2:AF:7D:A4:3A:32:96:76:4D:4C:24:CF:AE:66:8A:AB
ValidityTue, 19 Mar 2024 00:08:05 GMT - Mon, 17 Jun 2024 00:08:04 GMT

File type
MPEG transport stream data
Size
548 kB (547832 bytes)
Hash
b5f3667192a4aff3a89186dea5542019
105649ab1177d5fd983e590a1feedc3d705f2c5f
4146448b40fdce20263f784a52497a50f62080bfb60604a3c16913eb39592e1c

HTTP Headers

GET /px/r/?ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; _ccpx=2558a4a33dad622; _ccpx_2558a4a33dad622=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sun, 05 May 2024 10:22:51 GMT
content-type: text/html
location: https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=4461eaeb-e8dc-4576-a716-af3d0d23f605&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&redir=https%253a%252f%252fcm%252eg%252edoubleclick%252enet%252fpixel%253fgoogle_nid%253dclickcertain%2526google_cm%253d1%2526google_sc%253d1%2526redir%253dhttps%25253a%25252f%25252fsecure%25252eadnxs%25252ecom%25252fgetuidu%25253fhttps%25253a%25252f%25252fa%25252eclickcertain%25252ecom%25252fpx%25252fimg%25252fbidswitch%25252f%25253fdone%25253dtrue%252526ccid%25253d4461eaeb%25252de8dc%25252d4576%25252da716%25252daf3d0d23f605%252526anx_uId%25253d%252524UID
set-cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; Expires=Mon, 05 May 2025 10:22:51 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-67cd96f68-8drb6:cc-nginx-67cd96f68-8drb6
x-requestid: ef7d5dea-10f0-48d3-bb31-ce43daf330f8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGpLleopDyCDa3KH7p8nt7%2FVNeyM6%2Bon0Y4gBX5WNPY8H%2Bd2FQOWA9mmUJtwudzUBrREFbddSJZpRNwdFYAQ6IN3Oo2Yu5VnJ%2F9q9hk7%2FgtxuX7oo3BINCfXP%2BzlIEFgyTn1dA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0030299130b3d-OSL
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-3-v1-a1.ts

143.204.55.51

200 OK

226 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-3-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
226 kB (225976 bytes)
Hash
6c9c5ebb79703c2b2ee64874b4aa59f1
93a97a9be3244d237e1f5f96ffa09c18b87dfdc7
d111637e383db9ff66361cb6c8906b3112beb74eb52bfc005e653a22b3424163

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-3-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 225976
server: envoy
date: Thu, 02 May 2024 06:24:32 GMT
expires: Fri, 02 May 2025 06:24:32 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 218
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7-AvvuL1IZ8FAjZxjIPJfWNE-mM1_oS-pBGETkLXOH2CX0p2y8Napw==
age: 273499
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-1-v1-a1.ts

143.204.55.51

200 OK

713 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-1-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
713 kB (713272 bytes)
Hash
551e42f56d5458d7fe68243985ab8aa6
32a0398d23a4a38af064871a18a1aca34ae01a92
7b8611bdd300e8797b669dd626202cbb0144e4a1a9c95699d5582af5572671ba

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-1-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 713272
server: envoy
date: Sat, 04 May 2024 21:53:41 GMT
expires: Sun, 04 May 2025 21:53:41 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 410
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zr7F7hsPd2AatfLcJxOltGg8cz6DGkXSt5phUElKY_PwKhcbwyhH9Q==
age: 44950
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-2-v1-a1.ts

143.204.55.51

200 OK

548 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-2-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
548 kB (547832 bytes)
Hash
b5f3667192a4aff3a89186dea5542019
105649ab1177d5fd983e590a1feedc3d705f2c5f
4146448b40fdce20263f784a52497a50f62080bfb60604a3c16913eb39592e1c

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-2-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 547832
server: envoy
date: Wed, 01 May 2024 10:09:18 GMT
expires: Thu, 01 May 2025 10:09:18 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 249
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6eMiMnL4Jwr1g1X7jmbibm0K8hA0RIu0lfi2XhspfYo4sv3qF0RCIQ==
age: 346413
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-3-v1-a1.ts

143.204.55.51

200 OK

226 kB

URL GET HTTP/2
embed-cloudfront.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-3-v1-a1.ts
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
MPEG transport stream data
Size
226 kB (225976 bytes)
Hash
6c9c5ebb79703c2b2ee64874b4aa59f1
93a97a9be3244d237e1f5f96ffa09c18b87dfdc7
d111637e383db9ff66361cb6c8906b3112beb74eb52bfc005e653a22b3424163

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de.m3u8/seg-3-v1-a1.ts HTTP/1.1
Host: embed-cloudfront.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: video/MP2T
content-length: 225976
server: envoy
date: Thu, 02 May 2024 06:24:32 GMT
expires: Fri, 02 May 2025 06:24:32 GMT
cache-control: max-age=31536000
last-modified: Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de-hls-segment
accept-ranges: bytes
x-envoy-upstream-service-time: 218
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KQiB023N2J0sSh_YY3mMX3uVW8v1fqfqO3Xz6DJ2Ygyp6Fr576L14w==
age: 273499
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

embed-ssl.wistia.com/deliveries/8e699fc68aeb45333b00b7ac8db3c602d06cd3d4.webp?image_crop_resized=1280x720

143.204.55.103

200 OK

48 kB

URL GET HTTP/2
embed-ssl.wistia.com/deliveries/8e699fc68aeb45333b00b7ac8db3c602d06cd3d4.webp?image_crop_resized=1280x720
IP
143.204.55.103:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Size
48 kB (48158 bytes)
Hash
ac3f8fc1d0411803bc7b924dfceb09db
ca1e3dd62220f9bea783f65906e6a45c969196cf
c063efc8729efc41051e20b20b9070ee3ad211065433ce83a863a4187ee7eb2a

HTTP Headers

GET /deliveries/8e699fc68aeb45333b00b7ac8db3c602d06cd3d4.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/webp
accept-ranges: none
access-control-request-method: *
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: 8e699fc68aeb45333b00b7ac8db3c602d06cd3d4
etag: mtJXvf5iVlFq49rx6RubwSOnpuY=
last-modified: Fri, 05 May 2023 22:52:47 UTC
surrogate-key: 8e699fc68aeb45333b00b7ac8db3c602d06cd3d4 thumbnail-delivery
date: Sun, 28 Apr 2024 23:36:49 GMT
x-envoy-upstream-service-time: 187
server: envoy
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8ecgC_T5ygg0quYfJ1hbqR0yHsww6l_cuGgmSJmOebCcQ6PAq7QA5g==
age: 557162
x-cdn: cloudfront
vary: Origin
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/vulcanV2Player/video/controls/LastFrameCanvasControl.js

151.101.194.132

200 OK

15 kB

URL GET HTTP/2
fast.wistia.com/assets/external/vulcanV2Player/video/controls/LastFrameCanvasControl.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (53545)
Size
15 kB (14931 bytes)
Hash
4731bc042455e46e6736bff1015fa1b0
303453377f8d086b8bb5de37850da2fc2caedf6a
e2e72cc04efcdf450c9e399f18536146298e8924511b7f6705173399bd6ee803

HTTP Headers

GET /assets/external/vulcanV2Player/video/controls/LastFrameCanvasControl.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Fri, 03 May 2024 17:44:51 GMT
etag: "5f6f836455ea4f9d84073cbc9424d807"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
age: 3299
date: Sun, 05 May 2024 10:22:52 GMT
x-served-by: cache-iad-kcgs7200169-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 52, 0
x-timer: S1714904572.120798,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 14931
X-Firefox-Spdy: h2

a.usbrowserspeed.com/cs?puid=6ed554dd-1060-5097-9655-18fa821bfee9&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d539168dc%2de221%2d4f1d%2d8121%2d0f44d85b454f%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d

34.210.230.91

302 Found

164 B

URL GET HTTP/2
a.usbrowserspeed.com/cs?puid=6ed554dd-1060-5097-9655-18fa821bfee9&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d539168dc%2de221%2d4f1d%2d8121%2d0f44d85b454f%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d
IP
34.210.230.91:443
ASN
#16509 AMAZON-02

Requested by
https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerAmazon
Subjecta.usbrowserspeed.com
Fingerprint6B:E5:58:56:B0:9C:31:9E:97:0F:F0:CB:A0:EF:B4:61:E9:17:20:80
ValidityMon, 01 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
164 B (164 bytes)
Hash
e4ad6d5476c3b1d81e718c08a38a65b9
ea44847a3f847d0bcb2a136e92bf35ddafb20047
195ec1a26c90f3328f074c3f2be6b712f1763f8615092d3490f7dd6bb613d029

HTTP Headers

GET /cs?puid=6ed554dd-1060-5097-9655-18fa821bfee9&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2ft%2f%3fdone%3dtrue%26rid%3d539168dc%2de221%2d4f1d%2d8121%2d0f44d85b454f%26uid%3d%24%7bDEVICE_ID%7d%26hem%3d%24%7bHEM_SHA256_LOWERCASE%7d HTTP/1.1
Host: a.usbrowserspeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.clickcertain.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: awselb/2.0
date: Sun, 05 May 2024 10:22:52 GMT
content-type: text/html; charset=utf-8
content-length: 164
location: https://a.clickcertain.com/px/t/?done=true&rid=539168dc-e221-4f1d-8121-0f44d85b454f&uid=c91317f2-1393-44ac-95d3-a5f4bc51f967&hem=
set-cookie: tuid=c91317f2-1393-44ac-95d3-a5f4bc51f967; Path=/; Domain=a.usbrowserspeed.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

fast.wistia.com/assets/external/engines/manual_quality_video.js

151.101.194.132

200 OK

22 kB

URL GET HTTP/2
fast.wistia.com/assets/external/engines/manual_quality_video.js
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (22089 bytes)
Hash
bb20e03aebfbf9c61988b03ad122b818
99de8b740083c320585c571ca5f2c104c41a5dbf
5aa1dbc9abb135ee1fa2a925e40ed1eff109e50ea3a88d55b735a00b0792e991

HTTP Headers

GET /assets/external/engines/manual_quality_video.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://fast.wistia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: GET, HEAD
last-modified: Fri, 03 May 2024 17:44:50 GMT
etag: "245e0a6ccae4b2e39c0e77ea1c4b8ea5"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Sun, 05 May 2024 10:22:52 GMT
age: 2273
x-served-by: cache-iad-kcgs7200148-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 30, 16
x-timer: S1714904572.143442,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
asset-version: 4d5bc81afe0358a5328c14b0f1d142707476b3ca
content-length: 22089
X-Firefox-Spdy: h2

a.clickcertain.com/px/t/?done=true&rid=539168dc-e221-4f1d-8121-0f44d85b454f&uid=c91317f2-1393-44ac-95d3-a5f4bc51f967&hem=

104.26.9.50

204 No Content

0 B

URL GET HTTP/2
a.clickcertain.com/px/t/?done=true&rid=539168dc-e221-4f1d-8121-0f44d85b454f&uid=c91317f2-1393-44ac-95d3-a5f4bc51f967&hem=
IP
104.26.9.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerLet's Encrypt
Subjectclickcertain.com
Fingerprint08:B9:6F:23:A2:AF:7D:A4:3A:32:96:76:4D:4C:24:CF:AE:66:8A:AB
ValidityTue, 19 Mar 2024 00:08:05 GMT - Mon, 17 Jun 2024 00:08:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/t/?done=true&rid=539168dc-e221-4f1d-8121-0f44d85b454f&uid=c91317f2-1393-44ac-95d3-a5f4bc51f967&hem= HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.clickcertain.com/
DNT: 1
Connection: keep-alive
Cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; _ccpx=2558a4a33dad622; _ccpx_2558a4a33dad622=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 05 May 2024 10:22:52 GMT
set-cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; Expires=Mon, 05 May 2025 10:22:52 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-67cd96f68-n6sx5:cc-nginx-67cd96f68-n6sx5
x-requestid: 9aa8b0e3-6b85-4af1-9163-ae11ba65410c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrUP0N1LKM84cFhH5JMo2GIdVe5K5KQtj%2Fe5Tcx6QKjG6%2BGBLYXOQ%2FKHYB3g2ZHL2NkKZAgNOQuHr%2FSd8%2FPPxPooKCDET5Z%2B54fep5jFy7WV%2BYLc4BkjMeTPczCOY0nfsy%2FW%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f00307ed150b3d-OSL
X-Firefox-Spdy: h2

tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=&v=js-0.1.0&aid=193f0456&rid=539168dc-e221-4f1d-8121-0f44d85b454f

54.230.111.124

200 OK

738 B

URL GET HTTP/2
tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=&v=js-0.1.0&aid=193f0456&rid=539168dc-e221-4f1d-8121-0f44d85b454f
IP
54.230.111.124:443
ASN
#16509 AMAZON-02

Requested by
https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerAmazon
Subjecttrovo-tag.com
FingerprintBF:B5:B8:52:28:96:DD:DF:DB:5D:9F:CD:0D:54:13:66:9C:DE:DA:A8
ValiditySat, 09 Mar 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (354)
Size
738 B (738 bytes)
Hash
17494d5be3905ab84eb50b148ea79dd2
a83595bdf58d3a26ed2cd23e92d7fc837e3ca597
4955309a058617069d8877e4d09d10c2c2dd98492e1b2ab5e7f987f93af7e33b

HTTP Headers

GET /193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=&v=js-0.1.0&aid=193f0456&rid=539168dc-e221-4f1d-8121-0f44d85b454f HTTP/1.1
Host: tag.trovo-tag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.clickcertain.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 738
server: CloudFront
date: Sun, 05 May 2024 10:22:52 GMT
cache-control: no-cache
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6DN_6wE7PgKAu4S-WWGTx148hWTqoYe_Igup5HIvcyXGq0yDQwebtA==
X-Firefox-Spdy: h2

distillery.wistia.com/x

54.230.111.55

204 No Content

0 B

URL POST HTTP/2
distillery.wistia.com/x
IP
54.230.111.55:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subjectstats-tap-production-cloudfront-app-cname.wistia.com
Fingerprint37:C6:AB:79:1C:DF:9B:5E:3A:B8:3E:F1:0C:1D:48:BF:89:2D:1F:40
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: text/plain
Content-Length: 1842
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sun, 05 May 2024 10:22:52 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
server: envoy
x-envoy-upstream-service-time: 2
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QVlt9THGpPjPS8L9b6UKKVucUUXXhlJr2YDWEwREJnJ3guVqoSSi1Q==
X-Firefox-Spdy: h2

a.usbrowserspeed.com/lds?aid=193f0456&pid=193f0456&external_id=&rid=539168dc-e221-4f1d-8121-0f44d85b454f&v=js-0.1.0&rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=

34.210.230.91

204 No Content

0 B

URL GET HTTP/2
a.usbrowserspeed.com/lds?aid=193f0456&pid=193f0456&external_id=&rid=539168dc-e221-4f1d-8121-0f44d85b454f&v=js-0.1.0&rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=
IP
34.210.230.91:443
ASN
#16509 AMAZON-02

Requested by
https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=&v=js-0.1.0&aid=193f0456&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerAmazon
Subjecta.usbrowserspeed.com
Fingerprint6B:E5:58:56:B0:9C:31:9E:97:0F:F0:CB:A0:EF:B4:61:E9:17:20:80
ValidityMon, 01 Jan 2024 00:00:00 GMT - Wed, 29 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lds?aid=193f0456&pid=193f0456&external_id=&rid=539168dc-e221-4f1d-8121-0f44d85b454f&v=js-0.1.0&rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref= HTTP/1.1
Host: a.usbrowserspeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tag.trovo-tag.com/
Cookie: tuid=c91317f2-1393-44ac-95d3-a5f4bc51f967
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: awselb/2.0
date: Sun, 05 May 2024 10:22:52 GMT
set-cookie: tuid=c91317f2-1393-44ac-95d3-a5f4bc51f967; Path=/; Domain=a.usbrowserspeed.com; Max-Age=31536000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2213
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sun, 05 May 2024 10:22:52 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kaVmJj-Dlpo-cVnrbHnaAOncBZK7Gk06L2DB-4hlliED_e6Syu6_-A==
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 2213
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sun, 05 May 2024 10:22:55 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 0
server: envoy
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3meQegYk-PfGqitJdQ5XPGKhWYtFoYC878ybe__RIOnqwFjtgeaRcg==
X-Firefox-Spdy: h2

pipedream.wistia.com/mput?topic=metrics

143.204.55.51

200 OK

2 B

URL POST HTTP/2
pipedream.wistia.com/mput?topic=metrics
IP
143.204.55.51:443
ASN
#16509 AMAZON-02

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

HTTP Headers

POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 1491
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
content-length: 2
date: Sun, 05 May 2024 10:22:58 GMT
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
server: envoy
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GBOyE1sERPZCk71I1RcJzZKcSR2Tpt3486k3kVEln9PyPtlsXkkh3Q==
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800

142.250.74.170

200 OK

7.3 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;800
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (7476), with no line terminators
Size
7.3 kB (7316 bytes)
Hash
acc6a0acb683d15b6f222150e64cc879
18f4394b82e49c8f2da261ce9a5f96445f7bdaff
404823cc0fe81c2b916538c653cd7b9a5e7e036fe31e849ddf7d6fd4f2348586

HTTP Headers

GET /css2?family=Oswald:wght@400;500;600;700;800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 10:22:47 GMT
date: Sun, 05 May 2024 10:22:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f

104.26.9.50

200 OK

1.8 kB

URL GET HTTP/2
a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
IP
104.26.9.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectclickcertain.com
Fingerprint08:B9:6F:23:A2:AF:7D:A4:3A:32:96:76:4D:4C:24:CF:AE:66:8A:AB
ValidityTue, 19 Mar 2024 00:08:05 GMT - Mon, 17 Jun 2024 00:08:04 GMT

File type
HTML document, ASCII text, with very long lines (1822), with no line terminators
Size
1.8 kB (1771 bytes)
Hash
79204fc508718ddbaca24cf899cb3dc6
4245043aebfaea753d7bf866f886b8e8b97d1855
6658a1d1b0a4accb7cfd7a07d3cda5c95c57bcd5295d5c2d7efa85c4bd6716d9

HTTP Headers

GET /px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; _ccpx=2558a4a33dad622; _ccpx_2558a4a33dad622=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:50 GMT
content-type: text/html
etag: W/"NDQ2MWVhZWJnZThkY2c0NTc2Z2E3MTZnYWYzZDBkMjNmNjA1LXow"
set-cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; Expires=Mon, 05 May 2025 10:22:50 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-67cd96f68-8drb6:cc-nginx-67cd96f68-8drb6
x-requestid: 840bd52c-036c-49da-9572-4430c4e7580c
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4faIvFFXrJ3phwVTq4C2P%2BTa%2BX3pZe4c5b9iIHNx1SxQmfpSWkhzxwFNPNj33D4yyB1%2ByXt2Kf3zY5D236PJhLnwDd3lLmjyvBScz52k2reAC4QqjF4PnYIuhsYuTmKvSGd3vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f002ffbe770b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/ncv3mm9rsz.jsonp

151.101.194.132

200 OK

70 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/ncv3mm9rsz.jsonp
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
70 kB (69952 bytes)
Hash
33fab3022d9bdb1d0cef9ed217067473
d14533fd3fbfacbb0f039011bd569ed75645bfe4
e4d64f9d98b23a84edf8510a995d3ea66275ce360b73e8ef29b63244d887c67d

HTTP Headers

GET /embed/medias/ncv3mm9rsz.jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"e4d64f9d98b23a84edf8510a995d3ea6"
x-request-id: 5b6edd07-f3b4-41b9-a351-992bf653dd85
x-runtime: 0.161196
content-encoding: br
x-envoy-upstream-service-time: 164
via: 1.1 87e02820e63ff6cf9cd98d9efbaab1fc.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD55-P5
x-amz-cf-id: Y6xcZ_jNDNlOWd4kci3KARhwCcO-ad4RQUMaWaj5fDOdWxBBTakeZA==
accept-ranges: bytes
age: 422315
date: Sun, 05 May 2024 10:22:47 GMT
x-served-by: cache-iad-kjyo7100136-IAD, cache-hel1410029-HEL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 117, 0
x-timer: S1714904568.670342,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 24915
X-Firefox-Spdy: h2

glucofreeze.com/favicon.ico

0.0.0.0

0 B

URL GET
glucofreeze.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:50 GMT
content-type: image/x-icon
last-modified: Wed, 26 May 2021 20:42:04 GMT
etag: W/"60aeb29c-1b76"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaA2Y3XfoP4QBNFWooAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=2; path=/
x-dis-request-id: c38da35ef7e18a65c16523a55be16c94
server: DOSarrest
X-Firefox-Spdy: h2

trk.consumptionusdaily.com/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=&regviewonce=false

0.0.0.0

0 B

URL GET
trk.consumptionusdaily.com/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=&regviewonce=false
IP
0.0.0.0:0
ASN
#0

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=&regviewonce=false HTTP/1.1
Host: trk.consumptionusdaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=539168dc-e221-4f1d-8121-0f44d85b454f

104.26.2.122

200 OK

840 B

URL GET HTTP/2
a.remarketstats.com/px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=539168dc-e221-4f1d-8121-0f44d85b454f
IP
104.26.2.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://tag.trovo-tag.com/193f0456?rurl=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fcont%2F%3Fc%3D2558a4a33dad622%26ccid%3D4461eaeb-e8dc-4576-a716-af3d0d23f605%26cn%3DNO%26rid%3D539168dc-e221-4f1d-8121-0f44d85b454f&ref=&v=js-0.1.0&aid=193f0456&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerGoogle Trust Services LLC
Subjectremarketstats.com
Fingerprint08:54:B1:82:70:1E:10:57:8B:41:85:B0:A1:52:5A:C1:0B:DF:9A:D9
ValidityTue, 19 Mar 2024 02:24:41 GMT - Mon, 17 Jun 2024 02:24:40 GMT

File type
JavaScript source, ASCII text, with very long lines (875), with no line terminators
Size
840 B (840 bytes)
Hash
7df76c00dd0b60c100234849d315b763
713cb3a71c551737f206204878428fe6b66f552e
0f116d6cf1fece8099151091dcea1ae4ab3f49624bfebef3f96f472f3b747d1c

HTTP Headers

GET /px/smart/?c=24d1add2443e239&type=img&partner_id=193f0456&partner_rid=539168dc-e221-4f1d-8121-0f44d85b454f HTTP/1.1
Host: a.remarketstats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tag.trovo-tag.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:52 GMT
content-type: text/javascript
x-frontend: cc-nginx-67cd96f68-8drb6:cc-nginx-67cd96f68-8drb6
x-requestid: 74573183-0166-4a25-8dcd-d2d7e8e1d4a2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtIJ%2F73W9mLAjkw%2BCSlXLD6aS0PW5dRvyDf5a%2BjBMrNKZ%2FuaqaEZg0Pja1UxJphkbnaHQtmoW2Uq%2FSLIzPQ%2BSaBG0gC6AeO9WXDZ%2BVdi3QpHxN49eTKkt7DtNeKU61Ye7W0ykm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f00309f9c2b52d-OSL
content-encoding: br
X-Firefox-Spdy: h2

display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white

172.66.43.115

200 OK

1.3 kB

URL GET HTTP/2
display.buygoods.com/v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white
IP
172.66.43.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectbuygoods.com
Fingerprint19:69:B3:E8:13:6C:1D:19:3A:7C:5A:16:8C:67:20:3B:60:DC:31:6F
ValidityMon, 29 Apr 2024 07:13:53 GMT - Sun, 28 Jul 2024 08:12:15 GMT

File type
ASCII text, with very long lines (1411), with no line terminators
Size
1.3 kB (1346 bytes)
Hash
4b236be1f6e449b3d8e33499c34849af
9656847e5214a3acd40007057ef767da2b817283
85557fef2588cb4dc4ec38752d114ce5245e891aad9b1ce706fc377db2007307

HTTP Headers

GET /v1/disclaimer?id=disclaimer-bg&account_id=6808&background=white HTTP/1.1
Host: display.buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:47 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
x-server: WEB_6_7500
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
__cflb=02DiuGr4oznJ5r4PV3Dejx8NzEQ8Hg5uShjNTjXfiwrbn; SameSite=Lax; path=/; expires=Mon, 06-May-24 09:22:47 GMT; HttpOnly
server: cloudflare
cf-ray: 87f002ebb847712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.clickcertain.com/px/smart/a/?c=2558a4a33dad622&seg=special-announcement/index.html

104.26.9.50

302 Found

4.7 kB

URL GET HTTP/2
a.clickcertain.com/px/smart/a/?c=2558a4a33dad622&seg=special-announcement/index.html
IP
104.26.9.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectclickcertain.com
Fingerprint08:B9:6F:23:A2:AF:7D:A4:3A:32:96:76:4D:4C:24:CF:AE:66:8A:AB
ValidityTue, 19 Mar 2024 00:08:05 GMT - Mon, 17 Jun 2024 00:08:04 GMT

File type

Size
4.7 kB (4734 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/smart/a/?c=2558a4a33dad622&seg=special-announcement/index.html HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 05 May 2024 10:22:49 GMT
content-type: text/javascript
location: https://a.clickcertain.com/px/?c=2558a4a33dad622&rid=539168dc-e221-4f1d-8121-0f44d85b454f
set-cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; Expires=Mon, 05 May 2025 10:22:49 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-67cd96f68-dxhb5:cc-nginx-67cd96f68-dxhb5
x-requestid: 539168dc-e221-4f1d-8121-0f44d85b454f
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOlK3V2sZ3EHLJRoOnIXFCywltrXu2hfEVTT4ITU7GktpHuLWDPt8DAlvuhQa067OC0%2B9SOTYFfpryS4KZaZ1DqQC87vmRDMWy%2FXssWfNi%2F2JJJa%2Bg3lROqugHKvRJb1nQrgww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f002f73f860b3d-OSL
X-Firefox-Spdy: h2

fast.wistia.com/embed/medias/ncv3mm9rsz.m3u8

151.101.194.132

200 OK

1.4 kB

URL GET HTTP/2
fast.wistia.com/embed/medias/ncv3mm9rsz.m3u8
IP
151.101.194.132:443
ASN
#54113 FASTLY

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGlobalSign nv-sa
Subjectfast.wistia.com
Fingerprint75:69:0C:BF:54:26:59:0B:9A:83:E3:04:94:DE:EB:3F:E5:F6:6D:66
ValidityThu, 04 Apr 2024 00:50:10 GMT - Tue, 06 May 2025 00:50:09 GMT

File type
M3U playlist, ASCII text, with very long lines (1388), with no line terminators
Size
1.4 kB (1355 bytes)
Hash
0628bf93f8af0e6ba0b39e5ca0fef09c
5d3e8dec1c10ea1afcd96c4b5d59920e7669ff3b
8dd622ec24bb3ff48d903110502678b27c7e24ac55cfa6490c7d6c3594f20b94

HTTP Headers

GET /embed/medias/ncv3mm9rsz.m3u8 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-mpegURL
server: envoy
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
timing-allow-origin: *
cache-control: public, no-cache
etag: W/"a08c5901b678fe36ed8f86d7dc81e75d"
x-request-id: ed6a4e2d-41ca-4e64-8eb0-3ed0fdbcf8b9
x-runtime: 0.032422
x-envoy-upstream-service-time: 33
via: 1.1 20f0d9cf6610f77242f5c592d2ecfd1c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD89-C3
x-amz-cf-id: e69d9X_9-d8vOYQ9zvghNZ-uDPj-rZZiv3Azg6ZHTkTHZQ0IcAtj0g==
accept-ranges: bytes
age: 43079
date: Sun, 05 May 2024 10:22:49 GMT
x-served-by: cache-iad-kcgs7200039-IAD, cache-hel1410029-HEL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 3900, 0
x-timer: S1714904570.836028,VS0,VE98
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1355
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Sacramento

142.250.74.170

200 OK

757 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Sacramento
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (773), with no line terminators
Size
757 B (757 bytes)
Hash
31b67e525ae5baae4269fcabbb97a174
8677798754ac180894cab01927c74d07a2150ae9
be2d497050814ba1ca332220ee975cefdfc4bdcd3b4a3fc0fadab690b9e3ea75

HTTP Headers

GET /css2?family=Sacramento HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 10:22:47 GMT
date: Sun, 05 May 2024 10:22:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fglucofreezecurrent.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D7990%26subid%3Dab5_adbutler-%257B%257Bcampaign.name%257D%257D%26subid5%3D5e9759a020b14b69bbe6b6dd915eb780

172.66.43.115

200 OK

7.2 kB

URL GET HTTP/3
tracking.buygoods.com/track/?a=6808&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fglucofreezecurrent.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D7990%26subid%3Dab5_adbutler-%257B%257Bcampaign.name%257D%257D%26subid5%3D5e9759a020b14b69bbe6b6dd915eb780
IP
172.66.43.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectbuygoods.com
Fingerprint19:69:B3:E8:13:6C:1D:19:3A:7C:5A:16:8C:67:20:3B:60:DC:31:6F
ValidityMon, 29 Apr 2024 07:13:53 GMT - Sun, 28 Jul 2024 08:12:15 GMT

File type
ASCII text, with very long lines (7571), with no line terminators
Size
7.2 kB (7170 bytes)
Hash
e2ada31300bf40afa5a6f15c8cee5cb4
18b3005368c25a1ffa83cd79ea9cc750bdfde900
ac9fa9e15eaefde0d4f3093283b46bb41f0c7c482d7dd6f95f7e590c142a5c46

HTTP Headers

GET /track/?a=6808&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=gluco_freeze,gluco_freeze_3,gluco_freeze_6&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fglucofreezecurrent.com%2Fspecial-announcement%2Findex.html%3Faff_id%3D7990%26subid%3Dab5_adbutler-%257B%257Bcampaign.name%257D%257D%26subid5%3D5e9759a020b14b69bbe6b6dd915eb780 HTTP/1.1
Host: tracking.buygoods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:22:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Tue, Jan 12 1999 01:01:01 GMT
vary: Accept-Encoding
x-server: WEB_6
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
set-cookie: spiaffid_6808=7990; Max-Age=7776000; Domain=.buygoods.com; Path=/; Expires=Sat, 03 Aug 2024 10:25:09 GMT; Secure
spisubid_6808=ab5_adbutler-%7B%7Bcampaign.name%7D%7D; Max-Age=7776000; Domain=.buygoods.com; Path=/; Expires=Sat, 03 Aug 2024 10:25:09 GMT; Secure
spicampaign_id_6808=; Domain=.buygoods.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure
spireferrer_6808=; Domain=.buygoods.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure
spireferrer_6808=91.90.42.154::glucofreezecurrent.com%2Fspecial-announcement; Max-Age=7776000; Domain=.buygoods.com; Path=/; Expires=Sat, 03 Aug 2024 10:25:09 GMT; Secure
spisessid2_6808=sessid20240505102522844; Max-Age=7776000; Domain=.buygoods.com; Path=/; Expires=Sat, 03 Aug 2024 10:25:09 GMT; Secure
spi_funnel_codename_6808=; Domain=.buygoods.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Secure
__cflb=02DiuEJgUPmnkKW5JETNtVJGZX1NbzGS8tjk786FhDKjS; SameSite=Lax; path=/; expires=Mon, 06-May-24 09:22:49 GMT; HttpOnly
server: cloudflare
cf-ray: 87f002f46ca90b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

a.clickcertain.com/px/ta/?ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605

104.26.9.50

302 Found

0 B

URL GET HTTP/2
a.clickcertain.com/px/ta/?ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605
IP
104.26.9.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Certificate
IssuerLet's Encrypt
Subjectclickcertain.com
Fingerprint08:B9:6F:23:A2:AF:7D:A4:3A:32:96:76:4D:4C:24:CF:AE:66:8A:AB
ValidityTue, 19 Mar 2024 00:08:05 GMT - Mon, 17 Jun 2024 00:08:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/ta/?ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605 HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.clickcertain.com/px/cont/?c=2558a4a33dad622&ccid=4461eaeb-e8dc-4576-a716-af3d0d23f605&cn=NO&rid=539168dc-e221-4f1d-8121-0f44d85b454f
Cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; _ccpx=2558a4a33dad622; _ccpx_2558a4a33dad622=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 05 May 2024 10:22:51 GMT
content-type: text/html
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3318&partner_device_id=4461eaeb-e8dc-4576-a716-af3d0d23f605&partner_url=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fta%2f%3fdone%3dtrue%26ta_id%3d%24%7bTA_DEVICE_ID%7d
set-cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; Expires=Mon, 05 May 2025 10:22:51 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-67cd96f68-n6sx5:cc-nginx-67cd96f68-n6sx5
x-requestid: 53ec8733-dc2d-4c36-947d-6d7f75a62e74
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7HtyOf7sTKDB4D7YMnHN3P5e3IajjncJ%2F3fHT%2FFQCWRqKMpqnDLHfdGMpoM4ARih4ujW1ppQrHzHOBV9hdmCW%2BXATzCAsm32%2FBSOarYx90rbVNDI2afC131eX71Jd6V4faSYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f00301f87b0b3d-OSL
X-Firefox-Spdy: h2

glucofreeze.com/favicon.ico

0.0.0.0

0 B

URL GET
glucofreeze.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:50 GMT
content-type: image/x-icon
last-modified: Wed, 26 May 2021 20:42:04 GMT
etag: W/"60aeb29c-1b76"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaAmY3XfoY2ABJFW+zAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
x-dis-request-id: 33a47497f0606b3e53c29b5a499b5b32
server: DOSarrest
X-Firefox-Spdy: h2

trk.consumptionusdaily.com/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=&regviewonce=false

0.0.0.0

0 B

URL GET
trk.consumptionusdaily.com/uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=&regviewonce=false
IP
0.0.0.0:0
ASN
#0

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uniclick.js?attribution=lastpaid&cookiedomain=&cookieduration=90&defaultcampaignid=&regviewonce=false HTTP/1.1
Host: trk.consumptionusdaily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

px.liftcertain.com/px/smart/?c=2558a4a33dad622&seg=special-announcement/index.html

104.21.68.54

302 Found

4.7 kB

URL GET HTTP/2
px.liftcertain.com/px/smart/?c=2558a4a33dad622&seg=special-announcement/index.html
IP
104.21.68.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectliftcertain.com
FingerprintFB:48:E2:F9:45:F6:70:76:D3:BA:3A:5E:2B:DA:A1:95:6F:81:C3:AE
ValidityWed, 24 Apr 2024 13:26:56 GMT - Tue, 23 Jul 2024 13:26:55 GMT

File type

Size
4.7 kB (4734 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/smart/?c=2558a4a33dad622&seg=special-announcement/index.html HTTP/1.1
Host: px.liftcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 05 May 2024 10:22:49 GMT
content-type: text/html
location: https://a.clickcertain.com/px/smart/a/?c=2558a4a33dad622&seg=special-announcement/index.html
x-frontend: cc-nginx-67cd96f68-8drb6:cc-nginx-67cd96f68-8drb6
x-requestid: 6ac44ff9-4157-4019-894e-3a2c57b36bd5
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5y5E6c9IaYHd2jUej76e53ZhcUCVinW5LczvrDSkATOa5hk%2FnQgJ%2BR%2FLGg8qbpR5esjBqGQ1TZ%2FqXo5ZBDOTfMmrdwp1eu%2BfVjUhDtM%2FYQ1j4Mh2HiDLRimxD8UDfThqhLgy2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f002f6282eb4f3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

glucofreeze.com/controlScript.css

69.172.200.220

200 OK

499 B

URL GET HTTP/2
glucofreeze.com/controlScript.css
IP
69.172.200.220:443
ASN
#19324 DOSARREST

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectirolliemarketing.com
Fingerprint72:B3:00:64:A9:56:3B:B3:56:43:56:7F:93:40:CB:ED:FF:7A:10:B1
ValidityWed, 17 Apr 2024 00:38:26 GMT - Tue, 16 Jul 2024 00:38:25 GMT

File type
ASCII text, with very long lines (512), with no line terminators
Size
499 B (499 bytes)
Hash
d9b68c6329c0817c602ee20ea171672d
d6a3b566fbdac6879b947f6cde320f14ba788bce
3fdb5f56be1cf30909f917ce1743f44132a61c8c498d489a93f5df0785319426

HTTP Headers

GET /controlScript.css HTTP/1.1
Host: glucofreeze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:48 GMT
content-type: text/css
last-modified: Tue, 10 Jan 2023 15:25:53 GMT
etag: W/"63bd8381-1f3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, private
pragma: public
vary: Accept-Encoding, Accept-Encoding
content-encoding: gzip
set-cookie: uid=wKhaAmY3XfgY2ABJFW+yAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/
cnid=1; path=/
x-dis-request-id: 8f7527f220ef02cda3e8d423e45a7c6b
server: DOSarrest
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900

142.250.74.170

200 OK

8.6 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700;900
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (8800), with no line terminators
Size
8.6 kB (8600 bytes)
Hash
e82bfd6ef87aced71551956958e9a798
469f507a9f9bdc51acf554a042c4d8a5ac3b095b
5c2ffa056094c4a8d8f4b2de27ad479be1778664347f4757d36d1d2ffdbf4b91

HTTP Headers

GET /css2?family=Montserrat:wght@400;500;600;700;900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 10:22:47 GMT
date: Sun, 05 May 2024 10:22:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed-ssl.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de/file.mp4

0.0.0.0

0 B

URL GET
embed-ssl.wistia.com/deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de/file.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerAmazon
Subject*.wistia.com
Fingerprint44:FA:DB:AB:41:36:F5:96:F7:BF:3A:E7:D8:61:50:5C:26:80:3D:D2
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /deliveries/56d38b63b447247e6a7048a804f05a3e496ba6de/file.mp4 HTTP/1.1
Host: embed-ssl.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://glucofreezecurrent.com
DNT: 1
Connection: keep-alive
Referer: https://glucofreezecurrent.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 375768038
accept-ranges: bytes
access-control-request-method: *
cache-control: max-age=31536000
content-disposition: inline
edge-cache-tag: 56d38b63b447247e6a7048a804f05a3e496ba6de
etag: EFDunvEV9v-g63pALAwyUsuEnOs=
last-modified: Fri, 05 May 2023 22:52:45 UTC
surrogate-key: 56d38b63b447247e6a7048a804f05a3e496ba6de default-delivery
date: Sun, 05 May 2024 10:22:52 GMT
x-envoy-upstream-service-time: 42
server: envoy
content-range: bytes 0-375768037/375768038
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7eByS3NiY2uAQm3DHh9VTvvnQcwZhNd11d-AbkYBjv6URvhAuQoQJw==
x-cdn: cloudfront
access-control-allow-origin: *
access-control-expose-headers: Server,range,Content-Length,Content-Range,x-cdn
X-Firefox-Spdy: h2

a.clickcertain.com/px/?c=2558a4a33dad622&rid=539168dc-e221-4f1d-8121-0f44d85b454f

104.26.9.50

200 OK

4.7 kB

URL GET HTTP/2
a.clickcertain.com/px/?c=2558a4a33dad622&rid=539168dc-e221-4f1d-8121-0f44d85b454f
IP
104.26.9.50:443
ASN
#13335 CLOUDFLARENET

Requested by
https://glucofreezecurrent.com/special-announcement/index.html?aff_id=7990&subid=ab5_adbutler-%7B%7Bcampaign.name%7D%7D&subid5=5e9759a020b14b69bbe6b6dd915eb780
Certificate
IssuerLet's Encrypt
Subjectclickcertain.com
Fingerprint08:B9:6F:23:A2:AF:7D:A4:3A:32:96:76:4D:4C:24:CF:AE:66:8A:AB
ValidityTue, 19 Mar 2024 00:08:05 GMT - Mon, 17 Jun 2024 00:08:04 GMT

File type
JavaScript source, ASCII text, with very long lines (4822), with no line terminators
Size
4.7 kB (4734 bytes)
Hash
6f1e298eb457e8d1482613aaabb47026
a5e1e7a055930083946b3c3c95566848a8463461
34dc2183246cea694f6edf73442c686deff665905e84d8a7918a9d4533bee4a3

HTTP Headers

GET /px/?c=2558a4a33dad622&rid=539168dc-e221-4f1d-8121-0f44d85b454f HTTP/1.1
Host: a.clickcertain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://glucofreezecurrent.com/
DNT: 1
Connection: keep-alive
Cookie: _ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:22:49 GMT
content-type: text/javascript
set-cookie: _ccpx=2558a4a33dad622; Expires=Mon, 05 May 2025 10:22:49 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_2558a4a33dad622=1; Expires=Mon, 05 May 2025 10:22:49 GMT; Path=/; HttpOnly; SameSite=None; Secure
_ccpx_u=4461eaeb%2de8dc%2d4576%2da716%2daf3d0d23f605; Expires=Mon, 05 May 2025 10:22:49 GMT; Path=/; HttpOnly; SameSite=None; Secure
x-frontend: cc-nginx-67cd96f68-n6sx5:cc-nginx-67cd96f68-n6sx5
x-requestid: f61504ee-3558-46e8-a4bd-162423d2969e
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RlhKR2GO8CmXxHqQgV8cNlgXq%2Bh7DWe92%2BYdcVqG%2FfaZfyDf05cxVTsrmAxVmYLOXlNczkQGzibbx0iCXFgxNoxpu4%2BCUHO%2FW18TD94ocw6ias6drDuQ%2F63qvEq7%2BAB3RpyQ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f002f79fd80b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML