| static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css | 34.107.203.240 | 200 OK | 27 kB |
URL GET HTTP/2static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /fonts/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: b6534fd7ba1e5ea59d10a086396a2dbd
content-encoding: gzip
server: Google Frontend
via: 1.1 google
date: Sat, 06 Apr 2024 05:03:22 GMT
expires: Sun, 06 Apr 2025 05:03:22 GMT
cache-control: public, max-age=31536000
etag: "-6uIpg"
content-type: text/css
vary: Accept-Encoding
content-length: 26836
age: 859846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| embed.lpcontent.net/leadboxes/current/embed.js | 34.107.203.240 | 200 OK | 15 kB |
URL GET HTTP/2embed.lpcontent.net/leadboxes/current/embed.js IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subjectembed.lpcontent.net FingerprintFD:A4:56:03:B6:BA:9C:FD:30:9B:68:CA:EE:56:98:E7:5E:5F:4A:21 ValidityTue, 26 Mar 2024 23:09:25 GMT - Tue, 25 Jun 2024 00:02:39 GMT
File typeJavaScript source, ASCII text, with very long lines (30758) Hash7efcfabdb6209627ce8b016b1c4814eb f3b8ebfc5fe452333c0fa14b15b28567f30921b9 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
GET /leadboxes/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 2ae4014f12ee141821a8fd4e709135b3
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14811
date: Tue, 16 Apr 2024 03:54:08 GMT
expires: Tue, 16 Apr 2024 03:59:08 GMT
cache-control: public, max-age=300
etag: "-6uIpg"
content-type: application/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700 | 142.250.74.74 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700 IP142.250.74.74:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hash60e015ed6e85f5ece1c6e4cfc76a45dd 7435e1d9f1a3534552d78f5a6595293ec89691a1 78cb8d2f4d488252b6c33f9da294c405975767d7242d5b640e8007220a791379
GET /css?family=Roboto+Condensed:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 03:54:08 GMT
date: Tue, 16 Apr 2024 03:54:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8] | 104.18.21.187 | 302 Found | 74 kB |
URL User Request GET HTTP/2verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8] IP104.18.21.187:443
CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
Hashfa6a10370db95fc6e5fcde816444978c 90a051b887b541d0744177c6554e4fdddcb92552 1760d5d8486a14c47b550665bb20e3c2bf50a58fb24ff2cbe7f97be8fcff0e48
GET /go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.behindthemarkets-btm.com/7BZ2W/5XTBKP/?sub1=3415441913363328932
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=30162c6f08097dda9f0c6ae1191e2636; path=/
pixel_session_hash_32417=3415441913363328932; expires=Thu, 16-May-2024 03:54:05 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_32417=138a7d1eb22bc95cbfb339301389135144f3a0fcd201867c57501019dc07bdcb; expires=Thu, 18-Apr-2024 03:54:05 GMT; Max-Age=172800
__cf_bm=q32vCI3UaMHXFxQa1_9KlLRv9f_hYu4tuP_hZmAsnQU-1713239647-1.0.1.1-m5ls6tmbQkZKrgrWorPSUgHIBKL6G2UqUIFAw8kn.vjUnfhC9MTLQNJsRMVYaGLf573IiRjFm0Fh4dvcM4QuPg; path=/; expires=Tue, 16-Apr-24 04:24:07 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87513b6d790a56b9-OSL
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 | 216.58.207.227 | 200 OK | 51 kB |
URL GET HTTP/2fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 51404, version 1.0 Hashb904fcdf1c4c6059fadd6893a7bc7619 f41d1674f02616f03ef77d4e84b3ad8ba28a36fc 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Apr 2024 02:08:09 GMT
expires: Thu, 10 Apr 2025 02:08:09 GMT
cache-control: public, max-age=31536000
age: 524759
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.center.io/identify.html | 216.239.32.21 | 200 OK | 2.0 kB |
URL GET HTTP/2js.center.io/identify.html IP216.239.32.21:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subjectjs.center.io Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4 ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT
File typeHTML document, ASCII text, with very long lines (612) Hash0ba3629e9c8b8af4c7a13d344978898a c05b5c80e1eec6e630547ecfacf11eb86391e4b6 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 64d834abb62848afee8f967d2ebd8a1a
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Tue, 16 Apr 2024 03:53:32 GMT
expires: Tue, 16 Apr 2024 03:58:32 GMT
cache-control: public, max-age=300
age: 36
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 16:27:38 GMT
expires: Wed, 09 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 559590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX | 142.250.74.168 | 200 OK | 104 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (30332) Size104 kB (103589 bytes) Hash017e8258df365ec2661a05bcc2c48e72 ec60bdd2dd2cd453856f94b55a6aa43514472b19 6e342081d480b2c0dc2d691d713369d5ce13a363a9cb9774c81b2050b5e96bac
GET /gtm.js?id=GTM-WNRH3TX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:08 GMT
expires: Tue, 16 Apr 2024 03:54:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 436748
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js | 151.101.1.91 | 200 OK | 7.9 kB |
URL GET HTTP/2fast.vidalytics.com/embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21917), with no line terminators Hash661f3a47ba832715dff25c26711e7eb9 c59a3754c26dcd37c3478a4d6a89d874201d36f8 c98ecf5ac3926f1612f37dae46cf6c73350ff28054c2307090481e2745c335d0
GET /embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 32
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
age: 1640
date: Tue, 16 Apr 2024 03:54:08 GMT
x-served-by: cache-dfw-kdal2120038-DFW, cache-hel1410024-HEL
x-cache: HIT, MISS
x-cache-hits: 18, 0
x-timer: S1713239649.827867,VS0,VE128
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7858
X-Firefox-Spdy: h2
|
|
| static.leadpages.net/images/favicon.ico | 34.107.203.240 | | 2.6 kB |
URL GET static.leadpages.net/images/favicon.ico IP34.107.203.240:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash0210a839146c090d313d070610e16bd2 f87bd57affad1046bf0f44db93f7c23304e43d55 76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
GET /images/favicon.ico HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 3530dc0fd7e80fddf6dd4ba9f8cc43ad
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 2594
date: Tue, 16 Apr 2024 03:53:24 GMT
expires: Tue, 16 Apr 2024 03:58:24 GMT
cache-control: public, max-age=300
age: 45
etag: "-6uIpg"
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 | 142.250.74.161 | 200 OK | 251 B |
URL GET HTTP/2lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 IP142.250.74.161:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typePNG image data, 16 x 3, 8-bit/color RGBA, non-interlaced Hashb73a89df13870206d4104c99ec9973c5 dba02bf1f1c06839760da64a0739327a0d20019b 47901a3ecf1fc1e211131e3e6453422084b56e34b9a4ef14a123e48168c62937
GET /tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 251
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:03:47 GMT
expires: Wed, 17 Apr 2024 03:03:47 GMT
cache-control: public, max-age=86400, no-transform
age: 3022
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 | 142.250.74.161 | 200 OK | 377 B |
URL GET HTTP/2lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 IP142.250.74.161:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typePNG image data, 16 x 6, 8-bit/color RGB, non-interlaced Hashed4137102d21623f529b27def8c75cb2 6e42b34bb4dd05ca21d3080cf053428b1d22b542 fe29fbc2a49916e11f94d481b36086c3032902f8414df1f9de6afcca8e4eb7f9
GET /Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 377
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:03:47 GMT
expires: Wed, 17 Apr 2024 03:03:47 GMT
cache-control: public, max-age=86400, no-transform
age: 3022
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 86 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashf4ce7ec99d42317ce06548e40dd801ca 2007ccd238e54577d00b0a82188e843a73cf9aa0 8c2338eb3e431a97cd33234874bed0e8cccb0ddf88615c0dbea20b3872c9399a
GET /gtag/js?id=AW-16454845358&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86369
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 100 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (15506) Size100 kB (100468 bytes) Hashc18f966fd72af9e472fba3a17d5b8695 3469261b9315beef238800f6592c361eb2d04b85 5432d63cfe1751bccbd67bc7bae4fe650581e019900a6308fb6443a57b7ea23e
GET /gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=AW-660882099 | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-660882099 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash2fcdd32725a96d4dd65ffefc47261969 1dff81023a2fbc9b51bf55efd05d6ba79c6a56b1 cdc5ecbee5a047d88c2bce3ed79ceeb51a68d23c245e0ae7af57052d1fc06f50
GET /gtag/js?id=AW-660882099 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=s16 | 142.250.74.161 | 200 OK | 952 B |
URL GET HTTP/2lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=s16 IP142.250.74.161:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=hexagon concept design abstract technology background vector EPS10, software=Picasa], baseline, precision 8, 16x10, components 3 Hash518192098c36973d0d63a27cdf90fbe7 5041622c3427e1aa50a74810122a91685a95701c 4086c91f85bfe320fbca5e031fd3257487b98f8c14a930a1035e3db61f83ce93
GET /mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=s16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 952
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Wed, 17 Apr 2024 03:54:09 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/players/v.4.3.3.000-vid-prod/player.min.js | 151.101.1.91 | 200 OK | 266 kB |
URL GET HTTP/3fast.vidalytics.com/players/v.4.3.3.000-vid-prod/player.min.js IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size266 kB (266243 bytes) Hashe91192bb73361bd71ca6c57fd7574a0b b7067fd0be088bdc811438955959baba4f75f48b fe68b0da3eb42ca233dc9558748f676f541e583efa272b9c8ac39e2be4e71744
GET /players/v.4.3.3.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 266243
x-guploader-uploadid: ABPtcPpE4K4hRFg91e5Swdl_ZNzVkGeFwemz67K0KxgmERb1lyi0gDJW7co_XmY1-LU9C9RkcxYIQsXYxA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Wed, 10 Apr 2024 08:41:05 GMT
last-modified: Mon, 11 Mar 2024 08:36:30 GMT
etag: "23462b16f3d8a48814f6f216d08b940c"
x-goog-generation: 1710146190347127
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 266243
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=hXdP3Q==, md5=I0YrFvPYpIgU9vIW0IuUDA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 949494
date: Tue, 16 Apr 2024 03:54:09 GMT
x-served-by: cache-dfw-kdfw8210130-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 51248, 0
x-timer: S1713239649.403855,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=w1280 | 142.250.74.161 | 200 OK | 34 kB |
URL GET HTTP/2lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=w1280 IP142.250.74.161:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=hexagon concept design abstract technology background vector EPS10, software=Picasa], baseline, precision 8, 1280x768, components 3 Hashbaff1c8f6527160e5f205142ad21febe ee212081c047b4ff9cbc671d6b1a38c748c376f7 405ef1241ea0c0ab000d03cbb1c7e2f29560fc5ae15d403a28f3a9d8be17d098
GET /mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 33488
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Wed, 17 Apr 2024 03:54:09 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css | 34.107.203.240 | 200 OK | 15 kB |
URL GET HTTP/3static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeASCII text, with very long lines (58749) Hash84d8ad2b4fcdc0f0c58247e778133b3a 6f33eae92d42fe209167139940a0ad6a3c6c167e 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 7b72605057de8853f8e674100e7e6ccd
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Sat, 13 Apr 2024 14:31:54 GMT
expires: Sun, 13 Apr 2025 14:31:54 GMT
cache-control: public, max-age=31536000
age: 220935
etag: "-6uIpg"
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 | 216.58.207.227 | 200 OK | 45 kB |
URL GET HTTP/2fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 IP216.58.207.227:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 44584, version 1.0 Hashe04669366cda1aca21161f9e22bac3ae 157532ec5cdb07c395eb96aa6e9d0de1eeb869a7 43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
GET /s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:38:09 GMT
expires: Fri, 11 Apr 2025 02:38:09 GMT
cache-control: public, max-age=31536000
age: 436560
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.center.io/center.js | 216.239.32.21 | 200 OK | 5.4 kB |
IP216.239.32.21:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subjectjs.center.io Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4 ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT
File typeJavaScript source, ASCII text, with very long lines (566) Hash60f05ff45d707fe36d87b75bf181800d e34d94b519ed465481596bcff099467feb0aafdd cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=FGnWj42sPnuANgDQdZhVkJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 8736c587191aa575e07f164d3bcc5513
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Tue, 16 Apr 2024 03:49:52 GMT
expires: Tue, 16 Apr 2024 03:54:52 GMT
cache-control: public, max-age=300
age: 257
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 436749
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 436749
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.center.io/identify.html | 216.239.32.21 | 200 OK | 2.0 kB |
URL GET HTTP/2js.center.io/identify.html IP216.239.32.21:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subjectjs.center.io Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4 ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT
File typeHTML document, ASCII text, with very long lines (612) Hash0ba3629e9c8b8af4c7a13d344978898a c05b5c80e1eec6e630547ecfacf11eb86391e4b6 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=FGnWj42sPnuANgDQdZhVkJ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: c84233c854f2857f9b69c25f91dc84c0
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Tue, 16 Apr 2024 03:53:37 GMT
expires: Tue, 16 Apr 2024 03:58:37 GMT
cache-control: public, max-age=300
age: 32
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 | 142.250.74.161 | 200 OK | 69 kB |
URL GET HTTP/3lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 IP142.250.74.161:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typePNG image data, 1064 x 197, 8-bit/color RGBA, non-interlaced Hash9b97f6e005b2f1a8e177cc4eb518a109 bbdb7e214525ba28bd16766e81ad9cabd361569d aaae268765615295c8949b10bcbd2cbca39703e2e7366fd8c52ae1aa536a1435
GET /tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 69027
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:03:48 GMT
expires: Wed, 17 Apr 2024 03:03:48 GMT
cache-control: public, max-age=86400, no-transform
age: 3021
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=883848914.1713239649>m=45je44f0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=271005403 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=883848914.1713239649>m=45je44f0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=271005403 IP142.250.74.163:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68 ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=883848914.1713239649>m=45je44f0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=271005403 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 03:54:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=GaGK5cmexe3MTLuLyxaEFM&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=FGnWj42sPnuANgDQdZhVkJ&sid=VR7oPmu34ztQfEgoPWPqYc&cid=lp-GaGK5cmexe3MTLuLyxaEFM&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&rf=&rx=1280&ry=1024&tz=%2B00%3A00 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=GaGK5cmexe3MTLuLyxaEFM&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=FGnWj42sPnuANgDQdZhVkJ&sid=VR7oPmu34ztQfEgoPWPqYc&cid=lp-GaGK5cmexe3MTLuLyxaEFM&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&rf=&rx=1280&ry=1024&tz=%2B00%3A00 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=GaGK5cmexe3MTLuLyxaEFM&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=FGnWj42sPnuANgDQdZhVkJ&sid=VR7oPmu34ztQfEgoPWPqYc&cid=lp-GaGK5cmexe3MTLuLyxaEFM&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&rf=&rx=1280&ry=1024&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4nit6tlfuo72nem70
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
set-cookie: view.bb4wMKcXKB896PwqF4vMVT-default-prop.GaGK5cmexe3MTLuLyxaEFM=1713239650000; Domain=api.leadpages.io; expires=Wed, 17 Apr 2024 03:54:09 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
Date: Tue, 16 Apr 2024 03:54:09 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/stream.m3u8 | 151.101.1.91 | 200 OK | 1.2 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/stream.m3u8 IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashf926a251127524b57b9fb36b908c05e5 5241394d8dd6572d5e199c6eaf8d7132af679a93 ff3f1f8a11b59def85faab6179a1ecd1cf79cb6dd77f841fa705884c229fd7f7
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1190
x-guploader-uploadid: ABPtcPpJFtJDOuEiI0LRMp02ndzL3D4RCMcbFN9_CIepgYQKdRZdEMn-TWt7sSWl1gna22NjmyqMizgZ1g
cache-control: public, max-age=31104000
expires: Tue, 28 Jan 2025 17:36:43 GMT
last-modified: Tue, 31 Oct 2023 01:43:43 GMT
etag: "f926a251127524b57b9fb36b908c05e5"
x-goog-generation: 1698716623912795
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1190
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=qgkpNQ==, md5=+SaiURJ1JLV7n7NrkIwF5Q==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 648206
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210175-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 204, 0
x-timer: S1713239650.036845,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=295,1,LUmjr7qNYJFaJKUHS39Dqg | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=295,1,LUmjr7qNYJFaJKUHS39Dqg IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=295,1,LUmjr7qNYJFaJKUHS39Dqg HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4niu3pfl65ng0pcag
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:09 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/preview-5_0.jpg | 151.101.1.91 | 200 OK | 1.9 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/preview-5_0.jpg IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 107x60, components 3 Hash80d5fac79b54d4f90238676dafb0e842 33d3fa7812937586abf814b6d85f627158590e30 aef48c72597f4752058d3efe234275d8882ec4d9c9a2f4cf1a19bb6053ab7870
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/preview-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1863
x-guploader-uploadid: ABPtcPqHUpqT1xcR6ht5P9eF2eMGW_Rl16U_W_gN-A2ixpEe9r5OrEHgQVyRRNwoJEMtrCUNux-GXT10lg
cache-control: public, max-age=31104000
expires: Mon, 31 Mar 2025 02:33:35 GMT
last-modified: Tue, 31 Oct 2023 00:59:37 GMT
etag: "80d5fac79b54d4f90238676dafb0e842"
x-goog-generation: 1698713977878956
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1863
content-type: image/jpeg
x-goog-hash: crc32c=91t/rA==, md5=gNX6x5tU1PkCOGdtr7DoQg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 955234
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdal2120022-DFW, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 499, 0
x-timer: S1713239650.054189,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 | 151.101.1.91 | 200 OK | 49 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash50b3e5a801b5fd7b186cc9e93123cc37 12bdb9b8c8c1ce6ce701aa8bc5a992cf4564bec7 8f4c8e7e3a00aa6c75fff5306e0e085d7b518ed8845a3ca4106494cadb93d33a
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 49361
x-guploader-uploadid: ABPtcPrqrs_tnZxTCqRnLgHAItRK6yx27i9xuRMUz5ClvPB6sQhTaXIOVLMjzhMWkod5mKaDrpXyRo2uuo-BplX1MGz3SjS5FQa6
x-goog-generation: 1698716623940543
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 49361
x-goog-hash: crc32c=tpqcZg==, md5=ULPlqAG1/XsYbMnpMSPMNw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
expires: Fri, 25 Oct 2024 01:48:35 GMT
cache-control: public, max-age=31104000
last-modified: Tue, 31 Oct 2023 01:43:43 GMT
etag: "50b3e5a801b5fd7b186cc9e93123cc37"
content-type: application/vnd.apple.mpegurl
x-lb-backend: gcs-prod
x-lb-cache: hit
accept-ranges: bytes
age: 770441
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210069-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 1131, 0
x-timer: S1713239650.068928,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 | 151.101.1.91 | 200 OK | 38 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashe1a9d3c1cb79b46fdaa40188abfd16ac 53500ad65d8766da126081a9df88691f8ae4784a bdbd70b54e4ca3f20b73fd48f250b24eed5414357c0aa01c10505a86cba5fadc
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 38201
x-guploader-uploadid: ABPtcPrHSjI3otfnre137tk-op7YJluEBQOwI6qWACurwjyTmaFOCGPfQSl_X2wkUALM8GWZbGb1IQz5Q8XtsgB7BqvGFLRVwe_j
x-goog-generation: 1698716623848188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38201
x-goog-hash: crc32c=8qLImA==, md5=4anTwct5tG/apAGIq/0WrA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
expires: Fri, 25 Oct 2024 01:48:56 GMT
cache-control: public, max-age=31104000
last-modified: Tue, 31 Oct 2023 01:43:43 GMT
etag: "e1a9d3c1cb79b46fdaa40188abfd16ac"
content-type: application/vnd.apple.mpegurl
x-lb-backend: gcs-prod
x-lb-cache: hit
accept-ranges: bytes
date: Tue, 16 Apr 2024 03:54:10 GMT
age: 751862
x-served-by: cache-dfw-kdfw8210033-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 491, 8
x-timer: S1713239650.070882,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/1.ts | 151.101.1.91 | 200 OK | 55 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/1.ts IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hashe4264b153dbeb9615150267593097460 55410a6c08e82ee4fea750f8ecfabded1c9ba472 5ffbd0e98b6367c2948a9caa8503b431da4ac86afd513141f0413d8b98172d68
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 54708
x-guploader-uploadid: ABPtcPrYaV5uYPwfKAfBMVSkr2r5XKpIH072ZIlJkC7DO04ZaHdx4lfG3aV0vQ03XysVtstG4bB4gkcxMg
cache-control: public, max-age=31104000
expires: Thu, 23 Jan 2025 21:04:06 GMT
last-modified: Tue, 31 Oct 2023 01:41:40 GMT
etag: "e4264b153dbeb9615150267593097460"
x-goog-generation: 1698716500854143
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54708
content-type: video/mp2t
x-goog-hash: crc32c=Pi0wWg==, md5=5CZLFT2+uWFRUCZ1kwl0YA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2980130
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210027-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 5038, 0
x-timer: S1713239650.155139,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44f0v874108444z8812088355za200&_p=1713239648642&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3915 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44f0v874108444z8812088355za200&_p=1713239648642&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3915 IP216.239.34.36:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44f0v874108444z8812088355za200&_p=1713239648642&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3915 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Tue, 16 Apr 2024 03:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/video/1280x720_h264_2500000/1.ts | 151.101.1.91 | 200 OK | 602 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/video/1280x720_h264_2500000/1.ts IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size602 kB (601976 bytes) Hash34292f8276d600fd1bad366b56ab3cad 96dec7df4f06298a908d38026549e5f147d25608 f4c3d881d749ba53bf4640f94a5832d6459442365b5b373589d59092a1f7ea46
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/video/1280x720_h264_2500000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 601976
x-guploader-uploadid: ABPtcPoSIuRfdW62T7XATUmsmKUTjpisSMNROeXDLiL6fB_LpGz2ymG8evfNmYKe5JtMnLvCKxI
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 11:50:57 GMT
last-modified: Tue, 31 Oct 2023 01:40:56 GMT
etag: "34292f8276d600fd1bad366b56ab3cad"
x-goog-generation: 1698716456429699
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 601976
content-type: video/mp2t
x-goog-hash: crc32c=J82Rcw==, md5=NCkvgnbWAP0brTZrVqs8rQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 662593
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdal2120047-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1368, 0
x-timer: S1713239650.112128,VS0,VE131
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| analytics-ingress-global.bitmovin.com/licensing | 35.190.27.197 | 200 OK | 77 B |
URL POST HTTP/2analytics-ingress-global.bitmovin.com/licensing IP35.190.27.197:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoDaddy.com, Inc. Subject*.bitmovin.com FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT
Hash40f9443d5dc02e385b00b24c1f570269 c0e65fe8f73334d638173b9e33eff4f36d913104 ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 110
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: v1.62.1
date: Tue, 16 Apr 2024 03:54:10 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ | 107.178.211.97 | 200 OK | 43 B |
URL GET HTTP/2stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=PzpZ_7KZ HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "PzpZ_7KZ/0D5uodr_LHPVHMxq"
date: Tue, 16 Apr 2024 03:54:10 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=57,431,247,738,9,882,1223,1257,2872,2872 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=57,431,247,738,9,882,1223,1257,2872,2872 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=57,431,247,738,9,882,1223,1257,2872,2872 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 02j4nj1d6lcqmbc09vgg
Date: Tue, 16 Apr 2024 03:54:10 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer&label=lb_embed_leadbox_load&value=705 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer&label=lb_embed_leadbox_load&value=705 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer&label=lb_embed_leadbox_load&value=705 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4nj1fp66qu3eht6dg
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:10 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/2.ts | 151.101.1.91 | 200 OK | 57 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/2.ts IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash6a22b9263604e731c2b776c2b603b457 64f676210c7b208e9e45866ab38ed9024582eaf2 699b93941c4ab62d5e4981fc420cf20e76b9e34a7e59514778d0a3dca05030d1
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 56776
x-guploader-uploadid: ABPtcPr95z_0WnuKo0cntalbF0gzAkXVyKCTgfr-p3C0BDsxpsRvargXdrEkIx-wfLD0nneTWgal3OP79fEJ5eteNUoXjE5bLeWp
cache-control: public, max-age=31104000
expires: Fri, 25 Oct 2024 01:52:20 GMT
last-modified: Tue, 31 Oct 2023 01:41:41 GMT
etag: "6a22b9263604e731c2b776c2b603b457"
x-goog-generation: 1698716501722888
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56776
content-type: video/mp2t
x-goog-hash: crc32c=O/aZxw==, md5=aiK5JjYE5zHCt3bCtgO0Vw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 755956
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210165-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1916, 0
x-timer: S1713239650.369750,VS0,VE127
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 4617
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/thumbnail-5_0.jpg | 151.101.1.91 | 200 OK | 40 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/thumbnail-5_0.jpg IP151.101.1.91:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Hash4f79bfa7b0fac70e78f4fdc0e0051056 6b329a9ae23551abdb12b3e95c2cb1ef869202c1 b01911bc977620c3cde97c32c1db529627b0de61664cf9129d1135d7b803b68c
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 39545
x-guploader-uploadid: ABPtcPqetCKGCZlsWjG38meQHlasMZfT359FTfnbICDKqHUgKOmv0tebIhiMvdQHnUo-EDvwnXW2HBVQaOHNd9bIMBNzBg
cache-control: public, max-age=31104000
expires: Mon, 11 Nov 2024 08:43:36 GMT
last-modified: Tue, 31 Oct 2023 00:59:37 GMT
etag: "4f79bfa7b0fac70e78f4fdc0e0051056"
x-goog-generation: 1698713977901564
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 39545
content-type: image/jpeg
x-goog-hash: crc32c=pEjUPA==, md5=T3m/p7D6xw549P3A4AUQVg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 651749
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210147-DFW, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 86, 0
x-timer: S1713239651.609611,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 699
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 3
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:11 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=5BB5LWGspe9cAMACRMnCUr&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=46,208,1 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=5BB5LWGspe9cAMACRMnCUr&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=46,208,1 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=5BB5LWGspe9cAMACRMnCUr&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=46,208,1 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4njthq19e90t2fqb0
access-control-allow-origin: https://btm-btm-btm.lpages.co
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:14 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Epe9JUJKLmLfsAP5ffwhfr&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=126,369,1,783 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Epe9JUJKLmLfsAP5ffwhfr&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=126,369,1,783 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=Epe9JUJKLmLfsAP5ffwhfr&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=126,369,1,783 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4njvusqbch8ncl2s0
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:14 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44f0v874108444z8812088355za200&_p=1713239648642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=883848914.1713239649.&upn.variant_id=0&upn.experiment_id=0&tfd=9107 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44f0v874108444z8812088355za200&_p=1713239648642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=883848914.1713239649.&upn.variant_id=0&upn.experiment_id=0&tfd=9107 IP216.239.34.36:443
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44f0v874108444z8812088355za200&_p=1713239648642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=883848914.1713239649.&upn.variant_id=0&upn.experiment_id=0&tfd=9107 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Tue, 16 Apr 2024 03:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 | 35.202.21.90 | 200 OK | 105 kB |
URL User Request GET HTTP/2go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP35.202.21.90:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subjectgo.behindthemarkets.com Fingerprint4A:3D:1B:98:93:1B:AD:19:29:33:73:D5:E7:97:F3:FE:CD:F6:00:39 ValidityMon, 25 Mar 2024 11:10:43 GMT - Sun, 23 Jun 2024 11:10:42 GMT
Size105 kB (105223 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 HTTP/1.1
Host: go.behindthemarkets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
last-modified: Fri, 01 Mar 2024 15:00:17 GMT
etag: W/"564907afbe9839d8ba4bf4c5fd8701f3"
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
|
|
| btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 | 35.202.21.90 | 200 OK | 92 kB |
URL GET HTTP/2btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 IP35.202.21.90:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerLet's Encrypt Subject*.lpages.co FingerprintCA:40:9C:FC:AC:6F:98:FA:56:12:19:F4:C1:EE:D8:E4:CC:98:8E:A1 ValidityWed, 21 Feb 2024 15:49:11 GMT - Tue, 21 May 2024 15:49:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 HTTP/1.1
Host: btm-btm-btm.lpages.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:09 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
last-modified: Fri, 21 Jul 2023 16:50:20 GMT
etag: W/"571c0abe3dd531a3a79a37901a257502"
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 | 0.0.0.0 | | 0 B |
URL GET fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 IP0.0.0.0:0
Requested byhttps://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| go.goodlifestylenews.com/KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta | 172.67.172.49 | 302 Found | 105 kB |
URL User Request GET HTTP/2go.goodlifestylenews.com/KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta IP172.67.172.49:443
CertificateIssuerGoogle Trust Services LLC Subjectgoodlifestylenews.com FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40 ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT
Size105 kB (105223 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:06 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8]
cache-control: max-age=600
expires: Tue, 16 Apr 2024 04:04:05 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbvJ0gs9DkEhQHutjzWL3R3YXdl5IFDZy3tSg9C%2B7EWHuJWuuDpPgTHBBrtqRE%2F4DHV5iXQjX5a0HV5DHC5XivpTptCSLdu2589F5kmVH6bOGIRM%2Fc5%2Fe11Edv8ujzfjStL6ptgjlSkPilY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87513b692f1fb524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.behindthemarkets-btm.com/7BZ2W/5XTBKP/?sub1=3415441913363328932 | 172.67.212.142 | 302 Found | 105 kB |
URL User Request GET HTTP/2www.behindthemarkets-btm.com/7BZ2W/5XTBKP/?sub1=3415441913363328932 IP172.67.212.142:443
CertificateIssuerLet's Encrypt Subjectbehindthemarkets-btm.com FingerprintCB:C3:56:D1:00:87:27:BD:0E:F2:9E:CE:DA:B7:08:88:CB:02:77:14 ValidityMon, 26 Feb 2024 12:58:33 GMT - Sun, 26 May 2024 12:58:32 GMT
Size105 kB (105223 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7BZ2W/5XTBKP/?sub1=3415441913363328932 HTTP/1.1
Host: www.behindthemarkets-btm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html; charset=utf-8
location: https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
set-cookie: uniqueClick_5XTBKP=8979a266-8eae-44c1-98c6-0fe98f241b58:1713239647; Path=/; Expires=Wed, 17 Apr 2024 03:54:07 GMT; SameSite=None
transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7; Path=/; Expires=Mon, 15 Jul 2024 03:54:07 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 1bf5fc41-6f31-4b87-a425-81bb92873178
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEBEFZmgLYKjwkM%2FmGR5t%2FfURmyqhjYlW7dD0fH1%2BVvrUkiSC0s8PInVYgom1QHVtbGPLLOKWM35Ji2iSZbxgLt8oGBpFeHMqYxsMSUZp9g3ynr74TnhJ5Ou8SbsOutzgaE6eKeQM26SulPM6QcX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87513b738de65690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 | 142.250.74.74 | 200 OK | 24 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 IP142.250.74.74:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hashd26d9179ea2b7413f5868794fd7f3eb9 6be7f7298a61f6df7812cee4fab963b1a2060419 5be81fce7768759e3209cd9b9178e7da5a8af2fed44b740e7fd27bb2b7f04b79
GET /css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 03:54:09 GMT
date: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|