Report - go.goodlifestylenews.com/KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta

Report Overview

Submitted URL
go.goodlifestylenews.com/KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta
IP
172.67.172.49
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 03:54:34
Access
public
Website Title
BTM - King Kong - VSL
Final URL
go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.leadpages.net	35995	2012-11-07	2016-05-28	2024-04-15	1.3 kB	45 kB	34.107.203.240
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-15	989 B	33 kB	142.250.74.74
api.leadpages.io	33876	2014-09-17	2016-01-27	2024-04-15	4.1 kB	2.7 kB	35.192.151.63
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-15	3.3 kB	261 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-15	1.8 kB	382 kB	142.250.74.168
www.google.no	25607	2001-02-26	2016-04-05	2024-04-15	597 B	578 B	142.250.74.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-15	2.0 kB	888 B	216.239.34.36
go.behindthemarkets.com	815375	2017-03-30	2019-08-20	2024-04-16	633 B	106 kB	35.202.21.90
embed.lpcontent.net	50471	2020-06-17	2020-06-20	2024-04-15	428 B	15 kB	34.107.203.240
analytics-ingress-global.bitmovin.com	47119	2013-01-21	2017-08-18	2024-04-15	514 B	487 B	35.190.27.197
stats.vidalytics.com	153185	2007-05-15	2017-02-08	2024-04-15	3.1 kB	2.7 kB	107.178.211.97
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02	2024-04-14	592 B	106 kB	172.67.172.49
www.behindthemarkets-btm.com	848293	2021-03-09	2021-03-11	2024-04-15	523 B	106 kB	172.67.212.142
verifiedwebpage.com	unknown	2022-03-23	2022-03-23	2024-04-15	615 B	74 kB	104.18.21.187
js.center.io	39001	2011-09-13	2017-01-30	2024-04-13	1.6 kB	10 kB	216.239.32.21
fast.vidalytics.com	218005	2007-05-15	2017-02-08	2024-04-15	5.7 kB	1.1 MB	151.101.1.91
lh3.googleusercontent.com	66	2008-11-17	2012-05-22	2024-04-15	2.7 kB	107 kB	142.250.74.161
btm-btm-btm.lpages.co	unknown	2017-03-15	2022-07-01	2024-04-15	691 B	92 kB	35.202.21.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (37)

	URL	Size	First Seen	Last Seen
	unknown	16 B	2023-04-10	2024-04-29
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-04-29 19:08:26 Times Seen33905 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	515 B	2023-08-20	2024-04-16
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-20 19:21:53 Last Seen2024-04-16 05:54:36 Times Seen17 Hash ed7f954571e264b2b9d4103536c5419e eac7299ab99e32b6d3964383e559c2938c9039d2 552348fdce77fc6c9674b0abf7b43490a1a7eb4d71f0c3915ad3d448e9910e9b Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	414 B	2023-03-08	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:09:05 Last Seen2024-04-26 14:03:05 Times Seen239 Hash 0f1c1e338722cb680190732c4e8e3f3e de7e63cbcce170f77302100562443128f115ecbc ee29e0be4ce3b2f3bcfeddbb30b7594cc151657feba8d3760fb9835311116216 Loading...

	unknown	314 B	2023-07-16	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-16 06:53:04 Last Seen2024-04-26 14:03:05 Times Seen139 Hash 4acb04b112dbbf49b9a8988722930179 2a677bc92272c6759ac640147670bc0c01c8b2ae c482ce11ea1939e7f4038b6f34084495d4e600584f431a1a0c7a764942cebb70 Loading...

	unknown	130 B	2023-12-14	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-14 19:00:58 Last Seen2024-04-26 14:03:05 Times Seen79 Hash 5ccee94c3094f38854210fccb675d50c 4655afbce35d739a1ea597ddeab5d22865ce4812 e48cb8ba68c82d6ea5b62c5ae4026116b6aecaa78f162070dafa756ce810ac1b Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	2.2 kB	2023-05-24	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 15:27:27 Last Seen2024-04-26 14:03:05 Times Seen84 Hash 132140ff41ff2b8093f5a0a17c2325ba 44cd600e1275977b3a737d7457f66d0c14e2cd07 5226f2e021abca13d2abd5fbda97c85f0a66841db67f2091fc1edf2bfcf91bda Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	917 B	2023-11-01	2024-04-16
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-01 05:20:02 Last Seen2024-04-16 05:54:36 Times Seen15 Hash 920145483f8f5e4790eb9850cdea145c 57ed07d4552d8ac61a0fdf1b06812bbdb9f1bb07 12a62c06f7971ebefe0ccf16901e6f0cd0b22a25c72a1885bd60d7a62faa5fa6 Loading...

	js.center.io/center.js	13 kB	2023-03-07	2024-04-26
Pretty URL js.center.io/center.js IP 216.239.32.21 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:06 Times Seen1112 Hash 60f05ff45d707fe36d87b75bf181800d e34d94b519ed465481596bcff099467feb0aafdd cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	2.9 kB	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:05 Times Seen439 Hash a3faab281a519d4ece6839d53701c840 4d0935708bd081919188e521931ce14f3cc7c59e ae42a47bdc6093b78f0b62277fab3d311c56337621d945fbc3c68d3216fd4343 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX	327 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 05:54:36 Last Seen2024-04-16 05:54:36 Times Seen2 Hash 017e8258df365ec2661a05bcc2c48e72 ec60bdd2dd2cd453856f94b55a6aa43514472b19 6e342081d480b2c0dc2d691d713369d5ce13a363a9cb9774c81b2050b5e96bac Loading...

	btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5	447 B	2023-08-20	2024-04-16
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-20 19:21:53 Last Seen2024-04-16 05:54:36 Times Seen17 Hash c03f559a3e0487852e50ba830fd13b57 797effd759fd32abf70a0a5a7483fd2b331e1286 1a9852c38e49e7905bd57dcc8ec6b3c20ed0df973df8da28cd327d9b321b63f5 Loading...

	go.behindthemarkets.com/f1a52bc3-ac67-4000-8078-f68c564a52ec	1.0 MB	2024-03-17	2024-04-26
Pretty URL go.behindthemarkets.com/f1a52bc3-ac67-4000-8078-f68c564a52ec IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-17 02:09:08 Last Seen2024-04-26 14:03:06 Times Seen44 Hash e91192bb73361bd71ca6c57fd7574a0b b7067fd0be088bdc811438955959baba4f75f48b fe68b0da3eb42ca233dc9558748f676f541e583efa272b9c8ac39e2be4e71744 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	3.6 kB	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:05 Times Seen427 Hash c164a88f770902ca8e62a5e399e32018 9d1ca269500112216a2b19d25b8c25440b2e89ba c53f0864a6382bf6866e66f734b2682161eb97cebed43234daf7ab086b4ca8c0 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	582 B	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:05 Times Seen435 Hash 24959da5977b7558ff59cd5acdf88a1e 43c70045dc13d59dc973e90432261325421d8549 71e5a7aff94fa6fd0a971d99e54814a4131a061f2e361ffc73a5a6ef11d1062a Loading...

	www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c	310 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 05:54:36 Last Seen2024-04-16 05:54:36 Times Seen2 Hash c18f966fd72af9e472fba3a17d5b8695 3469261b9315beef238800f6592c361eb2d04b85 5432d63cfe1751bccbd67bc7bae4fe650581e019900a6308fb6443a57b7ea23e Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	7.1 kB	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:05 Times Seen427 Hash 54fcbe8bf78f4a60f28e2cdb6e694d36 20b842db1ad9bd92eed8c854065b761a84f69e27 72ceea7d54bdaa348bf0f1e1545e148dd2e9c248a2ca70482f8b5f0047587b4f Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	2.5 kB	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:05 Times Seen427 Hash 0e02738ac706f2cc3dfb299a7fce970e 664081b30b8d227de4a54aca59e51f9c79986052 c36eb45451b0743dc65ca4bcfebc51511584a351ed4e6c8d98685b7eca9ddc26 Loading...

	www.googletagmanager.com/gtag/js?id=AW-660882099	257 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=AW-660882099 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 05:54:36 Last Seen2024-04-16 05:54:37 Times Seen2 Hash 2fcdd32725a96d4dd65ffefc47261969 1dff81023a2fbc9b51bf55efd05d6ba79c6a56b1 cdc5ecbee5a047d88c2bce3ed79ceeb51a68d23c245e0ae7af57052d1fc06f50 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	1.1 kB	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:06 Times Seen435 Hash f243709fadf6e072fd4fc43a139860e6 21692bdbc65edff8eca41e13d7036235f8ece36f 942275c3ece75f2592f4947d4e306a2a594de12dddd152ca13eafb747166a35c Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-29
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 19:10:27 Times Seen342704 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	5.4 kB	2023-05-15	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-15 23:35:04 Last Seen2024-04-26 14:03:06 Times Seen325 Hash fc0b8de8bf07fe1f20ecbf76e15f87aa 57950c0b8f0f6768b595fd74ec115f032b03f9ed cf61f4a4f3c09feac95f312fe0115655571a65979b16e2c3468cd422a1ba0b8f Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	347 B	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:06 Times Seen439 Hash 324d070d383d7e171663391494e4eaf1 147167b389b5672075f113a03583378a22149967 3dfd8ef986ba39418b44b6eeef78e69bb8d04e786e7479c37087cb70b4fa9c84 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	181 B	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:21:00 Last Seen2024-04-26 14:03:06 Times Seen410 Hash 03c6f9076ca3a4dee82dff97b28e6e5f 34e14b9e6b7f1f25bacd50142f395e4409ca74f6 74b2d22da3e536e007235a166b47e5498591fef8dd5723ffedfbf5a89cd97aa6 Loading...

	embed.lpcontent.net/leadboxes/current/embed.js	43 kB	2023-03-07	2024-04-26
Pretty URL embed.lpcontent.net/leadboxes/current/embed.js IP 34.107.203.240 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:06 Times Seen641 Hash 7efcfabdb6209627ce8b016b1c4814eb f3b8ebfc5fe452333c0fa14b15b28567f30921b9 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296 Loading...

	fast.vidalytics.com/embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js	22 kB	2024-04-11	2024-04-16
Pretty URL fast.vidalytics.com/embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js IP 151.101.1.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-11 00:54:26 Last Seen2024-04-16 05:54:36 Times Seen8 Hash 661f3a47ba832715dff25c26711e7eb9 c59a3754c26dcd37c3478a4d6a89d874201d36f8 c98ecf5ac3926f1612f37dae46cf6c73350ff28054c2307090481e2745c335d0 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	461 B	2023-03-08	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:09:05 Last Seen2024-04-26 14:03:06 Times Seen281 Hash e9565aa95958c3f427dd710f00d4a092 c596f2b7d288537ccac2c83942fe24643166ccea f36c51fc4c2bfd0402dc43fc85669439adc251635fa6db4600570b3766c07b99 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/sandbox%20eval%20code	147 B	2023-04-11	2024-04-29
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-29 19:10:28 Times Seen343205 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	889 B	2023-03-07	2024-04-26
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:21:00 Last Seen2024-04-26 14:03:06 Times Seen394 Hash e836a223299c66996d922f90cb0a7ed3 8bf67c5a1042829803fc04c4b047ec9f5482bf70 c77e92eba359ee71dbbc3d949be51ac51788cb30ef685ef643bf5c8961d7eff1 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	159 B	2023-08-20	2024-04-16
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-20 19:21:53 Last Seen2024-04-16 05:54:36 Times Seen17 Hash fc8b14546ecff07165975fa2e9ed8efa 7bfcbbd6c37e238f759d64674e21719b5bf889a6 7aed192db6e45952051045b46129c2839cc6552fb82b3c2271e387ba825fc1d3 Loading...

	www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c	248 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 05:54:36 Last Seen2024-04-16 05:54:36 Times Seen2 Hash f4ce7ec99d42317ce06548e40dd801ca 2007ccd238e54577d00b0a82188e843a73cf9aa0 8c2338eb3e431a97cd33234874bed0e8cccb0ddf88615c0dbea20b3872c9399a Loading...

	btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5	4.0 kB	2023-03-07	2024-04-26
Pretty URL btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:19 Last Seen2024-04-26 14:03:06 Times Seen288 Hash ab3f007f9ddbf0f4583e6002fec81753 64833abe13132a7220b56d21255b5c5a4e8a0c0f 44a8607238597f4d1d1c5bd6cce5f871b987105d969aa5d492e1f37e23aca407 Loading...

	go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100	704 B	2024-03-19	2024-04-16
Pretty URL go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 IP 35.202.21.90 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-19 21:43:10 Last Seen2024-04-16 05:54:36 Times Seen5 Hash c513e78274535c644171905bd12b6d23 0367c4f600612943fad4b3fdbd5634a6ecb5e862 129a7cc8fca0da4012208c36143fe27919f0f3964ee7d947dac2c148501aebf4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4fe7374212694d79957cd9a1bb8fdef2	126 B	2023-03-08	2024-04-26
Pretty Observations First Seen2023-03-08 02:09:05 Last Seen2024-04-26 14:03:06 Times Seen239 Hash 4fe7374212694d79957cd9a1bb8fdef2 010e231568ee9c1bd7f2460c5a79da7f557fcc9a 93a694caf72303625617cfe8edbe6444a43454c3e34613487a74188f783c1e58 Loading...

	#2 Eval - 70067a5e54adbe9d9567c09470b0a617	92 B	2023-03-08	2024-04-26
Pretty Observations First Seen2023-03-08 02:09:05 Last Seen2024-04-26 14:03:06 Times Seen239 Hash 70067a5e54adbe9d9567c09470b0a617 4a47e4781b5bac3cdd38247db3fb87c63336c31a ad86521431911b76d497d5ebf350060c89e901d2bed2ebfa8a0d7b751b96f860 Loading...

	#3 Eval - c562c4c65e042d8c48ba39c3cf21e111	129 B	2023-07-16	2024-04-26
Pretty Observations First Seen2023-07-16 06:53:04 Last Seen2024-04-26 14:03:06 Times Seen138 Hash c562c4c65e042d8c48ba39c3cf21e111 0e1fded0f7e2ddd263830f8fbcedc883b1e2aca9 4c2f2b659be02e1baf0cf031d327ea963e56a80bb6baa7a07967a71514205375 Loading...

	#4 Eval - a434d8d70086c5b541cf953d46a6fcf9	65 B	2023-11-21	2024-04-26
Pretty Observations First Seen2023-11-21 15:38:37 Last Seen2024-04-26 14:03:06 Times Seen132 Hash a434d8d70086c5b541cf953d46a6fcf9 651ac529314c0915b3d6f9af6dbf366d5e020ab6 bd79f3bace96866d957bfa99c34951689148707899756824ce4e9c0d1726ff37 Loading...

	#5 Eval - 0a94139e4615771d6d97fb3d968225b2	80 B	2023-03-08	2024-04-26
Pretty Observations First Seen2023-03-08 02:09:05 Last Seen2024-04-26 14:03:06 Times Seen238 Hash 0a94139e4615771d6d97fb3d968225b2 ede8882cf509b54d78f9ae6d0983cb4466a633b6 ca0059abf25af68454df89030c51cb41e112e2fa58ebb0b2ffa85b3fc6fee883 Loading...

HTTP Transactions (56)

URL IP Response Size

static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css

34.107.203.240

200 OK

27 kB

URL GET HTTP/2
static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
IP
34.107.203.240:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subjectstatic.leadpages.net
FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77
ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT

File type
ASCII text, with very long lines (52276)
Size
27 kB (26836 bytes)
Hash
5222e06b77a1692fa2520a219840e6be
8b4236206a8b86af3761a244277663046d7ff7ee
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

HTTP Headers

GET /fonts/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: b6534fd7ba1e5ea59d10a086396a2dbd
content-encoding: gzip
server: Google Frontend
via: 1.1 google
date: Sat, 06 Apr 2024 05:03:22 GMT
expires: Sun, 06 Apr 2025 05:03:22 GMT
cache-control: public, max-age=31536000
etag: "-6uIpg"
content-type: text/css
vary: Accept-Encoding
content-length: 26836
age: 859846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

embed.lpcontent.net/leadboxes/current/embed.js

34.107.203.240

200 OK

15 kB

URL GET HTTP/2
embed.lpcontent.net/leadboxes/current/embed.js
IP
34.107.203.240:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subjectembed.lpcontent.net
FingerprintFD:A4:56:03:B6:BA:9C:FD:30:9B:68:CA:EE:56:98:E7:5E:5F:4A:21
ValidityTue, 26 Mar 2024 23:09:25 GMT - Tue, 25 Jun 2024 00:02:39 GMT

File type
JavaScript source, ASCII text, with very long lines (30758)
Size
15 kB (14811 bytes)
Hash
7efcfabdb6209627ce8b016b1c4814eb
f3b8ebfc5fe452333c0fa14b15b28567f30921b9
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

HTTP Headers

GET /leadboxes/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 2ae4014f12ee141821a8fd4e709135b3
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14811
date: Tue, 16 Apr 2024 03:54:08 GMT
expires: Tue, 16 Apr 2024 03:59:08 GMT
cache-control: public, max-age=300
etag: "-6uIpg"
content-type: application/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700

142.250.74.74

200 OK

7.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
7.7 kB (7683 bytes)
Hash
60e015ed6e85f5ece1c6e4cfc76a45dd
7435e1d9f1a3534552d78f5a6595293ec89691a1
78cb8d2f4d488252b6c33f9da294c405975767d7242d5b640e8007220a791379

HTTP Headers

GET /css?family=Roboto+Condensed:300,400,500,700|Roboto:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 03:54:08 GMT
date: Tue, 16 Apr 2024 03:54:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8]

104.18.21.187

302 Found

74 kB

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8]
IP
104.18.21.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56
ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT

File type
data
Size
74 kB (73493 bytes)
Hash
fa6a10370db95fc6e5fcde816444978c
90a051b887b541d0744177c6554e4fdddcb92552
1760d5d8486a14c47b550665bb20e3c2bf50a58fb24ff2cbe7f97be8fcff0e48

HTTP Headers

GET /go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8] HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html; charset=UTF-8
location: https://www.behindthemarkets-btm.com/7BZ2W/5XTBKP/?sub1=3415441913363328932
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=30162c6f08097dda9f0c6ae1191e2636; path=/
pixel_session_hash_32417=3415441913363328932; expires=Thu, 16-May-2024 03:54:05 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_32417=138a7d1eb22bc95cbfb339301389135144f3a0fcd201867c57501019dc07bdcb; expires=Thu, 18-Apr-2024 03:54:05 GMT; Max-Age=172800
__cf_bm=q32vCI3UaMHXFxQa1_9KlLRv9f_hYu4tuP_hZmAsnQU-1713239647-1.0.1.1-m5ls6tmbQkZKrgrWorPSUgHIBKL6G2UqUIFAw8kn.vjUnfhC9MTLQNJsRMVYaGLf573IiRjFm0Fh4dvcM4QuPg; path=/; expires=Tue, 16-Apr-24 04:24:07 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87513b6d790a56b9-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

216.58.207.227

200 OK

51 kB

URL GET HTTP/2
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 Apr 2024 02:08:09 GMT
expires: Thu, 10 Apr 2025 02:08:09 GMT
cache-control: public, max-age=31536000
age: 524759
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.center.io/identify.html

216.239.32.21

200 OK

2.0 kB

URL GET HTTP/2
js.center.io/identify.html
IP
216.239.32.21:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4
ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT

File type
HTML document, ASCII text, with very long lines (612)
Size
2.0 kB (2016 bytes)
Hash
0ba3629e9c8b8af4c7a13d344978898a
c05b5c80e1eec6e630547ecfacf11eb86391e4b6
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

HTTP Headers

GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-cloud-trace-context: 64d834abb62848afee8f967d2ebd8a1a
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Tue, 16 Apr 2024 03:53:32 GMT
expires: Tue, 16 Apr 2024 03:58:32 GMT
cache-control: public, max-age=300
age: 36
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 16:27:38 GMT
expires: Wed, 09 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 559590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX

142.250.74.168

200 OK

104 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (30332)
Size
104 kB (103589 bytes)
Hash
017e8258df365ec2661a05bcc2c48e72
ec60bdd2dd2cd453856f94b55a6aa43514472b19
6e342081d480b2c0dc2d691d713369d5ce13a363a9cb9774c81b2050b5e96bac

HTTP Headers

GET /gtm.js?id=GTM-WNRH3TX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:08 GMT
expires: Tue, 16 Apr 2024 03:54:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 436748
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js

151.101.1.91

200 OK

7.9 kB

URL GET HTTP/2
fast.vidalytics.com/embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21917), with no line terminators
Size
7.9 kB (7858 bytes)
Hash
661f3a47ba832715dff25c26711e7eb9
c59a3754c26dcd37c3478a4d6a89d874201d36f8
c98ecf5ac3926f1612f37dae46cf6c73350ff28054c2307090481e2745c335d0

HTTP Headers

GET /embeds/PzpZ_7KZ/WBMoaFX43SbGJsaM/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 32
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
age: 1640
date: Tue, 16 Apr 2024 03:54:08 GMT
x-served-by: cache-dfw-kdal2120038-DFW, cache-hel1410024-HEL
x-cache: HIT, MISS
x-cache-hits: 18, 0
x-timer: S1713239649.827867,VS0,VE128
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7858
X-Firefox-Spdy: h2

static.leadpages.net/images/favicon.ico

34.107.203.240

2.6 kB

URL GET
static.leadpages.net/images/favicon.ico
IP
34.107.203.240:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subjectstatic.leadpages.net
FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77
ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
2.6 kB (2594 bytes)
Hash
0210a839146c090d313d070610e16bd2
f87bd57affad1046bf0f44db93f7c23304e43d55
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 3530dc0fd7e80fddf6dd4ba9f8cc43ad
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 2594
date: Tue, 16 Apr 2024 03:53:24 GMT
expires: Tue, 16 Apr 2024 03:58:24 GMT
cache-control: public, max-age=300
age: 45
etag: "-6uIpg"
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16

142.250.74.161

200 OK

251 B

URL GET HTTP/2
lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
PNG image data, 16 x 3, 8-bit/color RGBA, non-interlaced
Size
251 B (251 bytes)
Hash
b73a89df13870206d4104c99ec9973c5
dba02bf1f1c06839760da64a0739327a0d20019b
47901a3ecf1fc1e211131e3e6453422084b56e34b9a4ef14a123e48168c62937

HTTP Headers

GET /tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 251
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:03:47 GMT
expires: Wed, 17 Apr 2024 03:03:47 GMT
cache-control: public, max-age=86400, no-transform
age: 3022
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16

142.250.74.161

200 OK

377 B

URL GET HTTP/2
lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
PNG image data, 16 x 6, 8-bit/color RGB, non-interlaced
Size
377 B (377 bytes)
Hash
ed4137102d21623f529b27def8c75cb2
6e42b34bb4dd05ca21d3080cf053428b1d22b542
fe29fbc2a49916e11f94d481b36086c3032902f8414df1f9de6afcca8e4eb7f9

HTTP Headers

GET /Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 377
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:03:47 GMT
expires: Wed, 17 Apr 2024 03:03:47 GMT
cache-control: public, max-age=86400, no-transform
age: 3022
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c

142.250.74.168

200 OK

86 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
86 kB (86369 bytes)
Hash
f4ce7ec99d42317ce06548e40dd801ca
2007ccd238e54577d00b0a82188e843a73cf9aa0
8c2338eb3e431a97cd33234874bed0e8cccb0ddf88615c0dbea20b3872c9399a

HTTP Headers

GET /gtag/js?id=AW-16454845358&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86369
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c

142.250.74.168

200 OK

100 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (15506)
Size
100 kB (100468 bytes)
Hash
c18f966fd72af9e472fba3a17d5b8695
3469261b9315beef238800f6592c361eb2d04b85
5432d63cfe1751bccbd67bc7bae4fe650581e019900a6308fb6443a57b7ea23e

HTTP Headers

GET /gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=AW-660882099

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-660882099
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
89 kB (88627 bytes)
Hash
2fcdd32725a96d4dd65ffefc47261969
1dff81023a2fbc9b51bf55efd05d6ba79c6a56b1
cdc5ecbee5a047d88c2bce3ed79ceeb51a68d23c245e0ae7af57052d1fc06f50

HTTP Headers

GET /gtag/js?id=AW-660882099 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=s16

142.250.74.161

200 OK

952 B

URL GET HTTP/2
lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=s16
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=hexagon concept design abstract technology background vector EPS10, software=Picasa], baseline, precision 8, 16x10, components 3
Size
952 B (952 bytes)
Hash
518192098c36973d0d63a27cdf90fbe7
5041622c3427e1aa50a74810122a91685a95701c
4086c91f85bfe320fbca5e031fd3257487b98f8c14a930a1035e3db61f83ce93

HTTP Headers

GET /mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=s16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 952
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Wed, 17 Apr 2024 03:54:09 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/players/v.4.3.3.000-vid-prod/player.min.js

151.101.1.91

200 OK

266 kB

URL GET HTTP/3
fast.vidalytics.com/players/v.4.3.3.000-vid-prod/player.min.js
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
266 kB (266243 bytes)
Hash
e91192bb73361bd71ca6c57fd7574a0b
b7067fd0be088bdc811438955959baba4f75f48b
fe68b0da3eb42ca233dc9558748f676f541e583efa272b9c8ac39e2be4e71744

HTTP Headers

GET /players/v.4.3.3.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 266243
x-guploader-uploadid: ABPtcPpE4K4hRFg91e5Swdl_ZNzVkGeFwemz67K0KxgmERb1lyi0gDJW7co_XmY1-LU9C9RkcxYIQsXYxA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Wed, 10 Apr 2024 08:41:05 GMT
last-modified: Mon, 11 Mar 2024 08:36:30 GMT
etag: "23462b16f3d8a48814f6f216d08b940c"
x-goog-generation: 1710146190347127
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 266243
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=hXdP3Q==, md5=I0YrFvPYpIgU9vIW0IuUDA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 949494
date: Tue, 16 Apr 2024 03:54:09 GMT
x-served-by: cache-dfw-kdfw8210130-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 51248, 0
x-timer: S1713239649.403855,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=w1280

142.250.74.161

200 OK

34 kB

URL GET HTTP/2
lh3.googleusercontent.com/mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=w1280
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, description=hexagon concept design abstract technology background vector EPS10, software=Picasa], baseline, precision 8, 1280x768, components 3
Size
34 kB (33488 bytes)
Hash
baff1c8f6527160e5f205142ad21febe
ee212081c047b4ff9cbc671d6b1a38c748c376f7
405ef1241ea0c0ab000d03cbb1c7e2f29560fc5ae15d403a28f3a9d8be17d098

HTTP Headers

GET /mV-NDRpEblU6YgLZNxo0oma4Wjk2nMckxLyJEB9pd7kFaJ7kJAyWOf3ABjLu0xKzwwtPgsjXv5uMHVKY_T4pVCJi-_5P-ypHBLWh=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 33488
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:54:09 GMT
expires: Wed, 17 Apr 2024 03:54:09 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css

34.107.203.240

200 OK

15 kB

URL GET HTTP/3
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP
34.107.203.240:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectstatic.leadpages.net
FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77
ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT

File type
ASCII text, with very long lines (58749)
Size
15 kB (14628 bytes)
Hash
84d8ad2b4fcdc0f0c58247e778133b3a
6f33eae92d42fe209167139940a0ad6a3c6c167e
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

HTTP Headers

GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 7b72605057de8853f8e674100e7e6ccd
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Sat, 13 Apr 2024 14:31:54 GMT
expires: Sun, 13 Apr 2025 14:31:54 GMT
cache-control: public, max-age=31536000
age: 220935
etag: "-6uIpg"
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2

216.58.207.227

200 OK

45 kB

URL GET HTTP/2
fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44584, version 1.0
Size
45 kB (44584 bytes)
Hash
e04669366cda1aca21161f9e22bac3ae
157532ec5cdb07c395eb96aa6e9d0de1eeb869a7
43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47

HTTP Headers

GET /s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:38:09 GMT
expires: Fri, 11 Apr 2025 02:38:09 GMT
cache-control: public, max-age=31536000
age: 436560
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.center.io/center.js

216.239.32.21

200 OK

5.4 kB

URL GET HTTP/2
js.center.io/center.js
IP
216.239.32.21:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4
ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT

File type
JavaScript source, ASCII text, with very long lines (566)
Size
5.4 kB (5417 bytes)
Hash
60f05ff45d707fe36d87b75bf181800d
e34d94b519ed465481596bcff099467feb0aafdd
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

HTTP Headers

GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=FGnWj42sPnuANgDQdZhVkJ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-cloud-trace-context: 8736c587191aa575e07f164d3bcc5513
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Tue, 16 Apr 2024 03:49:52 GMT
expires: Tue, 16 Apr 2024 03:54:52 GMT
cache-control: public, max-age=300
age: 257
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 436749
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 436749
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.center.io/identify.html

216.239.32.21

200 OK

2.0 kB

URL GET HTTP/2
js.center.io/identify.html
IP
216.239.32.21:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subjectjs.center.io
Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4
ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT

File type
HTML document, ASCII text, with very long lines (612)
Size
2.0 kB (2016 bytes)
Hash
0ba3629e9c8b8af4c7a13d344978898a
c05b5c80e1eec6e630547ecfacf11eb86391e4b6
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

HTTP Headers

GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=FGnWj42sPnuANgDQdZhVkJ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
x-cloud-trace-context: c84233c854f2857f9b69c25f91dc84c0
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Tue, 16 Apr 2024 03:53:37 GMT
expires: Tue, 16 Apr 2024 03:58:37 GMT
cache-control: public, max-age=300
age: 32
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2

lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064

142.250.74.161

200 OK

69 kB

URL GET HTTP/3
lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064
IP
142.250.74.161:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F
ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT

File type
PNG image data, 1064 x 197, 8-bit/color RGBA, non-interlaced
Size
69 kB (69027 bytes)
Hash
9b97f6e005b2f1a8e177cc4eb518a109
bbdb7e214525ba28bd16766e81ad9cabd361569d
aaae268765615295c8949b10bcbd2cbca39703e2e7366fd8c52ae1aa536a1435

HTTP Headers

GET /tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 69027
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:03:48 GMT
expires: Wed, 17 Apr 2024 03:03:48 GMT
cache-control: public, max-age=86400, no-transform
age: 3021
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=883848914.1713239649&gtm=45je44f0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=271005403

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=883848914.1713239649&gtm=45je44f0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=271005403
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68
ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=883848914.1713239649&gtm=45je44f0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=271005403 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 16 Apr 2024 03:54:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=GaGK5cmexe3MTLuLyxaEFM&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=FGnWj42sPnuANgDQdZhVkJ&sid=VR7oPmu34ztQfEgoPWPqYc&cid=lp-GaGK5cmexe3MTLuLyxaEFM&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&rf=&rx=1280&ry=1024&tz=%2B00%3A00

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=GaGK5cmexe3MTLuLyxaEFM&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=FGnWj42sPnuANgDQdZhVkJ&sid=VR7oPmu34ztQfEgoPWPqYc&cid=lp-GaGK5cmexe3MTLuLyxaEFM&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&rf=&rx=1280&ry=1024&tz=%2B00%3A00
IP
35.192.151.63:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E
ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/events/capture?k=view&a=leadpage&l=GaGK5cmexe3MTLuLyxaEFM&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=FGnWj42sPnuANgDQdZhVkJ&sid=VR7oPmu34ztQfEgoPWPqYc&cid=lp-GaGK5cmexe3MTLuLyxaEFM&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&rf=&rx=1280&ry=1024&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4nit6tlfuo72nem70
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
set-cookie: view.bb4wMKcXKB896PwqF4vMVT-default-prop.GaGK5cmexe3MTLuLyxaEFM=1713239650000; Domain=api.leadpages.io; expires=Wed, 17 Apr 2024 03:54:09 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
Date: Tue, 16 Apr 2024 03:54:09 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/stream.m3u8

151.101.1.91

200 OK

1.2 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/stream.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
1.2 kB (1190 bytes)
Hash
f926a251127524b57b9fb36b908c05e5
5241394d8dd6572d5e199c6eaf8d7132af679a93
ff3f1f8a11b59def85faab6179a1ecd1cf79cb6dd77f841fa705884c229fd7f7

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1190
x-guploader-uploadid: ABPtcPpJFtJDOuEiI0LRMp02ndzL3D4RCMcbFN9_CIepgYQKdRZdEMn-TWt7sSWl1gna22NjmyqMizgZ1g
cache-control: public, max-age=31104000
expires: Tue, 28 Jan 2025 17:36:43 GMT
last-modified: Tue, 31 Oct 2023 01:43:43 GMT
etag: "f926a251127524b57b9fb36b908c05e5"
x-goog-generation: 1698716623912795
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1190
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=qgkpNQ==, md5=+SaiURJ1JLV7n7NrkIwF5Q==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 648206
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210175-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 204, 0
x-timer: S1713239650.036845,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=295,1,LUmjr7qNYJFaJKUHS39Dqg

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=295,1,LUmjr7qNYJFaJKUHS39Dqg
IP
35.192.151.63:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E
ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=295,1,LUmjr7qNYJFaJKUHS39Dqg HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4niu3pfl65ng0pcag
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:09 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/preview-5_0.jpg

151.101.1.91

200 OK

1.9 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/preview-5_0.jpg
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 107x60, components 3
Size
1.9 kB (1863 bytes)
Hash
80d5fac79b54d4f90238676dafb0e842
33d3fa7812937586abf814b6d85f627158590e30
aef48c72597f4752058d3efe234275d8882ec4d9c9a2f4cf1a19bb6053ab7870

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/preview-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1863
x-guploader-uploadid: ABPtcPqHUpqT1xcR6ht5P9eF2eMGW_Rl16U_W_gN-A2ixpEe9r5OrEHgQVyRRNwoJEMtrCUNux-GXT10lg
cache-control: public, max-age=31104000
expires: Mon, 31 Mar 2025 02:33:35 GMT
last-modified: Tue, 31 Oct 2023 00:59:37 GMT
etag: "80d5fac79b54d4f90238676dafb0e842"
x-goog-generation: 1698713977878956
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1863
content-type: image/jpeg
x-goog-hash: crc32c=91t/rA==, md5=gNX6x5tU1PkCOGdtr7DoQg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 955234
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdal2120022-DFW, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 499, 0
x-timer: S1713239650.054189,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8

151.101.1.91

200 OK

49 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
49 kB (49361 bytes)
Hash
50b3e5a801b5fd7b186cc9e93123cc37
12bdb9b8c8c1ce6ce701aa8bc5a992cf4564bec7
8f4c8e7e3a00aa6c75fff5306e0e085d7b518ed8845a3ca4106494cadb93d33a

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 49361
x-guploader-uploadid: ABPtcPrqrs_tnZxTCqRnLgHAItRK6yx27i9xuRMUz5ClvPB6sQhTaXIOVLMjzhMWkod5mKaDrpXyRo2uuo-BplX1MGz3SjS5FQa6
x-goog-generation: 1698716623940543
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 49361
x-goog-hash: crc32c=tpqcZg==, md5=ULPlqAG1/XsYbMnpMSPMNw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
expires: Fri, 25 Oct 2024 01:48:35 GMT
cache-control: public, max-age=31104000
last-modified: Tue, 31 Oct 2023 01:43:43 GMT
etag: "50b3e5a801b5fd7b186cc9e93123cc37"
content-type: application/vnd.apple.mpegurl
x-lb-backend: gcs-prod
x-lb-cache: hit
accept-ranges: bytes
age: 770441
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210069-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 1131, 0
x-timer: S1713239650.068928,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8

151.101.1.91

200 OK

38 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
M3U playlist, ASCII text
Size
38 kB (38201 bytes)
Hash
e1a9d3c1cb79b46fdaa40188abfd16ac
53500ad65d8766da126081a9df88691f8ae4784a
bdbd70b54e4ca3f20b73fd48f250b24eed5414357c0aa01c10505a86cba5fadc

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 38201
x-guploader-uploadid: ABPtcPrHSjI3otfnre137tk-op7YJluEBQOwI6qWACurwjyTmaFOCGPfQSl_X2wkUALM8GWZbGb1IQz5Q8XtsgB7BqvGFLRVwe_j
x-goog-generation: 1698716623848188
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38201
x-goog-hash: crc32c=8qLImA==, md5=4anTwct5tG/apAGIq/0WrA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
expires: Fri, 25 Oct 2024 01:48:56 GMT
cache-control: public, max-age=31104000
last-modified: Tue, 31 Oct 2023 01:43:43 GMT
etag: "e1a9d3c1cb79b46fdaa40188abfd16ac"
content-type: application/vnd.apple.mpegurl
x-lb-backend: gcs-prod
x-lb-cache: hit
accept-ranges: bytes
date: Tue, 16 Apr 2024 03:54:10 GMT
age: 751862
x-served-by: cache-dfw-kdfw8210033-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 491, 8
x-timer: S1713239650.070882,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/1.ts

151.101.1.91

200 OK

55 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/1.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
55 kB (54708 bytes)
Hash
e4264b153dbeb9615150267593097460
55410a6c08e82ee4fea750f8ecfabded1c9ba472
5ffbd0e98b6367c2948a9caa8503b431da4ac86afd513141f0413d8b98172d68

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 54708
x-guploader-uploadid: ABPtcPrYaV5uYPwfKAfBMVSkr2r5XKpIH072ZIlJkC7DO04ZaHdx4lfG3aV0vQ03XysVtstG4bB4gkcxMg
cache-control: public, max-age=31104000
expires: Thu, 23 Jan 2025 21:04:06 GMT
last-modified: Tue, 31 Oct 2023 01:41:40 GMT
etag: "e4264b153dbeb9615150267593097460"
x-goog-generation: 1698716500854143
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54708
content-type: video/mp2t
x-goog-hash: crc32c=Pi0wWg==, md5=5CZLFT2+uWFRUCZ1kwl0YA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 2980130
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210027-DFW, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 5038, 0
x-timer: S1713239650.155139,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je44f0v874108444z8812088355za200&_p=1713239648642&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3915

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je44f0v874108444z8812088355za200&_p=1713239648642&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3915
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je44f0v874108444z8812088355za200&_p=1713239648642&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3915 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Tue, 16 Apr 2024 03:54:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/video/1280x720_h264_2500000/1.ts

151.101.1.91

200 OK

602 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/video/1280x720_h264_2500000/1.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
602 kB (601976 bytes)
Hash
34292f8276d600fd1bad366b56ab3cad
96dec7df4f06298a908d38026549e5f147d25608
f4c3d881d749ba53bf4640f94a5832d6459442365b5b373589d59092a1f7ea46

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/video/1280x720_h264_2500000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 601976
x-guploader-uploadid: ABPtcPoSIuRfdW62T7XATUmsmKUTjpisSMNROeXDLiL6fB_LpGz2ymG8evfNmYKe5JtMnLvCKxI
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 11:50:57 GMT
last-modified: Tue, 31 Oct 2023 01:40:56 GMT
etag: "34292f8276d600fd1bad366b56ab3cad"
x-goog-generation: 1698716456429699
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 601976
content-type: video/mp2t
x-goog-hash: crc32c=J82Rcw==, md5=NCkvgnbWAP0brTZrVqs8rQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 662593
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdal2120047-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1368, 0
x-timer: S1713239650.112128,VS0,VE131
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

analytics-ingress-global.bitmovin.com/licensing

35.190.27.197

200 OK

77 B

URL POST HTTP/2
analytics-ingress-global.bitmovin.com/licensing
IP
35.190.27.197:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoDaddy.com, Inc.
Subject*.bitmovin.com
FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C
ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT

File type
JSON text data
Size
77 B (77 bytes)
Hash
40f9443d5dc02e385b00b24c1f570269
c0e65fe8f73334d638173b9e33eff4f36d913104
ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f

HTTP Headers

POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 110
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: v1.62.1
date: Tue, 16 Apr 2024 03:54:10 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ

107.178.211.97

200 OK

43 B

URL GET HTTP/2
stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

HTTP Headers

GET /awesome-log?cid=PzpZ_7KZ HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "PzpZ_7KZ/0D5uodr_LHPVHMxq"
date: Tue, 16 Apr 2024 03:54:10 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
X-Firefox-Spdy: h2

api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=57,431,247,738,9,882,1223,1257,2872,2872

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=57,431,247,738,9,882,1223,1257,2872,2872
IP
35.192.151.63:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E
ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=57,431,247,738,9,882,1223,1257,2872,2872 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
x-request-id: 02j4nj1d6lcqmbc09vgg
Date: Tue, 16 Apr 2024 03:54:10 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer&label=lb_embed_leadbox_load&value=705

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer&label=lb_embed_leadbox_load&value=705
IP
35.192.151.63:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E
ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=WGbNnojQz5u2KTJFY5tjLH&kind=timer&label=lb_embed_leadbox_load&value=705 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4nj1fp66qu3eht6dg
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:10 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/2.ts

151.101.1.91

200 OK

57 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/2.ts
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
MPEG transport stream data
Size
57 kB (56776 bytes)
Hash
6a22b9263604e731c2b776c2b603b457
64f676210c7b208e9e45866ab38ed9024582eaf2
699b93941c4ab62d5e4981fc420cf20e76b9e34a7e59514778d0a3dca05030d1

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 56776
x-guploader-uploadid: ABPtcPr95z_0WnuKo0cntalbF0gzAkXVyKCTgfr-p3C0BDsxpsRvargXdrEkIx-wfLD0nneTWgal3OP79fEJ5eteNUoXjE5bLeWp
cache-control: public, max-age=31104000
expires: Fri, 25 Oct 2024 01:52:20 GMT
last-modified: Tue, 31 Oct 2023 01:41:41 GMT
etag: "6a22b9263604e731c2b776c2b603b457"
x-goog-generation: 1698716501722888
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 56776
content-type: video/mp2t
x-goog-hash: crc32c=O/aZxw==, md5=aiK5JjYE5zHCt3bCtgO0Vw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 755956
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210165-DFW, cache-hel1410028-HEL
x-cache: HIT, MISS
x-cache-hits: 1916, 0
x-timer: S1713239650.369750,VS0,VE127
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 4617
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/thumbnail-5_0.jpg

151.101.1.91

200 OK

40 kB

URL GET HTTP/3
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/thumbnail-5_0.jpg
IP
151.101.1.91:443
ASN
#54113 FASTLY

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
40 kB (39545 bytes)
Hash
4f79bfa7b0fac70e78f4fdc0e0051056
6b329a9ae23551abdb12b3e95c2cb1ef869202c1
b01911bc977620c3cde97c32c1db529627b0de61664cf9129d1135d7b803b68c

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 39545
x-guploader-uploadid: ABPtcPqetCKGCZlsWjG38meQHlasMZfT359FTfnbICDKqHUgKOmv0tebIhiMvdQHnUo-EDvwnXW2HBVQaOHNd9bIMBNzBg
cache-control: public, max-age=31104000
expires: Mon, 11 Nov 2024 08:43:36 GMT
last-modified: Tue, 31 Oct 2023 00:59:37 GMT
etag: "4f79bfa7b0fac70e78f4fdc0e0051056"
x-goog-generation: 1698713977901564
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 39545
content-type: image/jpeg
x-goog-hash: crc32c=pEjUPA==, md5=T3m/p7D6xw549P3A4AUQVg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 651749
date: Tue, 16 Apr 2024 03:54:10 GMT
x-served-by: cache-dfw-kdfw8210147-DFW, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 86, 0
x-timer: S1713239651.609611,VS0,VE1
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 448
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 699
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 3
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 407
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:10 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

stats.vidalytics.com/scribe

107.178.211.97

200 OK

16 B

URL POST HTTP/2
stats.vidalytics.com/scribe
IP
107.178.211.97:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
a1cbd35d4488ac8cc6f959d4c633dc37
11844023759429ec785ae1c18e6a9c69803ee2bd
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

HTTP Headers

POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Tue, 16 Apr 2024 03:54:11 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2

api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=5BB5LWGspe9cAMACRMnCUr&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=46,208,1

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=5BB5LWGspe9cAMACRMnCUr&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=46,208,1
IP
35.192.151.63:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E
ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=5BB5LWGspe9cAMACRMnCUr&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=46,208,1 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4njthq19e90t2fqb0
access-control-allow-origin: https://btm-btm-btm.lpages.co
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:14 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Epe9JUJKLmLfsAP5ffwhfr&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=126,369,1,783

35.192.151.63

200 OK

35 B

URL GET HTTP/1.1
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Epe9JUJKLmLfsAP5ffwhfr&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=126,369,1,783
IP
35.192.151.63:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerLet's Encrypt
Subject*.leadpages.io
FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E
ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=Epe9JUJKLmLfsAP5ffwhfr&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=126,369,1,783 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-max-age: 600
x-request-id: 02j4njvusqbch8ncl2s0
access-control-allow-origin: https://go.behindthemarkets.com
access-control-allow-credentials: true
Date: Tue, 16 Apr 2024 03:54:14 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154

region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je44f0v874108444z8812088355za200&_p=1713239648642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=883848914.1713239649.&upn.variant_id=0&upn.experiment_id=0&tfd=9107

216.239.34.36

204 No Content

0 B

URL POST HTTP/3
region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je44f0v874108444z8812088355za200&_p=1713239648642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=883848914.1713239649.&upn.variant_id=0&upn.experiment_id=0&tfd=9107
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-8R6YNFMJ23&gtm=45je44f0v874108444z8812088355za200&_p=1713239648642&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=883848914.1713239649&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713239649&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-king-kong-vsl%2F%3F_ef_transaction_id%3Db4b7b6c3dd9b4fd2b5074c05c3d379e7%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415441913363328932%26iocid%3D%26aff%3D5%26oid%3D100&dt=BTM%20-%20King%20Kong%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=883848914.1713239649.&upn.variant_id=0&upn.experiment_id=0&tfd=9107 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Tue, 16 Apr 2024 03:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100

35.202.21.90

200 OK

105 kB

URL User Request GET HTTP/2
go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
IP
35.202.21.90:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerLet's Encrypt
Subjectgo.behindthemarkets.com
Fingerprint4A:3D:1B:98:93:1B:AD:19:29:33:73:D5:E7:97:F3:FE:CD:F6:00:39
ValidityMon, 25 Mar 2024 11:10:43 GMT - Sun, 23 Jun 2024 11:10:42 GMT

File type

Size
105 kB (105223 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100 HTTP/1.1
Host: go.behindthemarkets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
last-modified: Fri, 01 Mar 2024 15:00:17 GMT
etag: W/"564907afbe9839d8ba4bf4c5fd8701f3"
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2

btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5

35.202.21.90

200 OK

92 kB

URL GET HTTP/2
btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5
IP
35.202.21.90:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerLet's Encrypt
Subject*.lpages.co
FingerprintCA:40:9C:FC:AC:6F:98:FA:56:12:19:F4:C1:EE:D8:E4:CC:98:8E:A1
ValidityWed, 21 Feb 2024 15:49:11 GMT - Tue, 21 May 2024 15:49:10 GMT

File type

Size
92 kB (92085 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5 HTTP/1.1
Host: btm-btm-btm.lpages.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:09 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
last-modified: Fri, 21 Jul 2023 16:50:20 GMT
etag: W/"571c0abe3dd531a3a79a37901a257502"
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2

fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8

0.0.0.0

0 B

URL GET
fast.vidalytics.com/video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8
IP
0.0.0.0:0
ASN
#0

Requested by
https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
Certificate
IssuerSectigo Limited
Subject*.vidalytics.com
Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD
ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/PzpZ_7KZ/kpmOMIUTqOVlfvNM/114467/116255__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

go.goodlifestylenews.com/KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta

172.67.172.49

302 Found

105 kB

URL User Request GET HTTP/2
go.goodlifestylenews.com/KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
105 kB (105223 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /KingKongVSL0923/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:06 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=32417&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&mtaid=mpmta&cid2=[s8]
cache-control: max-age=600
expires: Tue, 16 Apr 2024 04:04:05 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbvJ0gs9DkEhQHutjzWL3R3YXdl5IFDZy3tSg9C%2B7EWHuJWuuDpPgTHBBrtqRE%2F4DHV5iXQjX5a0HV5DHC5XivpTptCSLdu2589F5kmVH6bOGIRM%2Fc5%2Fe11Edv8ujzfjStL6ptgjlSkPilY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87513b692f1fb524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.behindthemarkets-btm.com/7BZ2W/5XTBKP/?sub1=3415441913363328932

172.67.212.142

302 Found

105 kB

URL User Request GET HTTP/2
www.behindthemarkets-btm.com/7BZ2W/5XTBKP/?sub1=3415441913363328932
IP
172.67.212.142:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbehindthemarkets-btm.com
FingerprintCB:C3:56:D1:00:87:27:BD:0E:F2:9E:CE:DA:B7:08:88:CB:02:77:14
ValidityMon, 26 Feb 2024 12:58:33 GMT - Sun, 26 May 2024 12:58:32 GMT

File type

Size
105 kB (105223 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /7BZ2W/5XTBKP/?sub1=3415441913363328932 HTTP/1.1
Host: www.behindthemarkets-btm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html; charset=utf-8
location: https://go.behindthemarkets.com/btm-king-kong-vsl/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&utm_source=5&utm_campaign=&utm_medium=&id=3415441913363328932&iocid=&aff=5&oid=100
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
set-cookie: uniqueClick_5XTBKP=8979a266-8eae-44c1-98c6-0fe98f241b58:1713239647; Path=/; Expires=Wed, 17 Apr 2024 03:54:07 GMT; SameSite=None
transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7; Path=/; Expires=Mon, 15 Jul 2024 03:54:07 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 1bf5fc41-6f31-4b87-a425-81bb92873178
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEBEFZmgLYKjwkM%2FmGR5t%2FfURmyqhjYlW7dD0fH1%2BVvrUkiSC0s8PInVYgom1QHVtbGPLLOKWM35Ji2iSZbxgLt8oGBpFeHMqYxsMSUZp9g3ynr74TnhJ5Ou8SbsOutzgaE6eKeQM26SulPM6QcX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87513b738de65690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700

142.250.74.74

200 OK

24 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://btm-btm-btm.lpages.co/serve-leadbox/LUmjr7qNYJFaJKUHS39Dqg/?_ef_transaction_id=b4b7b6c3dd9b4fd2b5074c05c3d379e7&aff=5&id=3415441913363328932&iocid=&oid=100&utm_campaign=&utm_medium=&utm_source=5
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
24 kB (23824 bytes)
Hash
d26d9179ea2b7413f5868794fd7f3eb9
6be7f7298a61f6df7812cee4fab963b1a2060419
5be81fce7768759e3209cd9b9178e7da5a8af2fed44b740e7fd27bb2b7f04b79

HTTP Headers

GET /css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 03:54:09 GMT
date: Tue, 16 Apr 2024 03:54:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (37)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash