| click.thedailymoneytips.com/btmeodvsl0723/2ff69998b1104c325e8fa4c9724fada2/48/TA_2H23DGI/2129724604/139350/fa5e862d7c11eec74a11925f52883810/63293 | 104.21.33.211 | 302 Found | 15 kB |
URL User Request GET HTTP/2click.thedailymoneytips.com/btmeodvsl0723/2ff69998b1104c325e8fa4c9724fada2/48/TA_2H23DGI/2129724604/139350/fa5e862d7c11eec74a11925f52883810/63293 IP104.21.33.211:443
CertificateIssuerLet's Encrypt Subjectthedailymoneytips.com FingerprintDD:16:B6:B3:71:52:64:84:6B:A4:F0:A5:6F:5C:C7:D1:14:ED:C3:1C ValiditySat, 20 Apr 2024 00:08:31 GMT - Fri, 19 Jul 2024 00:08:30 GMT
File typegzip compressed data, max compression Hash69eb3e24a5d118a13bc59a19ccf0a08a ffaa3255222fd6eb2d79bb962fa92f773e25dfe3 067901b676ca068da1d8a45ae15813e52263257e06ca91aadaa9910304ccc27d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /btmeodvsl0723/2ff69998b1104c325e8fa4c9724fada2/48/TA_2H23DGI/2129724604/139350/fa5e862d7c11eec74a11925f52883810/63293 HTTP/1.1
Host: click.thedailymoneytips.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 Apr 2024 04:45:36 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=2ff69998b1104c325e8fa4c9724fada2&product=30099&ar=48&cid=2129724604&lid=139350&slhash=fa5e862d7c11eec74a11925f52883810&mtaid=63293&cid2=[s8]&cloudf_filter=1
cache-control: max-age=600
expires: Sat, 20 Apr 2024 04:55:35 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MD%2Fje5KInTRaamoMW67ChJ%2BWbhcRfyLZAhKOTAyHg8rZYcsOCxXK4EW%2BM0Cpr7IE%2BlEYfwzgQoeesByor3mG1GtMBpG%2FbiFJOgiXldyHDrFevLChsET5DbjdfLCp9qgom5MJVSxu4icVf2Ktdec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87727c594b1b568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css | 34.107.203.240 | 200 OK | 27 kB |
URL GET HTTP/2static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /fonts/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: b6534fd7ba1e5ea59d10a086396a2dbd
content-encoding: gzip
server: Google Frontend
via: 1.1 google
date: Sat, 06 Apr 2024 05:03:22 GMT
expires: Sun, 06 Apr 2025 05:03:22 GMT
cache-control: public, max-age=31536000
etag: "-6uIpg"
content-type: text/css
vary: Accept-Encoding
content-length: 26836
age: 1208536
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Open+Sans:300,400,500,700 | 142.250.74.106 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Open+Sans:300,400,500,700 IP142.250.74.106:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hash60e015ed6e85f5ece1c6e4cfc76a45dd 7435e1d9f1a3534552d78f5a6595293ec89691a1 78cb8d2f4d488252b6c33f9da294c405975767d7242d5b640e8007220a791379
GET /css?family=Roboto:300,400,500,700|Roboto+Condensed:300,400,500,700|Open+Sans:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 Apr 2024 04:45:38 GMT
date: Sat, 20 Apr 2024 04:45:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.leadpages.net/fonts/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 | 34.107.203.240 | 200 OK | 150 kB |
URL GET HTTP/3static.leadpages.net/fonts/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150020, version 772.1280 Size150 kB (150020 bytes) Hashd5e647388e2415268b700d3df2e30a0d 97f0942c6627ddd89fb62170e5cac9a2cbd6c98c 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
GET /fonts/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://static.leadpages.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 0d40311953903dc970264097f96ce6ab
server: Google Frontend
via: 1.1 google
date: Sat, 06 Apr 2024 16:18:44 GMT
expires: Sun, 06 Apr 2025 16:18:44 GMT
cache-control: public, max-age=31536000
etag: "-6uIpg"
content-type: font/woff2
vary: Accept-Encoding
content-length: 150020
age: 1168014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX | 142.250.74.168 | 200 OK | 103 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (30332) Size103 kB (103389 bytes) Hash51abbbde1bc0a1ad6f836c969824a1b4 6d6627e3018c564bafad91cf18fa921f89af4b87 6b7d8f6f9af7dac55d1ab009d01d68a2794890a477c8a3010b0b885446711613
GET /gtm.js?id=GTM-WNRH3TX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Apr 2024 04:45:38 GMT
expires: Sat, 20 Apr 2024 04:45:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 20 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.center.io/identify.html | 216.239.36.21 | 200 OK | 2.0 kB |
URL GET HTTP/2js.center.io/identify.html IP216.239.36.21:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectjs.center.io Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4 ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT
File typeHTML document, ASCII text, with very long lines (612) Hash0ba3629e9c8b8af4c7a13d344978898a c05b5c80e1eec6e630547ecfacf11eb86391e4b6 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 53dfe44929148e1e47688a476e974d7c
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Sat, 20 Apr 2024 04:44:14 GMT
expires: Sat, 20 Apr 2024 04:49:14 GMT
cache-control: public, max-age=300
age: 84
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 | 216.58.207.227 | 200 OK | 51 kB |
URL GET HTTP/2fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 51404, version 1.0 Hashb904fcdf1c4c6059fadd6893a7bc7619 f41d1674f02616f03ef77d4e84b3ad8ba28a36fc 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 02:08:09 GMT
expires: Thu, 17 Apr 2025 02:08:09 GMT
cache-control: public, max-age=31536000
age: 268649
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 | 216.58.207.227 | 200 OK | 51 kB |
URL GET HTTP/2fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 51404, version 1.0 Hashb904fcdf1c4c6059fadd6893a7bc7619 f41d1674f02616f03ef77d4e84b3ad8ba28a36fc 517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 51404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 02:08:09 GMT
expires: Thu, 17 Apr 2025 02:08:09 GMT
cache-control: public, max-age=31536000
age: 268649
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 303480
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 355867
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 180638
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 86 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-16454845358&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash84a665c81513efd1185088ebf594ef0a b2bd593dea34f0c8a044ad642b70768d753c9000 a34191c2ccfb5a7f1949cf2350f6655f29d8ae77dbc2a323562e57e3b15db55c
GET /gtag/js?id=AW-16454845358&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Apr 2024 04:45:38 GMT
expires: Sat, 20 Apr 2024 04:45:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 20 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86154
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 100 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (15506) Size100 kB (100028 bytes) Hash610ddda2db8da5235e4653125b9dc9a7 e187065a8e28732ac31ffc9ce9e0194362bd0a54 52878353befc21139fa512dcfac412a173c3a95f0f3f17b56fdef724751023d4
GET /gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Apr 2024 04:45:38 GMT
expires: Sat, 20 Apr 2024 04:45:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=AW-660882099 | 142.250.74.168 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=AW-660882099 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash91444f2ce2da0f4e80ebd0a05a9a87e3 e82fc6b4395ab435f0708d01d3724e7085f8fd4a 6026b13dcec4632830ed566422777f7c620525690a5bf7827f77be930abe0098
GET /gtag/js?id=AW-660882099 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 Apr 2024 04:45:38 GMT
expires: Sat, 20 Apr 2024 04:45:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 20 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fast.vidalytics.com/embeds/PzpZ_7KZ/JIC8_NDnfuEmGsqq/loader.min.js | 151.101.193.91 | 200 OK | 7.9 kB |
URL GET HTTP/2fast.vidalytics.com/embeds/PzpZ_7KZ/JIC8_NDnfuEmGsqq/loader.min.js IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21920), with no line terminators Hashd96df41895be831daea732aedb39f24f cb56be4f419b7f4e09c89f79693efba610062bcb 68800b3687ed3423b8f54f49edd347d320bd6fcb980b488cb41c1af576e2eb11
GET /embeds/PzpZ_7KZ/JIC8_NDnfuEmGsqq/loader.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
x-envoy-upstream-service-time: 41
server: istio-envoy
x-envoy-decorator-operation: vidalytics-player-api.vidalytics-player-api.svc.cluster.local:80/*
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: api-prod
access-control-allow-origin: *
cache-control: public, max-age=900, s-maxage=1800
x-lb-cache: disabled
content-encoding: gzip
accept-ranges: bytes
age: 372
date: Sat, 20 Apr 2024 04:45:39 GMT
x-served-by: cache-dfw-kdfw8210062-DFW, cache-hel1410022-HEL
x-cache: HIT, MISS
x-cache-hits: 9, 0
x-timer: S1713588339.896293,VS0,VE137
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7860
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=go.behindthemarkets.com%2Fbtm-end-disease-vsl%2F&tdp=G-8R6YNFMJ23;74108444;1;6;0&rtg=12088355&rlo=4&slo=2&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=go.behindthemarkets.com%2Fbtm-end-disease-vsl%2F&tdp=G-8R6YNFMJ23;74108444;1;6;0&rtg=12088355&rlo=4&slo=2&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=go.behindthemarkets.com%2Fbtm-end-disease-vsl%2F&tdp=G-8R6YNFMJ23;74108444;1;6;0&rtg=12088355&rlo=4&slo=2&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/td?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=go.behindthemarkets.com%2Fbtm-end-disease-vsl%2F&tdp=G-8R6YNFMJ23;74108444;1;6;0&rtg=12088355&rlo=4&slo=2&z=0 | 142.250.74.168 | 204 No Content | 0 B |
URL GET HTTP/3www.googletagmanager.com/td?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=go.behindthemarkets.com%2Fbtm-end-disease-vsl%2F&tdp=G-8R6YNFMJ23;74108444;1;6;0&rtg=12088355&rlo=4&slo=2&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /td?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=go.behindthemarkets.com%2Fbtm-end-disease-vsl%2F&tdp=G-8R6YNFMJ23;74108444;1;6;0&rtg=12088355&rlo=4&slo=2&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 20 Apr 2024 04:45:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ogteventedit.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventedit.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ogteventedit.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventedit.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ogteventedit.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ogteventcreate.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ogteventedit.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ogteventcreate.2ccdautoredact.2ccdgalast&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtag.config&eid=1&u=AAAAAAAIAAAAAIAg&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtag.config&eid=1&u=AAAAAAAIAAAAAIAg&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtag.config&eid=1&u=AAAAAAAIAAAAAIAg&h=Ag&epr=1G.2G&tr=1gct&ti=1gct&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=*&eid=8&u=AAAAAAAIIAAAAIAg&h=Ag&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=*&eid=8&u=AAAAAAAIIAAAAIAg&h=Ag&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=*&eid=8&u=AAAAAAAIIAAAAIAg&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&u=AAAAAAAIIAAAAIAg&h=Ag&epr=1G.3G&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&u=AAAAAAAIIAAAAIAg&h=Ag&epr=1G.3G&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&u=AAAAAAAIIAAAAIAg&h=Ag&epr=1G.3G&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=391506763.1713588339>m=45je44h0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1157561378 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=391506763.1713588339>m=45je44h0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1157561378 IP142.250.74.163:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=391506763.1713588339>m=45je44h0v874108444z8812088355za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1157561378 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 20 Apr 2024 04:45:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/1JBzk5OTIUlpS2duyosd--_s7_rVDs6XTyQfJD9YRTUFq4SMvAJgRmjxVxnvMk4UQJEXQtQatxo615aDSUSWNTO-XnwNUagGgms=s16 | 142.250.74.97 | 200 OK | 360 B |
URL GET HTTP/2lh3.googleusercontent.com/1JBzk5OTIUlpS2duyosd--_s7_rVDs6XTyQfJD9YRTUFq4SMvAJgRmjxVxnvMk4UQJEXQtQatxo615aDSUSWNTO-XnwNUagGgms=s16 IP142.250.74.97:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 16x8, components 3 Hash3905f679f050fe380205b8baba160b20 cda34b70abb76b07c2252e62494657b1fdac937d 7c7ae1ae3ea1aa0d5292a13a63ec43da9bb35602047810d5e221da036c6e06b6
GET /1JBzk5OTIUlpS2duyosd--_s7_rVDs6XTyQfJD9YRTUFq4SMvAJgRmjxVxnvMk4UQJEXQtQatxo615aDSUSWNTO-XnwNUagGgms=s16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 360
x-xss-protection: 0
date: Sat, 20 Apr 2024 04:25:54 GMT
expires: Sun, 21 Apr 2024 04:25:54 GMT
cache-control: public, max-age=86400, no-transform
age: 1185
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 | 142.250.74.97 | 200 OK | 251 B |
URL GET HTTP/2lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 IP142.250.74.97:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typePNG image data, 16 x 3, 8-bit/color RGBA, non-interlaced Hashb73a89df13870206d4104c99ec9973c5 dba02bf1f1c06839760da64a0739327a0d20019b 47901a3ecf1fc1e211131e3e6453422084b56e34b9a4ef14a123e48168c62937
GET /tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 251
x-xss-protection: 0
date: Sat, 20 Apr 2024 02:47:21 GMT
expires: Sun, 21 Apr 2024 02:47:21 GMT
cache-control: public, max-age=86400, no-transform
age: 7098
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 | 35.202.21.90 | 200 OK | 23 kB |
URL User Request GET HTTP/2go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 IP35.202.21.90:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subjectgo.behindthemarkets.com Fingerprint4A:3D:1B:98:93:1B:AD:19:29:33:73:D5:E7:97:F3:FE:CD:F6:00:39 ValidityMon, 25 Mar 2024 11:10:43 GMT - Sun, 23 Jun 2024 11:10:42 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (46815) Hash564c7c5d276d2b2f7ee34c3bdd7a13bc 6cdd4b887c006333f582f6494580670f6d0d8b7c f80f31f1346774bca9b3348f3de3bb40c5ebdef7cb793964b7c8f441f9d7c733
GET /btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 HTTP/1.1
Host: go.behindthemarkets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 04:45:37 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
etag: W/"2b4b9e55bf2186d3522c0db2d2893eb5"
last-modified: Fri, 01 Mar 2024 15:07:49 GMT
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/players/v.4.3.3.000-vid-prod/player.min.js | 151.101.193.91 | 200 OK | 266 kB |
URL GET HTTP/3fast.vidalytics.com/players/v.4.3.3.000-vid-prod/player.min.js IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size266 kB (266243 bytes) Hashe91192bb73361bd71ca6c57fd7574a0b b7067fd0be088bdc811438955959baba4f75f48b fe68b0da3eb42ca233dc9558748f676f541e583efa272b9c8ac39e2be4e71744
GET /players/v.4.3.3.000-vid-prod/player.min.js HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 266243
x-guploader-uploadid: ABPtcPpE4K4hRFg91e5Swdl_ZNzVkGeFwemz67K0KxgmERb1lyi0gDJW7co_XmY1-LU9C9RkcxYIQsXYxA
cache-control: public, max-age=86400, s-maxage=2592000
expires: Wed, 10 Apr 2024 08:41:05 GMT
last-modified: Mon, 11 Mar 2024 08:36:30 GMT
etag: "23462b16f3d8a48814f6f216d08b940c"
x-goog-generation: 1710146190347127
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 266243
x-goog-meta-surrogate-key: player-versioned
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=hXdP3Q==, md5=I0YrFvPYpIgU9vIW0IuUDA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 1298184
date: Sat, 20 Apr 2024 04:45:39 GMT
x-served-by: cache-dfw-kdfw8210130-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 171216, 0
x-timer: S1713588339.352615,VS0,VE1
vary: Accept-Encoding
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| static.leadpages.net/images/favicon.ico | 34.107.203.240 | | 2.6 kB |
URL GET static.leadpages.net/images/favicon.ico IP34.107.203.240:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash0210a839146c090d313d070610e16bd2 f87bd57affad1046bf0f44db93f7c23304e43d55 76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
GET /images/favicon.ico HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 0908cc6a505c2d45d3a930af5358f2dd
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 2594
date: Sat, 20 Apr 2024 04:45:39 GMT
expires: Sat, 20 Apr 2024 04:50:39 GMT
cache-control: public, max-age=300
etag: "-6uIpg"
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=gzGB4eAjwGphCnmd3AzGgg&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=A48abqfuLZmXk5XcufFpnz&sid=n6hRdP9N3PfaV2vPuttrGn&cid=lp-gzGB4eAjwGphCnmd3AzGgg&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&rf=&rx=1280&ry=1024&tz=%2B00%3A00 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=gzGB4eAjwGphCnmd3AzGgg&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=A48abqfuLZmXk5XcufFpnz&sid=n6hRdP9N3PfaV2vPuttrGn&cid=lp-gzGB4eAjwGphCnmd3AzGgg&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&rf=&rx=1280&ry=1024&tz=%2B00%3A00 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=gzGB4eAjwGphCnmd3AzGgg&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=A48abqfuLZmXk5XcufFpnz&sid=n6hRdP9N3PfaV2vPuttrGn&cid=lp-gzGB4eAjwGphCnmd3AzGgg&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&rf=&rx=1280&ry=1024&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://go.behindthemarkets.com
Server: Stargate
x-request-id: 02lnrt3vjcmjgno9ui4g
Date: Sat, 20 Apr 2024 04:45:39 GMT
access-control-allow-credentials: true
set-cookie: view.bb4wMKcXKB896PwqF4vMVT-default-prop.gzGB4eAjwGphCnmd3AzGgg=1713588339000; Domain=api.leadpages.io; expires=Sun, 21 Apr 2024 04:45:39 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
X-Forwarded-For: 91.90.42.154
|
|
| lh3.googleusercontent.com/1JBzk5OTIUlpS2duyosd--_s7_rVDs6XTyQfJD9YRTUFq4SMvAJgRmjxVxnvMk4UQJEXQtQatxo615aDSUSWNTO-XnwNUagGgms=w1280 | 142.250.74.97 | 200 OK | 98 kB |
URL GET HTTP/2lh3.googleusercontent.com/1JBzk5OTIUlpS2duyosd--_s7_rVDs6XTyQfJD9YRTUFq4SMvAJgRmjxVxnvMk4UQJEXQtQatxo615aDSUSWNTO-XnwNUagGgms=w1280 IP142.250.74.97:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 626x313, components 3 Hash1dfda527ae2e8c20a9cdc1af8ea62920 15bb3b94592975552310816c663d435a5a9f9623 961b4dc079eeceb667a4db3ed9a4ad73482d1c32de88e5bb43e17fa0f49255fc
GET /1JBzk5OTIUlpS2duyosd--_s7_rVDs6XTyQfJD9YRTUFq4SMvAJgRmjxVxnvMk4UQJEXQtQatxo615aDSUSWNTO-XnwNUagGgms=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
x-content-type-options: nosniff
server: fife
content-length: 97455
x-xss-protection: 0
date: Sat, 20 Apr 2024 04:25:54 GMT
expires: Sun, 21 Apr 2024 04:25:54 GMT
cache-control: public, max-age=86400, no-transform
age: 1185
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=44assETX84qBbGg2xNgF7U&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=136,1,Xsan3PT3SpYNWmDrZuZwkm | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=44assETX84qBbGg2xNgF7U&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=136,1,Xsan3PT3SpYNWmDrZuZwkm IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=44assETX84qBbGg2xNgF7U&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=136,1,Xsan3PT3SpYNWmDrZuZwkm HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://go.behindthemarkets.com
Server: Stargate
x-request-id: 02lnrt5jsad0bjd5ld10
Date: Sat, 20 Apr 2024 04:45:39 GMT
access-control-allow-credentials: true
X-Forwarded-For: 91.90.42.154
|
|
| lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 | 142.250.74.97 | 200 OK | 69 kB |
URL GET HTTP/3lh3.googleusercontent.com/tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 IP142.250.74.97:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typePNG image data, 1064 x 197, 8-bit/color RGBA, non-interlaced Hash9b97f6e005b2f1a8e177cc4eb518a109 bbdb7e214525ba28bd16766e81ad9cabd361569d aaae268765615295c8949b10bcbd2cbca39703e2e7366fd8c52ae1aa536a1435
GET /tt2DPU2PRU88zJWVilJgcb8EYEAbe5isdg3o_3AwHs538iLTnjJFcL8q1R8x2Kc4Ru9eGg5g1n_BohLuISxBf1CijFvq3lhguVY9=w1064 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 69027
x-xss-protection: 0
date: Sat, 20 Apr 2024 04:25:55 GMT
expires: Sun, 21 Apr 2024 04:25:55 GMT
cache-control: public, max-age=86400, no-transform
age: 1184
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css | 34.107.203.240 | 200 OK | 15 kB |
URL GET HTTP/3static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subjectstatic.leadpages.net FingerprintD8:FD:AD:CD:8D:45:95:5D:A9:9C:4E:AE:11:39:70:F3:A6:56:DA:77 ValidityMon, 08 Apr 2024 13:47:54 GMT - Sun, 07 Jul 2024 14:42:08 GMT
File typeASCII text, with very long lines (58749) Hash84d8ad2b4fcdc0f0c58247e778133b3a 6f33eae92d42fe209167139940a0ad6a3c6c167e 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
x-cloud-trace-context: a87fb2cc080ce9432cd1ecfa2fd9e2f5
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Thu, 28 Mar 2024 07:22:21 GMT
expires: Fri, 28 Mar 2025 07:22:21 GMT
cache-control: public, max-age=31536000
age: 1977798
etag: "-6uIpg"
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| js.center.io/center.js | 216.239.36.21 | 200 OK | 5.4 kB |
IP216.239.36.21:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subjectjs.center.io Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4 ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT
File typeJavaScript source, ASCII text, with very long lines (566) Hash60f05ff45d707fe36d87b75bf181800d e34d94b519ed465481596bcff099467feb0aafdd cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=A48abqfuLZmXk5XcufFpnz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 36f3070525bdb75cd2a86b4eb5e69919
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Sat, 20 Apr 2024 04:42:12 GMT
expires: Sat, 20 Apr 2024 04:47:12 GMT
cache-control: public, max-age=300
age: 207
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 | 216.58.207.227 | 200 OK | 45 kB |
URL GET HTTP/2fonts.gstatic.com/s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 IP216.58.207.227:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 44584, version 1.0 Hashe04669366cda1aca21161f9e22bac3ae 157532ec5cdb07c395eb96aa6e9d0de1eeb869a7 43a079fd739dffa727de659b5bbf44596031aa7542c8a8afbc54a243aab96b47
GET /s/fjallaone/v15/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:38:34 GMT
expires: Fri, 18 Apr 2025 02:38:34 GMT
cache-control: public, max-age=31536000
age: 180425
last-modified: Mon, 03 Apr 2023 20:46:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 180639
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 180639
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44h0v874108444z8812088355za200&_p=1713588338589&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391506763.1713588339&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713588339&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&dt=BTM%20-%20End%20Disease%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3612 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44h0v874108444z8812088355za200&_p=1713588338589&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391506763.1713588339&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713588339&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&dt=BTM%20-%20End%20Disease%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3612 IP216.239.34.36:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44h0v874108444z8812088355za200&_p=1713588338589&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391506763.1713588339&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1713588339&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&dt=BTM%20-%20End%20Disease%20-%20VSL&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0&tfd=3612 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Sat, 20 Apr 2024 04:45:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| js.center.io/identify.html | 216.239.36.21 | 200 OK | 2.0 kB |
URL GET HTTP/2js.center.io/identify.html IP216.239.36.21:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectjs.center.io Fingerprint4F:B0:A1:20:96:F5:9A:75:29:3C:B1:38:81:42:BB:1C:6E:E7:5A:A4 ValidityFri, 01 Mar 2024 18:22:06 GMT - Thu, 30 May 2024 18:58:09 GMT
File typeHTML document, ASCII text, with very long lines (612) Hash0ba3629e9c8b8af4c7a13d344978898a c05b5c80e1eec6e630547ecfacf11eb86391e4b6 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Cookie: centerVisitorId=A48abqfuLZmXk5XcufFpnz
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: 1eb4c7444fa8e0de214caf8e2438575f
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Sat, 20 Apr 2024 04:43:41 GMT
expires: Sat, 20 Apr 2024 04:48:41 GMT
cache-control: public, max-age=300
age: 118
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/stream.m3u8 | 151.101.193.91 | 200 OK | 1.2 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/stream.m3u8 IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash46d1133df22215a49a063934b2dbf311 9d593efd3cbee2fa87dffae771c1a4e039efa984 062a063c4d24e598ea41b8218946716f27c04f33a2a8412d1b153720e078fe60
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/stream.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1190
x-guploader-uploadid: ABPtcPo74lYgRgQ7nZlCeDv01l2l8U211rrCmSGowAtPu4mv6Eg92YcqfZn3q9oOeav-TgREVCjOE3XysQ
cache-control: public, max-age=31104000
expires: Wed, 15 Jan 2025 09:07:35 GMT
last-modified: Wed, 01 Nov 2023 16:33:17 GMT
etag: "46d1133df22215a49a063934b2dbf311"
x-goog-generation: 1698856397663209
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1190
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=I2T/lw==, md5=RtETPfIiFaSaBjk0stvzEQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:39 GMT
age: 1012611
x-served-by: cache-dfw-kdfw8210035-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 2122, 4
x-timer: S1713588340.964818,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/thumb/preview-5_0.jpg | 151.101.193.91 | 200 OK | 1.8 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/thumb/preview-5_0.jpg IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 107x60, components 3 Hashe0dd2531c58128ab626a5f258eff8b6c 2a2859b25d9a48cbce44c406ed5309d38bfe7abe 414543d2fd0b68e6101d285dace0630fdb8d0b04774b7322c3a3eb39dca7eafc
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/thumb/preview-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 1766
x-guploader-uploadid: ABPtcPrgSjQPf66RW4GUUsCzgMpRkdPVEeicjJNptYdLUYl2DhZ_d0vyo-U8bFG2tTg7pjrpn5MeMhL0cg
cache-control: public, max-age=31104000
expires: Mon, 31 Mar 2025 02:29:46 GMT
last-modified: Wed, 01 Nov 2023 15:47:57 GMT
etag: "e0dd2531c58128ab626a5f258eff8b6c"
x-goog-generation: 1698853677804332
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1766
content-type: image/jpeg
x-goog-hash: crc32c=YYMNfA==, md5=4N0lMcWBKKtial8ljv+LbA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:39 GMT
age: 1304153
x-served-by: cache-dfw-kdal2120114-DFW, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 695, 4
x-timer: S1713588340.977991,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 | 151.101.193.91 | 200 OK | 50 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash9a0cc094db4290929505720d63eb4e9d edec0ff92ecfe853e5f13b3c0f1ebcf2d53492a9 28b9a727da2c7d52020b053aed15481a4a27b2bb0df67f2d299cf058c894cd8d
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/video_TS_h264_aac_96000_1280x720_2500000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 49891
x-guploader-uploadid: ABPtcPqW3A-oaz5rbNQdmh4EzfVf7LUGW8e127EwCbKVhv-iz4kJMihi1ieJZ7hT1Gv5SeQOALU
cache-control: public, max-age=31104000
expires: Sat, 15 Feb 2025 20:34:52 GMT
last-modified: Wed, 01 Nov 2023 16:33:17 GMT
etag: "9a0cc094db4290929505720d63eb4e9d"
x-goog-generation: 1698856397666776
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 49891
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=d0dQBg==, md5=mgzAlNtCkJKVBXINY+tOnQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:39 GMT
age: 5040648
x-served-by: cache-dfw-kdal2120066-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 176, 5
x-timer: S1713588340.989894,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 | 151.101.193.91 | 200 OK | 39 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash948f7ac97db7463b5f4a0d7c6d4848e5 e7cce766f0371c869216527adfbf6f2c4034aa0f cc2b10817f0f53a786420be87f9720771638edd3b7a888c274ce685f7e087c84
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/audio_TS_h264_aac_96000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 38611
x-guploader-uploadid: ABPtcPp-liXpc-9ChCo6nFXdqQQWSMYjiOqKrd0KsoiUahyblGvY3xEyIx2ZIMuxHxuGAA3uJzI
cache-control: public, max-age=31104000
expires: Thu, 03 Apr 2025 12:42:26 GMT
last-modified: Wed, 01 Nov 2023 16:33:17 GMT
etag: "948f7ac97db7463b5f4a0d7c6d4848e5"
x-goog-generation: 1698856397581797
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38611
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=PESr9g==, md5=lI96yX23RjtfSg18bUhI5Q==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:39 GMT
age: 1008193
x-served-by: cache-dfw-kdal2120039-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 1683, 4
x-timer: S1713588340.992106,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/video/1280x720_h264_2500000/1.ts | 151.101.193.91 | 200 OK | 620 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/video/1280x720_h264_2500000/1.ts IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Size620 kB (620400 bytes) Hash64b75a21968e3482ef5ff9fda1df19a9 244114f9e2fb1c751f09224046a76d16d2df7c56 37040c79dcea7eb9005373217f48188a318401e56c55f192a0a64a22e5158064
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/video/1280x720_h264_2500000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 620400
x-guploader-uploadid: ABPtcPr0HI39hlfH8uRoGmON1xCQQxEBV0Ckf1Omn_B3kO5RvexTSwR9F1PKqrHmbCkpoQqYRR8udCgBy5cjZ9D9uHUzp-Z6c3b2
cache-control: public, max-age=31104000
expires: Tue, 29 Oct 2024 08:53:09 GMT
last-modified: Wed, 01 Nov 2023 16:28:18 GMT
etag: "64b75a21968e3482ef5ff9fda1df19a9"
x-goog-generation: 1698856098890113
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 620400
content-type: video/mp2t
x-goog-hash: crc32c=LrjFGA==, md5=ZLdaIZaONILvX/n9od8ZqQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
age: 3786788
date: Sat, 20 Apr 2024 04:45:40 GMT
x-served-by: cache-dfw-kdfw8210077-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 4632, 0
x-timer: S1713588340.020531,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/audio/aac_96000/1.ts | 151.101.193.91 | 200 OK | 52 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/audio/aac_96000/1.ts IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash245cccb5261f4ad8e905148cb356ad50 c0fff22a0299189e2e8c4be9dc9847b425a1b6a7 6ccc7179498f8e470ca92b8c53cac1f7ee7ec65d2569289c3b97e1658208c863
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/audio/aac_96000/1.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 52076
x-guploader-uploadid: ABPtcPrXeIipZD8npUfwW1W5jxXP_Q7DIHu5fFY0ycWy1NHSda4zq2oQJhuT0OXougBAlUACRwHGYe3G3uGcQW3S0ZDdnZ3u_XT3
cache-control: public, max-age=31104000
expires: Sat, 26 Oct 2024 18:30:47 GMT
last-modified: Wed, 01 Nov 2023 16:30:10 GMT
etag: "245cccb5261f4ad8e905148cb356ad50"
x-goog-generation: 1698856210456030
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 52076
content-type: video/mp2t
x-goog-hash: crc32c=bI4Lmw==, md5=JFzMtSYfStjpBRSMs1atUA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:40 GMT
age: 994387
x-served-by: cache-dfw-kdfw8210099-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 755, 4
x-timer: S1713588340.031774,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 | 151.101.193.91 | 200 OK | 51 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hash5950a8f430aa3b4dee44f2ba58c9222e c08c28ef9160a04309f1ca4000d8228a20001167 8a9484548074a186c6e99d528b022c0681696dcaf344a03b793e2395a4b9e617
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/video_TS_h264_aac_96000_1920x1080_4000000_variant.m3u8 HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 50831
x-guploader-uploadid: ABPtcPqfDT5uj6rlHtap1ucW36BElCNd4Rd8tHAMEcbaMdchjxHyauq51ldwtDDBq6-ZnOR1aZi1_6isWps07s_wPoP3Ig
cache-control: public, max-age=31104000
expires: Mon, 11 Nov 2024 11:42:45 GMT
last-modified: Wed, 01 Nov 2023 16:33:17 GMT
etag: "5950a8f430aa3b4dee44f2ba58c9222e"
x-goog-generation: 1698856397642547
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 50831
content-type: application/vnd.apple.mpegurl
x-goog-hash: crc32c=YmJpxQ==, md5=WVCo9DCqO03uRPK6WMkiLg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:40 GMT
age: 1118450
x-served-by: cache-dfw-kdfw8210153-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 2678, 4
x-timer: S1713588340.206200,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/audio/aac_96000/2.ts | 151.101.193.91 | 200 OK | 53 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/audio/aac_96000/2.ts IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeMPEG transport stream data Hash339d749759f90783fa3b72a798d818ea 8a5706e33a5b69e112e8ed1aafbeaaada70bd5e0 f0373e3ddd83f795c6798be567390242d68ace52e85cca288083416e412b678e
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/ts/audio/aac_96000/2.ts HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 52640
x-guploader-uploadid: ABPtcPrm6fp0M-_vRA8E_ETI0cfZ6zdCavntcR-Od9i-PczBOpF3xotRcJHZ7IMeyujJwf7c38-6QjTCHg
cache-control: public, max-age=31104000
expires: Sun, 26 Jan 2025 21:07:24 GMT
last-modified: Wed, 01 Nov 2023 16:30:11 GMT
etag: "339d749759f90783fa3b72a798d818ea"
x-goog-generation: 1698856211611606
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 52640
content-type: video/mp2t
x-goog-hash: crc32c=CAoRrQ==, md5=M510l1n5B4P6O3KnmNgY6g==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:40 GMT
age: 1275862
x-served-by: cache-dfw-kdfw8210110-DFW, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 695, 5
x-timer: S1713588340.207408,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| analytics-ingress-global.bitmovin.com/licensing | 35.190.27.197 | 200 OK | 77 B |
URL POST HTTP/2analytics-ingress-global.bitmovin.com/licensing IP35.190.27.197:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoDaddy.com, Inc. Subject*.bitmovin.com FingerprintA3:12:09:E0:2B:6B:C9:36:D1:AE:E8:38:F4:5F:1B:F6:B2:47:16:3C ValidityMon, 08 May 2023 12:46:05 GMT - Sat, 08 Jun 2024 12:46:05 GMT
Hash40f9443d5dc02e385b00b24c1f570269 c0e65fe8f73334d638173b9e33eff4f36d913104 ea71115c171f3b6874e256a1ff1e30431229a21b584371e0b36eae66cb5d2d9f
POST /licensing HTTP/1.1
Host: analytics-ingress-global.bitmovin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 110
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: v1.62.1
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: application/json
content-length: 77
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/thumb/thumbnail-5_0.jpg | 151.101.193.91 | 200 OK | 55 kB |
URL GET HTTP/3fast.vidalytics.com/video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/thumb/thumbnail-5_0.jpg IP151.101.193.91:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Hash6ddabd7b257633af8f2be4cc53da7585 04156080830268cb33760c2e7c3415d2de773d34 51faf1ff42137f7635b3c02153724e24775c4c4d75bd6483ca51411baad84ffa
GET /video/PzpZ_7KZ/JfgqHqA_bmhNHVAt/114677/116439__FFMPEG/thumb/thumbnail-5_0.jpg HTTP/1.1
Host: fast.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 54963
x-guploader-uploadid: ABPtcPoLd-7Suk-I_XSJ0Ou0Kxf9sNTL00CkiWr3evFKpq8sZigWBZXI2ynzEJEIJiVDDoQer9ffucfTccG-YiMlvUqQaGxpiUxb
cache-control: public, max-age=31104000
expires: Sat, 26 Oct 2024 18:30:47 GMT
last-modified: Wed, 01 Nov 2023 15:47:57 GMT
etag: "6ddabd7b257633af8f2be4cc53da7585"
x-goog-generation: 1698853677808355
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 54963
content-type: image/jpeg
x-goog-hash: crc32c=GpH4Dw==, md5=bdq9eyV2M6+PK+TMU9p1hQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
server: UploadServer
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-lb-backend: gcs-prod
x-lb-cache: miss
accept-ranges: bytes
date: Sat, 20 Apr 2024 04:45:40 GMT
age: 1096274
x-served-by: cache-dfw-kdfw8210025-DFW, cache-hel1410023-HEL
x-cache: HIT, HIT
x-cache-hits: 1230, 4
x-timer: S1713588340.198680,VS0,VE0
access-control-expose-headers: Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
x-cdn: 5
x-cdn-site: c5-prod
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=22,282,273,579,4,752,1074,1119,2712,2714 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=22,282,273,579,4,752,1074,1119,2712,2714 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=22,282,273,579,4,752,1074,1119,2712,2714 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
x-request-id: 02lnrtb5mhk50srsp7t0
Date: Sat, 20 Apr 2024 04:45:40 GMT
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
|
|
| stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ | 107.178.211.97 | 200 OK | 43 B |
URL GET HTTP/2stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hash57f187c7a868faeac558007a8eb6cb2e 11ab10ab109fdb53d91d444ac781101f5a6360c6 aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /awesome-log?cid=PzpZ_7KZ HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: Accept, Content-Type, Origin, Range, X-Requested-With
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control: no-cache, public, max-age=2592000
content-length: 43
content-type: image/gif
etag: "PzpZ_7KZ/9B8pmCSjc2AFcJmv"
date: Sat, 20 Apr 2024 04:45:40 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=44assETX84qBbGg2xNgF7U&kind=timer&label=lb_embed_leadbox_load&value=782 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=44assETX84qBbGg2xNgF7U&kind=timer&label=lb_embed_leadbox_load&value=782 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=44assETX84qBbGg2xNgF7U&kind=timer&label=lb_embed_leadbox_load&value=782 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-credentials: true
Server: Stargate
x-request-id: 02lnrtcml5bk7l7bpto0
Date: Sat, 20 Apr 2024 04:45:40 GMT
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 91.90.42.154
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 4620
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 20 Apr 2024 04:45:40 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.load&eid=20&u=AgAAAAAIIAAAAIAg&h=Ag&z=0 | 142.250.74.168 | 200 OK | 0 B |
URL GET HTTP/3www.googletagmanager.com/a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.load&eid=20&u=AgAAAAAIIAAAAIAg&h=Ag&z=0 IP142.250.74.168:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a?id=G-8R6YNFMJ23&v=3&t=t&pid=596655011&cv=1&rv=44h0&tc=27&es=1&e=gtm.load&eid=20&u=AgAAAAAIIAAAAIAg&h=Ag&z=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 04:45:40 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 449
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 20 Apr 2024 04:45:40 GMT
content-length: 16
x-envoy-upstream-service-time: 2
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 699
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 20 Apr 2024 04:45:40 GMT
content-length: 16
x-envoy-upstream-service-time: 13
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 408
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 20 Apr 2024 04:45:41 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| stats.vidalytics.com/scribe | 107.178.211.97 | 200 OK | 16 B |
URL POST HTTP/2stats.vidalytics.com/scribe IP107.178.211.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerSectigo Limited Subject*.vidalytics.com Fingerprint91:E2:FF:FD:57:97:9B:B0:E0:EA:ED:AC:5A:8A:CE:E8:D7:37:E5:AD ValidityTue, 14 Nov 2023 00:00:00 GMT - Sat, 14 Dec 2024 23:59:59 GMT
Hasha1cbd35d4488ac8cc6f959d4c633dc37 11844023759429ec785ae1c18e6a9c69803ee2bd 707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
POST /scribe HTTP/1.1
Host: stats.vidalytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 450
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-methods: POST,OPTIONS
content-type: application/json
date: Sat, 20 Apr 2024 04:45:41 GMT
content-length: 16
x-envoy-upstream-service-time: 1
server: istio-envoy
access-control-allow-origin: https://go.behindthemarkets.com
access-control-expose-headers: Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
X-Firefox-Spdy: h2
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=hwGA3V93Vr8TbStxyadFb3&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=82,318,1,476 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=hwGA3V93Vr8TbStxyadFb3&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=82,318,1,476 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=hwGA3V93Vr8TbStxyadFb3&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=82,318,1,476 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-credentials: true
Server: Stargate
x-request-id: 02lnru5oc0di3h1lanig
Date: Sat, 20 Apr 2024 04:45:43 GMT
access-control-allow-origin: https://go.behindthemarkets.com
X-Forwarded-For: 91.90.42.154
|
|
| api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=mf99XpEC4mbjphxqjKN2NS&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=22,121,1 | 35.192.151.63 | 200 OK | 35 B |
URL GET HTTP/1.1api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=mf99XpEC4mbjphxqjKN2NS&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=22,121,1 IP35.192.151.63:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerLet's Encrypt Subject*.leadpages.io FingerprintC2:01:5A:85:07:D6:83:B5:63:23:55:57:C7:29:71:A6:B9:7C:EC:3E ValidityWed, 21 Feb 2024 18:48:20 GMT - Tue, 21 May 2024 18:48:19 GMT
File typeGIF image data, version 89a, 1 x 1 Hashc2196de8ba412c60c22ab491af7b1409 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=mf99XpEC4mbjphxqjKN2NS&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=22,121,1 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://btm-btm-btm.lpages.co
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-credentials: true
Server: Stargate
x-request-id: 02lnru81jvvhsgleq74g
Date: Sat, 20 Apr 2024 04:45:44 GMT
access-control-allow-origin: https://btm-btm-btm.lpages.co
X-Forwarded-For: 91.90.42.154
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44h0v874108444z8812088355za200&_p=1713588338589&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391506763.1713588339&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713588339&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&dt=BTM%20-%20End%20Disease%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=391506763.1713588339.&upn.variant_id=0&upn.experiment_id=0&tfd=8799 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44h0v874108444z8812088355za200&_p=1713588338589&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391506763.1713588339&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713588339&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&dt=BTM%20-%20End%20Disease%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=391506763.1713588339.&upn.variant_id=0&upn.experiment_id=0&tfd=8799 IP216.239.34.36:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8R6YNFMJ23>m=45je44h0v874108444z8812088355za200&_p=1713588338589&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=391506763.1713588339&ul=en-us&sr=1280x1024&pscdl=noapi&_s=2&sid=1713588339&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-end-disease-vsl%2F%3F_ef_transaction_id%3D9c93c8e1c89742bba9149c2b92898f91%26utm_source%3D5%26utm_campaign%3D%26utm_medium%3D%26id%3D3415447649292212428%26iocid%3D%26aff%3D5%26oid%3D93&dt=BTM%20-%20End%20Disease%20-%20VSL&en=fetch_user_data&epn.variant_id=0&up.custom_client_id=391506763.1713588339.&upn.variant_id=0&upn.experiment_id=0&tfd=8799 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.behindthemarkets.com
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://go.behindthemarkets.com
date: Sat, 20 Apr 2024 04:45:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.behindthemarkets-btm.com/7BZ2W/5L55FG/?sub1=3415447649292212428 | 104.21.85.245 | 302 Found | 112 kB |
URL User Request GET HTTP/2www.behindthemarkets-btm.com/7BZ2W/5L55FG/?sub1=3415447649292212428 IP104.21.85.245:443
CertificateIssuerLet's Encrypt Subjectbehindthemarkets-btm.com FingerprintCB:C3:56:D1:00:87:27:BD:0E:F2:9E:CE:DA:B7:08:88:CB:02:77:14 ValidityMon, 26 Feb 2024 12:58:33 GMT - Sun, 26 May 2024 12:58:32 GMT
Size112 kB (111484 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7BZ2W/5L55FG/?sub1=3415447649292212428 HTTP/1.1
Host: www.behindthemarkets-btm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 Apr 2024 04:45:37 GMT
content-type: text/html; charset=utf-8
location: https://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
set-cookie: uniqueClick_5L55FG=6d6ab746-7549-4588-b6af-d33205c7090c:1713588337; Path=/; Expires=Sun, 21 Apr 2024 04:45:37 GMT; SameSite=None
transaction_id=9c93c8e1c89742bba9149c2b92898f91; Path=/; Expires=Fri, 19 Jul 2024 04:45:37 GMT; SameSite=None
vary: Origin
x-eflow-request-id: 40a12d5c-0b58-4eb8-b270-5b9ff6da8337
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdDR8U37CHphJreuwBsQPZiHxuDag5TC9xX6CP1Fbg0xaOKoLGMV9p4uBgSzTMPR5tev9mbcwJkSfz%2BD5clW9%2FEJpCpvfplDrTFlWxiPmAHGx13%2F4b1y0y8gg93Fe%2FCNvFom44prECSwh6rq75AV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87727c64bffd56c7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| verifiedwebpage.com/go?ehash=2ff69998b1104c325e8fa4c9724fada2&product=30099&ar=48&cid=2129724604&lid=139350&slhash=fa5e862d7c11eec74a11925f52883810&mtaid=63293&cid2=[s8]&cloudf_filter=1 | 104.18.20.187 | 302 Found | 112 kB |
URL User Request GET HTTP/2verifiedwebpage.com/go?ehash=2ff69998b1104c325e8fa4c9724fada2&product=30099&ar=48&cid=2129724604&lid=139350&slhash=fa5e862d7c11eec74a11925f52883810&mtaid=63293&cid2=[s8]&cloudf_filter=1 IP104.18.20.187:443
CertificateIssuerGoogle Trust Services LLC Subjectverifiedwebpage.com FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56 ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT
Size112 kB (111484 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go?ehash=2ff69998b1104c325e8fa4c9724fada2&product=30099&ar=48&cid=2129724604&lid=139350&slhash=fa5e862d7c11eec74a11925f52883810&mtaid=63293&cid2=[s8]&cloudf_filter=1 HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 Apr 2024 04:45:37 GMT
content-type: text/html; charset=UTF-8
location: https://www.behindthemarkets-btm.com/7BZ2W/5L55FG/?sub1=3415447649292212428
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=9031e92b59a36113a97d9566124ac3bf; path=/
pixel_session_hash_30099=3415447649292212428; expires=Mon, 20-May-2024 04:45:36 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_30099=271242b137dbc39791d8cdbea7fde48a2019e0bb3f4c47829604721a962b83cb; expires=Mon, 22-Apr-2024 04:45:36 GMT; Max-Age=172800
__cf_bm=ivm0MyLYCoRbuDsxzX9UoHQDM7EI4ZxE_D_NiVKs4NM-1713588337-1.0.1.1-2bOrXB3Siofj7gjKeoerv2vz0g5YC3ONg0sSI1WrVN2oFa.olU58Auko5Po3I3RASNr4QgR6PeYkbMMmMHKa0A; path=/; expires=Sat, 20-Apr-24 05:15:37 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87727c5ecb0cb4f3-OSL
X-Firefox-Spdy: h2
|
|
| lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 | 142.250.74.97 | 200 OK | 377 B |
URL GET HTTP/2lh3.googleusercontent.com/Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 IP142.250.74.97:443
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typePNG image data, 16 x 6, 8-bit/color RGB, non-interlaced Hashed4137102d21623f529b27def8c75cb2 6e42b34bb4dd05ca21d3080cf053428b1d22b542 fe29fbc2a49916e11f94d481b36086c3032902f8414df1f9de6afcca8e4eb7f9
GET /Q7ckMaOculnRenLl4AplbzUQf_tFJliJ_VfkWiUPvZ7Q5pD0skUZZFAqMZ1tsuxgIdq3NBR98kzWA8XOYWL16PhkR60pueOipk0=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
server: fife
content-length: 377
x-xss-protection: 0
date: Sat, 20 Apr 2024 02:47:21 GMT
expires: Sun, 21 Apr 2024 02:47:21 GMT
cache-control: public, max-age=86400, no-transform
age: 7098
etag: "v1"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 | 142.250.74.106 | 200 OK | 24 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 IP142.250.74.106:443
Requested byhttps://btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1572) Hashd26d9179ea2b7413f5868794fd7f3eb9 6be7f7298a61f6df7812cee4fab963b1a2060419 5be81fce7768759e3209cd9b9178e7da5a8af2fed44b740e7fd27bb2b7f04b79
GET /css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://btm-btm-btm.lpages.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 Apr 2024 04:45:39 GMT
date: Sat, 20 Apr 2024 04:45:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 | 35.202.21.90 | 200 OK | 92 kB |
URL GET HTTP/2btm-btm-btm.lpages.co/serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 IP35.202.21.90:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerLet's Encrypt Subject*.lpages.co FingerprintCA:40:9C:FC:AC:6F:98:FA:56:12:19:F4:C1:EE:D8:E4:CC:98:8E:A1 ValidityWed, 21 Feb 2024 15:49:11 GMT - Tue, 21 May 2024 15:49:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serve-leadbox/Xsan3PT3SpYNWmDrZuZwkm/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&aff=5&id=3415447649292212428&iocid=&oid=93&utm_campaign=&utm_medium=&utm_source=5 HTTP/1.1
Host: btm-btm-btm.lpages.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 04:45:39 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
x-cache: MISS, HIT
etag: W/"1bc5cfd84014571e430264099cbff435"
last-modified: Tue, 27 Jun 2023 23:53:42 GMT
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
|
|
| embed.lpcontent.net/leadboxes/current/embed.js | 34.107.203.240 | 200 OK | 43 kB |
URL GET HTTP/2embed.lpcontent.net/leadboxes/current/embed.js IP34.107.203.240:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://go.behindthemarkets.com/btm-end-disease-vsl/?_ef_transaction_id=9c93c8e1c89742bba9149c2b92898f91&utm_source=5&utm_campaign=&utm_medium=&id=3415447649292212428&iocid=&aff=5&oid=93 CertificateIssuerGoogle Trust Services LLC Subjectembed.lpcontent.net FingerprintFD:A4:56:03:B6:BA:9C:FD:30:9B:68:CA:EE:56:98:E7:5E:5F:4A:21 ValidityTue, 26 Mar 2024 23:09:25 GMT - Tue, 25 Jun 2024 00:02:39 GMT
File typeJavaScript source, ASCII text, with very long lines (30758) Hash7efcfabdb6209627ce8b016b1c4814eb f3b8ebfc5fe452333c0fa14b15b28567f30921b9 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
GET /leadboxes/current/embed.js HTTP/1.1
Host: embed.lpcontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://go.behindthemarkets.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
x-cloud-trace-context: 69136268e65fb70c57910b1faacca0d5
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14811
date: Sat, 20 Apr 2024 04:44:02 GMT
expires: Sat, 20 Apr 2024 04:49:02 GMT
cache-control: public, max-age=300
age: 96
etag: "-6uIpg"
content-type: application/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|