www2.thesugartruth.com Open in urlscan Pro
2606:4700:4400::6812:24b8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bhmdlakey.com/FNX4R1/3M53P8N/?sub1=4805&utm_content=CMTE1MjcxNw%3D%3D
Effective URL:
https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolic...
Submission: On February 27 via api (February 27th 2024, 12:51:58 pm UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2606:4700:4400::6812:24b8, located in United States and belongs to CLOUDFLARENET, US. The main domain is www2.thesugartruth.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2023. Valid for: a year.

This is the only time www2.thesugartruth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.107.202.36 34.107.202.36	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 10	2606:4700:440... 2606:4700:4400::6812:24b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:90af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.39.58 34.117.39.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.19.180.99 52.19.180.99	16509 (AMAZON-02) (AMAZON-02)
1	208.118.62.69 208.118.62.69	7296 (DYNASCALE) (DYNASCALE)
3	2606:4700:440... 2606:4700:4400::ac40:90de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	8

1 34.107.202.36 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.202.107.34.bc.googleusercontent.com

www.bhmdlakey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:4400::6812:24b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www2.thesugartruth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:90af (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gundrymd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.39.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.39.117.34.bc.googleusercontent.com

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.180.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-180-99.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.118.62.69 (United States)

ASN7296 (DYNASCALE, US)

app.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:90de (United States)

ASN13335 (CLOUDFLARENET, US)

stat.youniverssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	thesugartruth.com 1 redirects www2.thesugartruth.com	4 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	4 KB
3	youniverssl.com stat.youniverssl.com — Cisco Umbrella Rank: 344847	17 KB
2	upsellit.com www.upsellit.com — Cisco Umbrella Rank: 10769 app.upsellit.com — Cisco Umbrella Rank: 19249	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	249 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1053	44 B
1	gundrymd.com cdn.gundrymd.com — Cisco Umbrella Rank: 263043	5 KB
1	bhmdlakey.com 1 redirects www.bhmdlakey.com	506 B
23	8

	Domain	Requested by
10	www2.thesugartruth.com	1 redirects www2.thesugartruth.com
5	fonts.googleapis.com	www2.thesugartruth.com
3	stat.youniverssl.com	www2.thesugartruth.com stat.youniverssl.com
2	www.googletagmanager.com	www2.thesugartruth.com
1	app.upsellit.com	www.upsellit.com
1	beacon.krxd.net	www2.thesugartruth.com
1	www.upsellit.com	www.googletagmanager.com
1	cdn.gundrymd.com	www2.thesugartruth.com
1	www.bhmdlakey.com	1 redirects
23	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-09` - `2024-05-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.upsellit.com RapidSSL TLS RSA CA G1	`2023-09-11` - `2024-10-03`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-29`	a year	crt.sh
youniverssl.com Cloudflare Inc ECC CA-3	`2023-09-10` - `2024-09-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
Frame ID: 452F6A32BE205252BF639D9AC5BA99F6
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gundry MD

Page URL History Show full URLs

https://www.bhmdlakey.com/FNX4R1/3M53P8N/?sub1=4805&utm_content=CMTE1MjcxNw%3D%3D HTTP 302
https://www2.thesugartruth.com/cid/7013w000002gIMIAA2?subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&su... HTTP 302
https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campa... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

23
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

4461 kB
Transfer

59888 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bhmdlakey.com/FNX4R1/3M53P8N/?sub1=4805&utm_content=CMTE1MjcxNw%3D%3D HTTP 302
https://www2.thesugartruth.com/cid/7013w000002gIMIAA2?subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow HTTP 302
https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/
Redirect Chain

https://www.bhmdlakey.com/FNX4R1/3M53P8N/?sub1=4805&utm_content=CMTE1MjcxNw%3D%3D
https://www2.thesugartruth.com/cid/7013w000002gIMIAA2?subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=c...

38 KB
14 KB

132ms
132ms

Document
text/html

2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdf4b908adee4671a217b41bc88131a8c0df4b4325304f52418a676f16ad9340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age = 31557600
cf-cache-status: DYNAMIC
cf-ray: 85c08fbee9a171ac-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 12:51:50 GMT
last-modified: Tue, 27 Feb 2024 01:10:23 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c08fbe18c371ac-FRA
content-length: 0
date: Tue, 27 Feb 2024 12:51:50 GMT
location: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 process_env.js Show response
www2.thesugartruth.com/ 1 KB
1 KB 131ms
131ms Script
application/javascript 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/process_env.js?ver=22720241

Requested by

Host: www2.thesugartruth.com
URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c23be2b2a01e23a72e0f656bfc85e9d79e1247bd37395d468e05f0f7e9cc9804

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:50 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Feb 2024 12:10:02 GMT
server: cloudflare
etag: W/"585-18dea78ce05"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: private, no-cache, max-age = 0
cf-ray: 85c08fc06d75912a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 560 KB
126 KB 100ms
51ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b668522b841ae2bbad65c73d360207e4ff3dc66dabc8006de809ea1f62b6eacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128029
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Feb 2024 12:51:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 594 KB
124 KB 113ms
66ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WLKKPD

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa7e194d069c71abb5404e3518d6b0317cd8f1af8e8678c46b5166d81920c2df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126581
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Feb 2024 12:51:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 46ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@600;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c27b34afba3137d30217abd1ef2990244fd904b09adcf09da7eb5b183c47cfa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:51:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 12:51:50 GMT

GET
H2 200 gundry-logo.jpg
cdn.gundrymd.com/images/ 4 KB
5 KB 102ms
28ms Image
image/jpeg 2606:4700:4400::ac40:90af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.gundrymd.com/images/gundry-logo.jpg
Requested by: Host: www2.thesugartruth.com
URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7a48f4eb2e5b82c2f4fae762aebf632c65ab78312aa95af4718e28cb5817b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:50 GMT
x-amz-version-id: f5O95PO0dAG8oDPyOnnSLZ0MSkXFCEZW
cf-cache-status: HIT
x-amz-request-id: H8FHAQNWFC1YFPJJ
age: 2047
cf-polished: origSize=4571
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 4413
x-amz-id-2: /14REnqLz+dpzpUImAEORpghterZL7cwjB+dKXaBNmMFBWNH8jqhc66bHMuozqigi3ACjGcFzc4=
cf-bgj: imgq:100,h2pri
last-modified: Mon, 30 Jan 2023 22:04:40 GMT
server: cloudflare
etag: "6534b079e432031ab72ea0beb4411445"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 85c08fc1cbcc1d8a-FRA
expires: Tue, 27 Feb 2024 16:51:50 GMT

GET
H3 200 fst_abbrev_funnel_confs.js Show response
www2.thesugartruth.com/ 31 MB
2 MB 232ms
231ms Script
application/javascript 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/fst_abbrev_funnel_confs.js?ver=22720241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec828e0ea3ac10cfc97dc94412f52f9917515438258bc8c9c41cab314f4a4263

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:50 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Feb 2024 12:43:47 GMT
server: cloudflare
etag: W/"1f38876-18dea97b789"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 85c08fc16e3e912a-FRA
expires: Tue, 27 Feb 2024 13:51:50 GMT

GET
H2 200 goldenhippo.jsp Show response
www.upsellit.com/active/ 93 KB
21 KB 56ms
15ms Script
application/x-javascript 34.117.39.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upsellit.com/active/goldenhippo.jsp

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PNTFNV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.39.117.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

964de230a47ef648158d9f48c6840b987621b010798d0dfb746f4b0f89d4a79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
date: Tue, 27 Feb 2024 04:59:02 GMT
server: nginx
age: 28368
vary: Accept-Encoding
content-type: application/x-javascript;charset=ISO-8859-1
cache-control: max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20860
expires: Wed, 28 Feb 2024 04:59:02 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
44 B 138ms
29ms Image
text/plain 52.19.180.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NqKvCG4b&event_type=default&company_id=4772303201
Requested by: Host: www2.thesugartruth.com
URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.180.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-180-99.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:50 GMT
server: awselb/2.0

GET
H2 200 session_data.jsp Show response
app.upsellit.com/utility/ 521 B
707 B 507ms
166ms Script
application/x-javascript 208.118.62.69
DYNASCALE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.upsellit.com/utility/session_data.jsp?extended=false&si=fj1ame_1709038311

Requested by

Host: www.upsellit.com
URL: https://www.upsellit.com/active/goldenhippo.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

208.118.62.69 , United States, ASN7296 (DYNASCALE, US),

Reverse DNS

Software

nginx /

Resource Hash

5692d13e473034bc35d16cbba8a6b0e07df0af5877f7c60441402d39acf09b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-type: application/x-javascript;charset=ISO-8859-1
date: Tue, 27 Feb 2024 12:51:51 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-length: 521
expires: Wed, 28 Feb 2024 12:51:51 GMT

GET
H3 200 main.css
www2.thesugartruth.com/build/ 21 MB
1 MB 138ms
137ms Stylesheet
text/css 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/build/main.css?ver=22720241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

829ffa0ce635e057f09462abc7ebea5c0a90e261d6a000001100a70a4f617de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:51 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: EXPIRED
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Feb 2024 00:44:03 GMT
server: cloudflare
etag: W/"1556537-18de804c438"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 85c08fc33f6b912a-FRA
expires: Tue, 27 Feb 2024 13:51:51 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
416 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:51:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 12:51:50 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
441 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap

Requested by

Host: www2.thesugartruth.com
URL: https://www2.thesugartruth.com/build/main.css?ver=22720241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 12:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 10:57:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 12:51:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ 4 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap

Requested by

Host: www2.thesugartruth.com
URL: https://www2.thesugartruth.com/build/main.css?ver=22720241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e4cc96bc451bf471e49ca2aa72bcfae0c57800fb44dc7bf510db2d87123801c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 12:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:51:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 12:51:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
505 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Red+Hat+Display:wght@600&family=Red+Hat+Text:wght@400;500&display=swap

Requested by

Host: www2.thesugartruth.com
URL: https://www2.thesugartruth.com/build/main.css?ver=22720241

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b44fc856e224a8ac1892a87618cbcbc4e5d58d9cf1961910c230cff58b3a388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 12:51:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 12:51:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 12:51:52 GMT

GET
H3 200 countries.js Show response
www2.thesugartruth.com/ 4 KB
2 KB 119ms
119ms Script
application/javascript 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/countries.js?ver=22720241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88c72c589dbca5386f07e4da64fe4971a2b48f4dcc279be161b502b85fac17af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:53 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Feb 2024 12:04:59 GMT
server: cloudflare
etag: W/"117f-18dea742f36"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 85c08fd3db4a912a-FRA
expires: Tue, 27 Feb 2024 13:51:53 GMT

GET
H3 200 request-ip Show response
www2.thesugartruth.com/ 71 B
438 B 204ms
204ms Script
application/javascript 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/request-ip

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

782218f93262e2c1f166e7663c828a40b059a6065fe93c17f59e2f73252e038e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:53 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"47-Hat8m0JPcaWC0jZcQJIzudt9m7g"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, max-age = 0
cf-ray: 85c08fd49c04912a-FRA

GET
H3 200 getsession Show response
www2.thesugartruth.com/proxy/utils/ 0
356 B 137ms
136ms XHR
application/octet-stream 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/proxy/utils/getsession

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
x-brand: Gundry MD
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 spaces-router (devel), 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-download-options: noopen
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
access-control-expose-headers: X-Brand
access-control-allow-credentials: true
cf-ray: 85c08fd49c07912a-FRA

GET
H3 200 polyfills.js Show response
www2.thesugartruth.com/build/ 94 KB
34 KB 317ms
317ms Script
application/javascript 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/build/polyfills.js?ver=22720241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90b962bca59cf336841c19b2c6a979fef290f3924be05fd500678076f19fee42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:54 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Feb 2024 00:47:23 GMT
server: cloudflare
etag: W/"179e9-18de807d178"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 85c08fd49c09912a-FRA
expires: Tue, 27 Feb 2024 13:51:53 GMT

GET
H3 200 bundle.js Show response
www2.thesugartruth.com/build/ 5 MB
753 KB 140ms
140ms Script
application/javascript 2606:4700:4400::6812:24b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.thesugartruth.com/build/bundle.js?ver=22720241

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:24b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000f23fcc2370c365b51aa8e5262d8c16a2d160562a35c4bd5f9205a94937ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:53 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Feb 2024 00:48:43 GMT
server: cloudflare
etag: W/"483884-18de80909f8"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=3600
cf-ray: 85c08fd49c0a912a-FRA
expires: Tue, 27 Feb 2024 13:51:53 GMT

GET
H2 200 cscript.js Show response
stat.youniverssl.com/js/ 9 KB
3 KB 170ms
131ms Script
application/javascript 2606:4700:4400::ac40:90de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/js/cscript.js?v=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:55 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 26 Jan 2024 17:24:10 GMT
server: cloudflare
vary: accept-encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 85c08fe1dc674dac-FRA
expires: 0

GET
H2 200 fp.min.js Show response
stat.youniverssl.com/js/ 31 KB
13 KB 129ms
128ms Script
application/javascript 2606:4700:4400::ac40:90de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/js/fp.min.js

Requested by

Host: stat.youniverssl.com
URL: https://stat.youniverssl.com/js/cscript.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:51:56 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 26 Jan 2024 17:24:10 GMT
server: cloudflare
vary: accept-encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 85c08fe2bd3f4dac-FRA
expires: 0

GET
H3 200 stat Show response
stat.youniverssl.com/ 3 KB
1 KB 123ms
123ms Script
application/javascript 2606:4700:4400::ac40:90de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.youniverssl.com/stat?callback=siteStatHandler&consume=%7B%22affParameters%22%3A%7B%22utmSource%22%3A%22email%22%2C%22utmMedium%22%3A%22cpa%22%2C%22utmCampaign%22%3A%22gmd-db-metabolicadvanced-dbeml-all-qqq%22%2C%22utmCampaignId%22%3A%227013w000002gIMIAA2%22%2C%22utmContent%22%3Anull%2C%22utmTerm%22%3Anull%2C%22subId1%22%3A%22cd1e5f63fb364aca83516614b667ce5b%22%2C%22subId2%22%3A%22280%22%2C%22subId3%22%3A%224805%22%2C%22subId4%22%3Anull%2C%22subId5%22%3A%22everflow%22%7D%2C%22sessionid%22%3Anull%2C%22url%22%3A%22https%3A%2F%2Fwww2.thesugartruth.com%2Ffst%2Fd_db_ma_vslstart_qqq%2F%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Ddbtcr%26utm_campaign%3Dgmd-db-metabolicadvanced-dbeml-all-qqq%26utm_campaign_id%3D7013w000002gIMIAA2%26utm_medium%3Dcpa%26utm_source%3Demail%26subid1%3Dcd1e5f63fb364aca83516614b667ce5b%26subid2%3D280%26subid3%3D4805%26subid5%3Deverflow%22%2C%22alternaiGuestId%22%3A%5B%5D%2C%22external_id%22%3A%5B%5D%7D&id=a52c629b3f640b12004154b331affaf3&url=https%3A%2F%2Fwww2.thesugartruth.com%2Ffst%2Fd_db_ma_vslstart_qqq%2F%3Fbusiness_unit%3Da00f400000dk8tnaab%26n%3Ddbtcr%26utm_campaign%3Dgmd-db-metabolicadvanced-dbeml-all-qqq%26utm_campaign_id%3D7013w000002gIMIAA2%26utm_medium%3Dcpa%26utm_source%3Demail%26subid1%3Dcd1e5f63fb364aca83516614b667ce5b%26subid2%3D280%26subid3%3D4805%26subid5%3Deverflow&sessionid=null

Requested by

Host: stat.youniverssl.com
URL: https://stat.youniverssl.com/js/cscript.js?v=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90de , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31b7bacbf228c05f6647b650b67a6d41715a232ae49cd96728b18764ec849be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www2.thesugartruth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 12:51:56 GMT
via: 1.1 spaces-router (devel)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: accept-encoding
x-frame-options: DENY
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 85c08fe3eac15c02-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: 0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bhmdlakey.com/	1970-01-20 18:45:24	Name: uniqueClick_3M53P8N Value: 831151bc-a271-44ec-8263-7397b1ba59b6:1709038309
www.bhmdlakey.com/	1970-01-20 20:53:34	Name: transaction_id Value: cd1e5f63fb364aca83516614b667ce5b
www2.thesugartruth.com/	1969-12-31 23:59:59	Name: _csrf Value: 5rtes0iTIW-7rjnMCsnObGX6
.thesugartruth.com/	1970-01-20 18:44:00	Name: __cf_bm Value: wf8E_kdbevo3OirXb5JtQ1Q2LJxV8DPPLXsxVZ225a4-1709038310-1.0-AXIMh0SrrIsdPLInnuavWP+n4cXB8npj+dPdi9SaEuH2OjGOL41m6d8S4ljDlen7HItPGrYc22kz4E8k1QBuBbM=
.gundrymd.com/	1970-01-20 18:44:00	Name: __cf_bm Value: 9eMOjj0gEDK9MyklM_JNGwkVYl5bL.V1caBx1WYIfsg-1709038310-1.0-AU95+k4OEXTKF1VhiopRY5LgQ43FVeYvlBOjF1ZW+PtPAOZyF8FXLMlVW2HeR0Dkt2Kd2qopAfcR94eugdFmOzY=
www2.thesugartruth.com/	1970-01-21 03:31:00	Name: qa_cookie Value: 1709038310763
.thesugartruth.com/	1970-01-20 20:53:34	Name: _gcl_au Value: 1.1.462584466.1709038311
www2.thesugartruth.com/	1970-01-21 03:29:34	Name: alternaiGuestId Value: d586a4ed-3449-404a-97aa-92e1b0904115,www2.thesugartruth.com,,blob:https:
www2.thesugartruth.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: EM5p0J6F-sa9_Ig_lGCEXOUaWiURRRD07fj4
.youniverssl.com/	1970-01-20 18:44:00	Name: __cf_bm Value: Cf.5xWcIj3YISX7wsr4_s76kWoacbAr6Vig5tn8N6iI-1709038315-1.0-AbqHphCbdci9iTzNfKRi/ZJcmMGMdN8Oe64JS6BZhkN3Qbnhw1Ne2rkHoMTPCczTq/PTWOTkhUbZjMGKfGcgxY4=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www2.thesugartruth.com/fst/d_db_ma_vslstart_qqq/?business_unit=a00f400000dk8tnaab&n=dbtcr&utm_campaign=gmd-db-metabolicadvanced-dbeml-all-qqq&utm_campaign_id=7013w000002gIMIAA2&utm_medium=cpa&utm_source=email&subid1=cd1e5f63fb364aca83516614b667ce5b&subid2=280&subid3=4805&subid5=everflow Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.upsellit.com
beacon.krxd.net
cdn.gundrymd.com
fonts.googleapis.com
stat.youniverssl.com
www.bhmdlakey.com
www.googletagmanager.com
www.upsellit.com
www2.thesugartruth.com
208.118.62.69
2606:4700:4400::6812:24b8
2606:4700:4400::ac40:90af
2606:4700:4400::ac40:90de
2a00:1450:4001:810::2008
2a00:1450:4001:828::200a
34.107.202.36
34.117.39.58
52.19.180.99
000f23fcc2370c365b51aa8e5262d8c16a2d160562a35c4bd5f9205a94937ce4
31b7bacbf228c05f6647b650b67a6d41715a232ae49cd96728b18764ec849be2
3db6f8817221a5ae78a52b8e333260135bf2519ebeef8a7d77d3bcd0ed950384
3e4cc96bc451bf471e49ca2aa72bcfae0c57800fb44dc7bf510db2d87123801c
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4b44fc856e224a8ac1892a87618cbcbc4e5d58d9cf1961910c230cff58b3a388
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
5692d13e473034bc35d16cbba8a6b0e07df0af5877f7c60441402d39acf09b55
5d7a48f4eb2e5b82c2f4fae762aebf632c65ab78312aa95af4718e28cb5817b2
782218f93262e2c1f166e7663c828a40b059a6065fe93c17f59e2f73252e038e
829ffa0ce635e057f09462abc7ebea5c0a90e261d6a000001100a70a4f617de9
88c72c589dbca5386f07e4da64fe4971a2b48f4dcc279be161b502b85fac17af
90b962bca59cf336841c19b2c6a979fef290f3924be05fd500678076f19fee42
964de230a47ef648158d9f48c6840b987621b010798d0dfb746f4b0f89d4a79c
b078999f1e87fb1a80a941371723dc584673d28de33c3d69a8d98688f4dbdea1
b668522b841ae2bbad65c73d360207e4ff3dc66dabc8006de809ea1f62b6eacf
bdf4b908adee4671a217b41bc88131a8c0df4b4325304f52418a676f16ad9340
c23be2b2a01e23a72e0f656bfc85e9d79e1247bd37395d468e05f0f7e9cc9804
c27b34afba3137d30217abd1ef2990244fd904b09adcf09da7eb5b183c47cfa0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec828e0ea3ac10cfc97dc94412f52f9917515438258bc8c9c41cab314f4a4263
fa7e194d069c71abb5404e3518d6b0317cd8f1af8e8678c46b5166d81920c2df

www2.thesugartruth.com Open in urlscan Pro 2606:4700:4400::6812:24b8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

56 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

4461 kBTransfer

59888 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

10 Cookies

4 Console Messages

Security Headers

Indicators

www2.thesugartruth.com Open in urlscan Pro
2606:4700:4400::6812:24b8 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

4461 kB
Transfer

59888 kB
Size

10
Cookies

23 HTTP transactions
0 data transactions