urlscan.io logo urlscan.io
SecurityTrails logo

go.behindthemarkets.com Open in urlscan Pro
35.202.21.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://links.daily.futureslabresearch.com/u/click?_t=e5c2383db184440abdc2279cead730f4&_m=472a473245e04373a1225f3c52a2ef31&_e=kS93FFKz92Cc7...
Effective URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_cam...
Submission: On December 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 23 domains to perform 110 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is go.behindthemarkets.com.
TLS certificate: Issued by R3 on December 1st 2022. Valid for: 3 months.
This is the only time go.behindthemarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 50.97.212.250 36351 (SOFTLAYER)
1 3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 35.202.21.90 396982 (GOOGLE-CL...)
3 34.107.203.240 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
31 151.139.128.10 20446 (STACKPATH...)
6 35.192.151.63 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::d 44788 (ASN-CRITE...)
14 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
5 52.38.14.212 16509 (AMAZON-02)
4 107.178.211.97 396982 (GOOGLE-CL...)
9 35.190.27.197 15169 (GOOGLE)
2 2600:1901:0:d... 15169 (GOOGLE)
110 25
1    2600:9000:223c:a200:2:a6ed:6840:93a1 (United States)

ASN16509 (AMAZON-02, US)
links.daily.futureslabresearch.com
1    2606:4700:3035::6815:23f7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.futureslabdata.com
1    50.97.212.250 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: fa.d4.6132.ip4.static.sl-reverse.com
www.clkmg.com
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.behindthemarkets-btm.com
2    35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com
go.behindthemarkets.com
btm-btm-btm.lpages.co
3    34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com
static.leadpages.net
embed.lpcontent.net
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
js.center.io
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
8    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
31    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
fast.vidalytics.com
6    35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com
api.leadpages.io
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:2638:1::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
14    2400:52e0:1e00::713:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
load.sumo.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
sumo.com
4    107.178.211.97 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.211.178.107.bc.googleusercontent.com
stats.vidalytics.com
9    35.190.27.197 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 197.27.190.35.bc.googleusercontent.com
analytics-ingress-global.bitmovin.com
2    2600:1901:0:df23:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
licensing.bitmovin.com
Apex Domain
Subdomains		 Transfer
35 vidalytics.com
fast.vidalytics.com — Cisco Umbrella Rank: 222312
stats.vidalytics.com — Cisco Umbrella Rank: 174990
12 MB
19 sumo.com
load.sumo.com — Cisco Umbrella Rank: 11422
sumo.com — Cisco Umbrella Rank: 10539
448 KB
11 bitmovin.com
analytics-ingress-global.bitmovin.com — Cisco Umbrella Rank: 28551
licensing.bitmovin.com — Cisco Umbrella Rank: 7703
1 KB
8 gstatic.com
fonts.gstatic.com
277 KB
6 leadpages.io
api.leadpages.io — Cisco Umbrella Rank: 35010
3 KB
4 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3226
gum.criteo.com — Cisco Umbrella Rank: 384
mug.criteo.com — Cisco Umbrella Rank: 2665
22 KB
4 center.io
js.center.io — Cisco Umbrella Rank: 41359
15 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4715
www.google.com — Cisco Umbrella Rank: 2
870 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
4 KB
3 behindthemarkets-btm.com
www.behindthemarkets-btm.com
20 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6168
564 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 73
377 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
230 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
161 KB
2 leadpages.net
static.leadpages.net — Cisco Umbrella Rank: 38828
29 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 919
42 KB
1 lpages.co
btm-btm-btm.lpages.co
18 KB
1 lpcontent.net
embed.lpcontent.net — Cisco Umbrella Rank: 51740
15 KB
1 behindthemarkets.com
go.behindthemarkets.com
19 KB
1 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 122813
700 B
1 futureslabdata.com
www.futureslabdata.com
686 B
1 futureslabresearch.com
links.daily.futureslabresearch.com
1 KB
110 23
Domain Requested by
31 fast.vidalytics.com go.behindthemarkets.com
fast.vidalytics.com
14 load.sumo.com go.behindthemarkets.com
load.sumo.com
9 analytics-ingress-global.bitmovin.com go.behindthemarkets.com
8 fonts.gstatic.com fonts.googleapis.com
6 api.leadpages.io js.center.io
embed.lpcontent.net
5 sumo.com load.sumo.com
4 stats.vidalytics.com go.behindthemarkets.com
4 js.center.io go.behindthemarkets.com
js.center.io
btm-btm-btm.lpages.co
3 fonts.googleapis.com go.behindthemarkets.com
btm-btm-btm.lpages.co
client
3 www.behindthemarkets-btm.com 1 redirects www.googletagmanager.com
www.behindthemarkets-btm.com
2 licensing.bitmovin.com go.behindthemarkets.com
2 gum.criteo.com 1 redirects dynamic.criteo.com
2 www.google.de go.behindthemarkets.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 lh3.googleusercontent.com go.behindthemarkets.com
2 www.googletagmanager.com go.behindthemarkets.com
www.googletagmanager.com
2 static.leadpages.net go.behindthemarkets.com
btm-btm-btm.lpages.co
1 www.google.com go.behindthemarkets.com
1 mug.criteo.com go.behindthemarkets.com
1 dynamic.criteo.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 btm-btm-btm.lpages.co embed.lpcontent.net
1 embed.lpcontent.net go.behindthemarkets.com
1 go.behindthemarkets.com
1 www.clkmg.com 1 redirects
1 www.futureslabdata.com 1 redirects
1 links.daily.futureslabresearch.com 1 redirects
110 29

This site contains links to these domains. Also see Links.

Domain
vidalytics.com
behindthemarkets.com
Subject Issuer Validity Valid
go.behindthemarkets.com
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
static.leadpages.net
GTS CA 1D4		 2022-10-31 -
2023-01-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
embed.lpcontent.net
GTS CA 1D4		 2022-10-18 -
2023-01-16		 3 months crt.sh
js.center.io
GTS CA 1D4		 2022-11-28 -
2023-02-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-04 -
2023-02-16		 a year crt.sh
*.lpages.co
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
*.leadpages.io
Go Daddy Secure Certificate Authority - G2		 2022-10-27 -
2023-10-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-02-08 -
2023-02-08		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.sumo.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-04-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2		 2022-05-03 -
2023-06-04		 a year crt.sh

This page contains 5 frames:

Primary Page: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Frame ID: B1D08BD9B8BF57999F84AE7D9D45F2A7
Requests: 101 HTTP requests in this frame

Frame: https://btm-btm-btm.lpages.co/serve-leadbox/VjsiWE8Kqvp6irG2dz7mk3/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&aff=82&creative_id=&id=curtis.k.frazee%40ampf.com&iocid=&oid=60&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&utm_campaign=&utm_medium=&utm_source=82
Frame ID: F9AC9632657A7C056AA27840ED13EC69
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 0C79EEC37B7837CD102309D69FD83DDE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag
Frame ID: 869BB286ABBDB26D6317F337A21DE68E
Requests: 2 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 26EF22A77161A7B7B78291455B92AE3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Drug Smuggler

Page URL History Show full URLs

  1. https://links.daily.futureslabresearch.com/u/click?_t=e5c2383db184440abdc2279cead730f4&_m=472a473245e04373a1225f3c52a2e... HTTP 303
    https://www.futureslabdata.com/0343/curtis.k.frazee@ampf.com/futureslabresearch.com/B/BTDS4 HTTP 302
    http://www.clkmg.com/ruslancube/0343/curtis.k.frazee@ampf.com/futureslabresearch.com/B/BTDS4 HTTP 302
    https://www.behindthemarkets-btm.com/4P7M9M/3ZB15F/?sub1=curtis.k.frazee@ampf.com&sub2=futureslabresearch.com&sub... HTTP 302
    https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

110
Requests

99 %
HTTPS

67 %
IPv6

23
Domains

29
Subdomains

25
IPs

5
Countries

13420 kB
Transfer

17645 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.daily.futureslabresearch.com/u/click?_t=e5c2383db184440abdc2279cead730f4&_m=472a473245e04373a1225f3c52a2ef31&_e=kS93FFKz92Cc715dR6VJa-pi9tGyF7vCb4b2_IdOuRwnMqod5TiQFCHm5g8gExebNA2fE4ANVx48bpv1e524l8Xg39QW0cU3kSb_vx_KXPxkz3vARHas7EI4n94IybI_2wV1iITu16IYemQeLgkAvDxEzMevy5XDbwWnTuQW9_jbvv6-Phy1LrfBc4WdxDTNODurqGHR3ItP8HDyuVpc9kTiqibiHkV50A9c2Qo6eKfZM_KU7ccj1gQllkRCoZROU3jtrAHQU-CVfWKOSLO6Ro6j5_mLNcFFDceoV73-oh0%3D HTTP 303
    https://www.futureslabdata.com/0343/curtis.k.frazee@ampf.com/futureslabresearch.com/B/BTDS4 HTTP 302
    http://www.clkmg.com/ruslancube/0343/curtis.k.frazee@ampf.com/futureslabresearch.com/B/BTDS4 HTTP 302
    https://www.behindthemarkets-btm.com/4P7M9M/3ZB15F/?sub1=curtis.k.frazee@ampf.com&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&sub5= HTTP 302
    https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=7A8TcnxTdytUQVBUUHRwYW9nTUVIb002QnpUOUVaYi9nZ0RWNlJpaVBvZXFFemJRd2RhdFpmL2VQUExGVGI1WjU4SU92NGpnSUxZdWU4amsrM3BkVGNIS3R0QnE2bVNHVHNWb1QzYVVyYldRNUpMS2hSdko5TmdXdGwvWWdFc1VhOW5CRjZxL1c0VVM0RGhUNzNGWHZvWlUxMndjY1NkZUZUZlJ3Y3ZCUXA2S0dlY0ZhM2JadkJzcmNsMi92YVhGdW1JcExYUDVjNndLRVBnTDA5QitEcUdPc2YySWFZMTZwd0hVTVYySFIwQVlRdVoyZHVES2MyMVFBRmpjT2xmMTBNUWdJTWp5VE9JQlhMZGlCbnRsU2tYeWFLODQxNWxZUThSakVtZHZHS1g1UXRjMD18&cppv=2

110 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.behindthemarkets.com/btm-drug-smuggler-vsl/
Redirect Chain
  • https://links.daily.futureslabresearch.com/u/click?_t=e5c2383db184440abdc2279cead730f4&_m=472a473245e04373a1225f3c52a2ef31&_e=kS93FFKz92Cc715dR6VJa-pi9tGyF7vCb4b2_IdOuRwnMqod5TiQFCHm5g8gExebNA2fE4A...
  • https://www.futureslabdata.com/0343/curtis.k.frazee@ampf.com/futureslabresearch.com/B/BTDS4
  • http://www.clkmg.com/ruslancube/0343/curtis.k.frazee@ampf.com/futureslabresearch.com/B/BTDS4
  • https://www.behindthemarkets-btm.com/4P7M9M/3ZB15F/?sub1=curtis.k.frazee@ampf.com&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&sub5=
  • https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creati...
91 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
ca056ebd8408bbfd314673eeba9e4409c7528ee2d0a3fcc67be2d520a12c87de
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Fri, 02 Dec 2022 16:17:05 GMT
etag
W/"920667c03e129594f1098be2d2f86bfa"
last-modified
Wed, 30 Nov 2022 17:39:14 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77355ee82d759162-FRA
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 16:17:05 GMT
location
https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cd1pzhs%2B3dxV0vk5kFvRG%2FYcQz2NbsRDnnGN6dNdz2jGhBLrQv4UTV9sBSJaKNQps%2BzjbFunYPK%2FWgDh%2FAJyN6kozsudzYUFCsYhCxrKp0PXe6bSKeGTxCh7LUkt9reA9r1O9LBOx6OVzcutY%2BM8mEhsRw87hdNWYRfq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
via
1.1 google
x-eflow-request-id
abeb4dbf-1612-45da-a19e-4f5ce5abf433
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:04:34 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
7952
etag
"rvb96Q"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
2c6a92e9e459068b84abff6ac5e1fc22
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14628
expires
Sat, 02 Dec 2023 14:04:34 GMT
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Rozha+One:300,400,500,700|Open+Sans:300,400,500,700|Roboto:300,400,500,700
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8812663510bb4f5a02bb0777dad19edc0d4bc309b4985dec544b448308c1177c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 16:17:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Dec 2022 16:17:06 GMT
embed.js
embed.lpcontent.net/leadboxes/current/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:13:24 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
222
etag
"rvb96Q"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-cloud-trace-context
43b016c8794755e6a8e8e2923265af86
cache-control
public, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14811
expires
Fri, 02 Dec 2022 16:18:24 GMT
center.js
js.center.io/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:15:26 GMT
content-encoding
gzip
server
Google Frontend
age
100
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
057ba43fa0cb03acedab6b5c276ec2e4
cache-control
public, max-age=300
content-length
5417
expires
Fri, 02 Dec 2022 16:20:26 GMT
gtm.js
www.googletagmanager.com/ 		251 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8640021188a1142b3e71be2dfdc387ddd232413e81a5c7ad1aa0f3b353fba17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84744
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Dec 2022 16:17:06 GMT
SaAYUV3ZdA08XZjd4oKJkDY2F_lLndztqBsP_TwDMdEqu0W63fgaNeHjo4ibUpw17_W-cJ-SsdA9lbvyKm_tIgIm3Ts2yylbSCtF=s16
lh3.googleusercontent.com/ 		618 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/SaAYUV3ZdA08XZjd4oKJkDY2F_lLndztqBsP_TwDMdEqu0W63fgaNeHjo4ibUpw17_W-cJ-SsdA9lbvyKm_tIgIm3Ts2yylbSCtF=s16
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8e2c92494c6f74948686e96f4248a002e9cb212a59ecd15aed00550aeb784045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:12:23 GMT
x-content-type-options
nosniff
age
283
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
618
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 03 Dec 2022 16:12:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Rozha+One:300,400,500,700|Open+Sans:300,400,500,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
336402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 18:50:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Rozha+One:300,400,500,700|Open+Sans:300,400,500,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
343934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 16:44:52 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Rozha+One:300,400,500,700|Open+Sans:300,400,500,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 22:05:34 GMT
x-content-type-options
nosniff
age
65492
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 22:05:34 GMT
AlZy_zVFtYP12Zncg2kRcn35.woff2
fonts.gstatic.com/s/rozhaone/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Rozha+One:300,400,500,700|Open+Sans:300,400,500,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 19:22:27 GMT
x-content-type-options
nosniff
age
248079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18176
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:29:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 19:22:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:300,400,500,700|Rozha+One:300,400,500,700|Open+Sans:300,400,500,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options
nosniff
age
74091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 19:42:15 GMT
loader.min.js
fast.vidalytics.com/embeds/PzpZ_7KZ/Bs6X2ElU38L_lFKp/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/embeds/PzpZ_7KZ/Bs6X2ElU38L_lFKp/loader.min.js
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
efba0f69437b2ca15b3b5a11ae18d9b7557469838c784ca60d76563df54066a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
gzip
x-cdn
4
x-guploader-uploadid
ADPycdstSRJDlk2chNzqGNgOr5t0rZ-HIQZtKERRvaMFtBnUaBarg0miiMk-_SwA6ufJLvcV7IuI-KVI0sJAAAQ7g9jSaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Fri, 07 Oct 2022 13:42:32 GMT
server
UploadServer
x-cdn-info
loader
etag
"e31bf975fa44bb9ec37d74095842690c"
vary
Accept-Encoding
x-goog-generation
1665150151961285
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=wfkexA==, md5=4xv5dfpEu57DfXQJWEJpDA==
access-control-expose-headers
Content-Type, x-hw, server, x-cdn, x-cdn-info
cache-control
no-store, private, max-age=0, s-max-age=0
x-hw
1669997826.cds016.fr8.hn,1669997826.cds016.fr8.hc,1669997826.cds220.fr8.sc,1669997826.cds220.fr8.p,1669997826.cds016.fr8.sl
x-goog-stored-content-length
10161
accept-ranges
bytes
expires
Fri, 02 Dec 2022 16:17:06 GMT
SaAYUV3ZdA08XZjd4oKJkDY2F_lLndztqBsP_TwDMdEqu0W63fgaNeHjo4ibUpw17_W-cJ-SsdA9lbvyKm_tIgIm3Ts2yylbSCtF=w1600
lh3.googleusercontent.com/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/SaAYUV3ZdA08XZjd4oKJkDY2F_lLndztqBsP_TwDMdEqu0W63fgaNeHjo4ibUpw17_W-cJ-SsdA9lbvyKm_tIgIm3Ts2yylbSCtF=w1600
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3a2a00bba000c2bf3aa074248c14fd0e3fbec95556e79d4779c1221935d0297c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:12:23 GMT
x-content-type-options
nosniff
age
283
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234594
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 03 Dec 2022 16:12:23 GMT
/
btm-btm-btm.lpages.co/serve-leadbox/VjsiWE8Kqvp6irG2dz7mk3/ Frame F9AC 		87 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btm-btm-btm.lpages.co/serve-leadbox/VjsiWE8Kqvp6irG2dz7mk3/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&aff=82&creative_id=&id=curtis.k.frazee%40ampf.com&iocid=&oid=60&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&utm_campaign=&utm_medium=&utm_source=82
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.21.202.35.bc.googleusercontent.com
Software
Leadpages /
Resource Hash
370d32c1921fa3682c5d9c4a863aec1678d689d19094d8f2a6d96b3fc2a66f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://go.behindthemarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-type
text/html
date
Fri, 02 Dec 2022 16:17:06 GMT
etag
W/"b020632f2f4af170af6bfcc28a95b83b"
last-modified
Thu, 22 Sep 2022 23:37:54 GMT
server
Leadpages
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
MISS, HIT
identify.html
js.center.io/ Frame 0C79 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer
https://go.behindthemarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
56
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Fri, 02 Dec 2022 16:16:10 GMT
etag
"OMWYXg"
expires
Fri, 02 Dec 2022 16:21:10 GMT
server
Google Frontend
x-cloud-trace-context
1f497eff3bf6fda8e99f93bcc1a8e2a0
capture
api.leadpages.io/analytics/v1/events/ 		35 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=5MWJ4aDmYxiYeFMVzRR5ja&v=&e=&st=&lc=en-US&pid=bb4wMKcXKB896PwqF4vMVT-default-prop&uid=H2nwWqnwgdVRDY8NJCve33&sid=jxBuB4ecYmFQUrMMJYRpKE&cid=lp-5MWJ4aDmYxiYeFMVzRR5ja&uri=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-drug-smuggler-vsl%2F%3F_ef_transaction_id%3Dda38546e55264bec8c1e5894a44cf23d%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dcurtis.k.frazee%2540ampf.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dfutureslabresearch.com%26sub4%3DBTDS4%26oid%3D60&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:17:06 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
80.255.7.101
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00ire4vl6cabgc4lbid0
optimize.js
www.googleoptimize.com/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-K7WPB5K
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e536f7fb3d12b155c1286b6ea6aa10b3dd441faf72e773caa9af8aa9f188a354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42936
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Dec 2022 16:17:06 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 15:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3146
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 02 Dec 2022 17:24:40 GMT
everflow.js
www.behindthemarkets-btm.com/scripts/sdk/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc85afdb952179898377f74779280b8ebf9005f4ad62a9d271560739d740806

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 02 Dec 2022 12:09:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buga3zPF1fVsL5Ya0xp7sAG9GwVqQoo176lCozBmoUaY3aHFSZRPqnmhqbBEaFKRumUWiGvbdBDw3H5FivQSAKvIGLqV2WygHcpnD%2BFhS6%2Bd%2FrdAuVgjiFBD9VXrmmvrQfaStFXDzzaxiKP86FsDcvyuldghT%2FdG6HJI"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
271cd7a5-9aa9-4f41-ba6a-ec4d617793c3
cf-ray
77355eef5e419162-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ld.js
dynamic.criteo.com/js/ld/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=93258
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1f319f8dca4e3ed898cfb54315e07176047333d507a5a099cedcba4880b648a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
load.sumo.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QP6JYJBZPD8JJHFG
cdn-cachedat
11/15/2022 11:35:12
cdn-pullzone
53731
x-amz-id-2
prwfeDh9vCw6Ll0xnMMXT1fGHTGNH5SgFi8lc2K15XosxcRZCqTNGVBIa2IoKi3uZnWHZHndswg=
last-modified
Wed, 05 Oct 2022 16:50:13 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=600
cdn-requestid
679f3b281c747636c46d0f892db19746
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		231 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNRH3TX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
844690c422ea9677642fa282da6370cf02a7dc53a258b42d09d8b2240ca3d161
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79086
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 16:17:06 GMT
collect
region1.analytics.google.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=2oebu0&_p=527323994&_gaz=1&cid=1040476447.1669997827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669997826&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-drug-smuggler-vsl%2F%3F_ef_transaction_id%3Dda38546e55264bec8c1e5894a44cf23d%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dcurtis.k.frazee%2540ampf.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dfutureslabresearch.com%26sub4%3DBTDS4%26oid%3D60&dt=Drug%20Smuggler&en=page_view&_fv=1&_nsi=1&_ss=1&epn.variant_id=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R6YNFMJ23&cid=1040476447.1669997827&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R6YNFMJ23&cid=1040476447.1669997827&gtm=2oebu0&aip=1&z=1702943369
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player-dash-mse.min.js
fast.vidalytics.com/embeds/PzpZ_7KZ/Bs6X2ElU38L_lFKp/ 		2 MB
572 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/embeds/PzpZ_7KZ/Bs6X2ElU38L_lFKp/player-dash-mse.min.js?hash=aprznmmtn
Requested by
Host: fast.vidalytics.com
URL: https://fast.vidalytics.com/embeds/PzpZ_7KZ/Bs6X2ElU38L_lFKp/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
2ee753eaec4c7bd8482cba59fed283c4ee6207547608f86295bf2d524932a58f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
gzip
x-cdn
4
x-guploader-uploadid
ADPycdss9VXFSrgKWCkqIlLQf1vZiJNxPfIFvvXJXzp26N8XZC3lD6zGplCx6g5yNl_Ru6q_d_bOAWqypJS8e6aNq8aD-GgvORCi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
last-modified
Fri, 07 Oct 2022 13:42:32 GMT
server
UploadServer
etag
"86d5f7e028e599c33ec05d37abd4dbf0"
x-goog-generation
1665150152313918
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=n0QOLw==, md5=htX34CjlmcM+wF03q9Tb8A==
access-control-expose-headers
Content-Type, x-hw, server, x-cdn, x-cdn-info
cache-control
public, max-age=300, s-maxage=2592000
x-hw
1669997826.cds237.fr8.hn,1669997826.cds237.fr8.hn,1669997826.cds276.fr8.c,1669997826.cds237.fr8.sl
x-goog-stored-content-length
502778
accept-ranges
bytes
72.0a035390359aab65eb82.js
load.sumo.com/ 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
XZ8MF64J1DQAGJQZ
cdn-cachedat
11/15/2022 11:35:13
cdn-pullzone
53731
x-amz-id-2
cfb4B/hPAeWde0B0wC/l+Tb9ET1jWoXMQ61ydZJleFV7o78z+QI8QOGO9jR5tDIYraVmPOupnb4=
last-modified
Wed, 05 Oct 2022 16:49:50 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
b7694e160f7e55b9ec48d21d06eeb92c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
73.0a035390359aab65eb82.js
load.sumo.com/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
XZ8R63PKCCDKWZ1F
cdn-cachedat
11/15/2022 11:35:13
cdn-pullzone
53731
x-amz-id-2
T+QA3Gw1aLGoIpUXNT1gn3bwRMeCXUn8iB18oAj9kuX4rimuuJUWVPO6RRRTaIA3eRTqfbuNQJk=
last-modified
Wed, 05 Oct 2022 16:49:51 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"ad6f2454f01de902ffd473d51c1207bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
7949a52109d2154359de3f1502fd883c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
syncframe
gum.criteo.com/ Frame 869B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=go.behindthemarkets.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=93258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://go.behindthemarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 16:17:06 GMT
server
Kestrel
server-processing-duration-in-ticks
960008
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=527323994&t=pageview&_s=1&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-drug-smuggler-vsl%2F%3F_ef_transaction_id%3Dda38546e55264bec8c1e5894a44cf23d%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dcurtis.k.frazee%2540ampf.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dfutureslabresearch.com%26sub4%3DBTDS4%26oid%3D60&ul=en-us&de=UTF-8&dt=Drug%20Smuggler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAACAAI~&jid=1182954399&gjid=189591263&cid=1040476447.1669997827&tid=UA-102395123-1&_gid=745246698.1669997827&_r=1&gtm=2wgbu0WNRH3TX&cd1=82&cd3=false&cd4=false&cd5=false&cd6=false&cd7=false&z=992368041
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102395123-1&cid=1040476447.1669997827&jid=1182954399&gjid=189591263&_gid=745246698.1669997827&_u=aADAAEAAQAAAACAAI~&z=987248878
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 02 Dec 2022 16:17:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 869B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=behindthemarkets.com&sn=ChromeSyncframe&so=0&topUrl=go.behindthemarkets.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=7A8TcnxTdytUQVBUUHRwYW9nTUVIb002QnpUOUVaYi9nZ0RWNlJpaVBvZXFFemJRd2RhdFpmL2VQUExGVGI1WjU4SU92NGpnSUxZdWU4amsrM3BkVGNIS3R0QnE2bVNHVHNWb1QzYVVyYldRNUpMS2hSdko5TmdXdGwvWW...
454 B
690 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=7A8TcnxTdytUQVBUUHRwYW9nTUVIb002QnpUOUVaYi9nZ0RWNlJpaVBvZXFFemJRd2RhdFpmL2VQUExGVGI1WjU4SU92NGpnSUxZdWU4amsrM3BkVGNIS3R0QnE2bVNHVHNWb1QzYVVyYldRNUpMS2hSdko5TmdXdGwvWWdFc1VhOW5CRjZxL1c0VVM0RGhUNzNGWHZvWlUxMndjY1NkZUZUZlJ3Y3ZCUXA2S0dlY0ZhM2JadkJzcmNsMi92YVhGdW1JcExYUDVjNndLRVBnTDA5QitEcUdPc2YySWFZMTZwd0hVTVYySFIwQVlRdVoyZHVES2MyMVFBRmpjT2xmMTBNUWdJTWp5VE9JQlhMZGlCbnRsU2tYeWFLODQxNWxZUThSakVtZHZHS1g1UXRjMD18&cppv=2
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1309697ffb06b194460de7f74f0c25c73b7287c4c42a7c1e855194b04cf883d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2379563
expires
0

Redirect headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=7A8TcnxTdytUQVBUUHRwYW9nTUVIb002QnpUOUVaYi9nZ0RWNlJpaVBvZXFFemJRd2RhdFpmL2VQUExGVGI1WjU4SU92NGpnSUxZdWU4amsrM3BkVGNIS3R0QnE2bVNHVHNWb1QzYVVyYldRNUpMS2hSdko5TmdXdGwvWWdFc1VhOW5CRjZxL1c0VVM0RGhUNzNGWHZvWlUxMndjY1NkZUZUZlJ3Y3ZCUXA2S0dlY0ZhM2JadkJzcmNsMi92YVhGdW1JcExYUDVjNndLRVBnTDA5QitEcUdPc2YySWFZMTZwd0hVTVYySFIwQVlRdVoyZHVES2MyMVFBRmpjT2xmMTBNUWdJTWp5VE9JQlhMZGlCbnRsU2tYeWFLODQxNWxZUThSakVtZHZHS1g1UXRjMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
781676
content-length
0
expires
0
all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame F9AC 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by
Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/VjsiWE8Kqvp6irG2dz7mk3/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&aff=82&creative_id=&id=curtis.k.frazee%40ampf.com&iocid=&oid=60&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&utm_campaign=&utm_medium=&utm_source=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.203.107.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 10:28:24 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
age
20923
etag
"rvb96Q"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-cloud-trace-context
d98f450da034fe190e4db41616d0df04
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14628
expires
Sat, 02 Dec 2023 10:28:24 GMT
css
fonts.googleapis.com/ Frame F9AC 		11 KB
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,700|Fjalla+One:300,400,500,700
Requested by
Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/VjsiWE8Kqvp6irG2dz7mk3/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&aff=82&creative_id=&id=curtis.k.frazee%40ampf.com&iocid=&oid=60&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&utm_campaign=&utm_medium=&utm_source=82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b4320f64ed958970e7b5e545371627de694ec93a21c716ea27dce7c388339fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://btm-btm-btm.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Dec 2022 16:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 16:17:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Dec 2022 16:17:07 GMT
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=7osHdGM8h5NoQVdSZ9zKZ2&kind=timer,counter,text&label=lb_embed_embed_script_load,lb_embed_exit-intent_tigger_queue,lb_embed_leadbox_embedded&value=274.69999980926514,1,VjsiWE8Kqvp6irG2dz7mk3
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:17:07 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
80.255.7.101
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
05gc61bhof39llfiaik0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102395123-1&cid=1040476447.1669997827&jid=1182954399&_u=aADAAEAAQAAAACAAI~&z=799899964
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102395123-1&cid=1040476447.1669997827&jid=1182954399&_u=aADAAEAAQAAAACAAI~&z=799899964
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
click
www.behindthemarkets-btm.com/sdk/ 		86 B
831 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.behindthemarkets-btm.com/sdk/click?effp=d4459c576941bf98479f943227f42c86&_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&oid=60&affid=82&__cc=&async=json&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&source_id=82&creative_id=
Requested by
Host: www.behindthemarkets-btm.com
URL: https://www.behindthemarkets-btm.com/scripts/sdk/everflow.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bfe32689838232a43a2c912b2ac2cfa295e33c707c558520b2ef93c4aa4b7a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwDtso3TQRIrzCDECRRjFIykVQg1%2FJ2AD9COkckLZrnBLxs4i03nmuZOoPe2%2FBxAfDyLBJEXQM7rDCapCFQlBsLVNNg6ljNAstyoyCRACwdPNCI5xu%2BMifIZIaZBHzvU%2B0P0tNqa4q8Oo4lb0UeDYiiyRmBXrKh1BAQ0"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.behindthemarkets.com
access-control-allow-credentials
true
x-eflow-request-id
36cd321e-3efc-4526-9f6f-94059fcf2c84
cf-ray
77355ef32a587180-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
center.js
js.center.io/ Frame F9AC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.center.io/center.js
Requested by
Host: btm-btm-btm.lpages.co
URL: https://btm-btm-btm.lpages.co/serve-leadbox/VjsiWE8Kqvp6irG2dz7mk3/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&aff=82&creative_id=&id=curtis.k.frazee%40ampf.com&iocid=&oid=60&sub2=futureslabresearch.com&sub3=B&sub4=BTDS4&utm_campaign=&utm_medium=&utm_source=82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://btm-btm-btm.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:16:42 GMT
content-encoding
gzip
server
Google Frontend
age
25
etag
"OMWYXg"
content-type
application/javascript
x-cloud-trace-context
e03658f5557b64001bcb1ee6cbe9d6ec
cache-control
public, max-age=300
content-length
5417
expires
Fri, 02 Dec 2022 16:21:42 GMT
identify.html
js.center.io/ Frame 26EF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.center.io/identify.html
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer
https://btm-btm-btm.lpages.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57
cache-control
public, max-age=300
content-encoding
gzip
content-length
2016
content-type
text/html
date
Fri, 02 Dec 2022 16:16:10 GMT
etag
"OMWYXg"
expires
Fri, 02 Dec 2022 16:21:10 GMT
server
Google Frontend
x-cloud-trace-context
1f497eff3bf6fda8e99f93bcc1a8e2a0
/
sumo.com/api/load/ 		873 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/load/
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b3b5eac021aef84a946ed9036138a4ecf06adb314ca0b51d9fe2282e26152af7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.behindthemarkets.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
873
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=6,289,281,577,5,580,750,750,1781,1786
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:17:07 GMT
Server
Stargate
Transfer-Encoding
chunked
X-Forwarded-For
80.255.7.101
Content-Type
image/gif
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00ire53p4mfp51nuo8b0
awesome-log
stats.vidalytics.com/ 		43 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/awesome-log?cid=PzpZ_7KZ
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
server
istio-envoy
etag
"PzpZ_7KZ/PqLGaonYMlht1Tp8"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Cache-Control, ETag, etag
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
13
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
licensing
analytics-ingress-global.bitmovin.com/ 		117 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
preview-5_0.jpg
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/thumb/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/thumb/preview-5_0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
ae2435c9b4645d131bc3f7a202afcf10925584272bef82afc546a1788295d418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
x-cdn
4
x-guploader-uploadid
ADPycdvhPRySV6Q_r7LuYYfhz-i4ttOqaU7xDFIlyJBuMTIdD_5e5O6s5iyX6r1lpTI32xuslBedqgfYBQOoYfgGZQdvxZTohUnS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1756
last-modified
Thu, 22 Sep 2022 18:20:45 GMT
server
UploadServer
etag
"9aa860258c3c385a75476e421e945ac3"
x-goog-generation
1663870844917423
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=yOsRKA==, md5=mqhgJYw8OFp1R25CHpRaww==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997827.cds016.fr8.hn,1669997827.cds275.fr8.c
x-goog-stored-content-length
1756
accept-ranges
bytes
licensing
licensing.bitmovin.com/ 		165 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
165
stream.mpd
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/stream.mpd
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
a4fde5b85645e90665c1613465872eaf0b36335167b116956f2344e0271e5694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:07 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtVmHIRj5DoAvSZIgut5eDICn768X9XZJ9Lse_CF4_s41GG5F_0EBCTqKBCONt2oAVl9gceFgUBxwtYbj3tulYG3w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2234
last-modified
Thu, 22 Sep 2022 18:23:09 GMT
server
UploadServer
etag
"9c1726ce6b6e91293a8c3067824fa701"
x-goog-generation
1663870989083567
content-type
application/dash+xml
access-control-allow-origin
*
x-goog-hash
crc32c=u+nKmw==, md5=nBcmzmtukSk6jDBngk+nAQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997827.cds237.fr8.hn,1669997827.cds143.fr8.c
x-goog-stored-content-length
2234
accept-ranges
bytes
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:06 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=7osHdGM8h5NoQVdSZ9zKZ2&kind=timer&label=lb_embed_leadbox_load&value=570.6999998092651
Requested by
Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:17:07 GMT
Server
Stargate
Transfer-Encoding
chunked
access-control-max-age
600
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
80.255.7.101
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
05gc61enr3p1ok8tk3jg
truncated
/ 		696 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
init.mp4
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/640x360_h264_561248/ 		673 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/640x360_h264_561248/init.mp4
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
27736a2d115a9af0a0692cb562dccca0615258de0ca24102e8c90d24b1c9f276

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
x-cdn
4
x-guploader-uploadid
ADPycdt2CxA9LjQ5OyaloM_ggN4Uo5dDEfAkhxE-sVbd7wyHIPTJiO108eVuv1Z86NjCLX2e1n2Fgc1so7bUunFB7RUqfg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
673
last-modified
Thu, 22 Sep 2022 18:17:43 GMT
server
UploadServer
etag
"8abf77226e6973a9c9023c52592f91b3"
x-goog-generation
1663870663756450
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=K+N+bA==, md5=ir93Im5pc6nJAjxSWS+Rsw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997828.cds237.fr8.hn,1669997828.cds217.fr8.c
x-goog-stored-content-length
673
accept-ranges
bytes
init.mp4
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		606 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/init.mp4
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtSZNehfcjicpuyoZsN5r87qbVlO-XMPOo-sqwRFB47pK6jAyMh3uPaP82dT4HuiQFLOPqbO7SwHnM5QztpuKoPDQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
last-modified
Thu, 22 Sep 2022 18:17:39 GMT
server
UploadServer
etag
"af3d86596c83ba8ac236796a59f6d6dc"
x-goog-generation
1663870659434519
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=SpArIQ==, md5=rz2GWWyDuorCNnlqWfbW3A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997828.cds237.fr8.hn,1669997828.cds261.fr8.c
x-goog-stored-content-length
606
accept-ranges
bytes
services
sumo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sumo.com/services
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
POST
Origin
https://go.behindthemarkets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://go.behindthemarkets.com
access-control-max-age
2592000
date
Fri, 02 Dec 2022 16:17:08 GMT
server
nginx
services
sumo.com/ 		205 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/services
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

X-Sumo-Auth
BQ3ajk7CWWl3m06RYuHWwj0v
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.behindthemarkets.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
content-length
205
scribe
stats.vidalytics.com/ 		16 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Dec 2022 16:17:07 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
16
access-control-allow-methods
POST,OPTIONS
content-type
application/json
scribe
stats.vidalytics.com/ 		16 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Dec 2022 16:17:08 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
16
access-control-allow-methods
POST,OPTIONS
content-type
application/json
s_0.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/640x360_h264_561248/ 		309 KB
309 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/640x360_h264_561248/s_0.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
cf91d567e8a31ddf8843fc301b1c9ff92af420f116798f348c77718bce6a2193

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtKCsDsakX7sCpzX-tYmk0iAfGSJliUGwsn3Q4ISvrsmTg8gjlITdLbXzH0I4Fz75E2nskAXqeFiWSviSjJhk2liJ5mhJbS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316266
last-modified
Thu, 22 Sep 2022 18:17:44 GMT
server
UploadServer
etag
"ef24b04c09fb43dcd23a38d989010ba0"
x-goog-generation
1663870663961330
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=BWM8/Q==, md5=7ySwTAn7Q9zSOjjZiQELoA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997828.cds237.fr8.hn,1669997828.cds052.fr8.c
x-goog-stored-content-length
316266
accept-ranges
bytes
s_0.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_0.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
544600cdacca58de9cc76ec1c7705988686689cdbae7fca5eeaae3380efcc556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
x-cdn
4
x-guploader-uploadid
ADPycduDoL74MY1tGbKcCXxpA8da_-KHrh3DVJhjUEX22BVr3PxVY_SSEUWjH6JaEjg5ieiIsbFq264B2VGkcGC-AVfG2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48237
last-modified
Thu, 22 Sep 2022 18:17:39 GMT
server
UploadServer
etag
"8a015023fe38b85c29d0268873b242f7"
x-hw
1669997828.cds237.fr8.hn,1669997828.cds139.fr8.s,1669997828.dop220.la3.r,1669997829.cds235.la3.c,1669997829.cds139.fr8.p
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1663870659660861
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-goog-hash
crc32c=ZI+NfQ==, md5=igFQI/44uFwp0CaIc7JC9w==
x-goog-stored-content-length
48237
accept-ranges
bytes
7.0a035390359aab65eb82.js
load.sumo.com/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSB6X7C652H6XF8W
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
JRcdye63kATjUeijxyejO4vKvA/Iqe/XA1MfXKqTXWYucx6000AhltK96pVl92XN0KpjjR5XYrU=
last-modified
Wed, 05 Oct 2022 16:49:48 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"3fa9c18f727d4b42fb894fda90a374e1"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
0534bf826620e32152db75f83f8b4a1e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
4.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSB9YFVMJ9CZ4AFA
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
RVxlgXrRtLl5GtClkCou1Ss3LZgQ9pSbF3ngLYaP4bHXUSePUAmo4sg65X4ec4HE0Y18tcSoxNk=
last-modified
Wed, 05 Oct 2022 16:49:25 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"a39d043b7c7bba70750cf288ee5ef71a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
81c8337ceddcb0268f88c7ba3e853b4e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
2.0a035390359aab65eb82.js
load.sumo.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSB15HWX2QCA8482
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
g13WADIa+JG0b0dJ0zs33F9SUe3L14TXVAdCvfVYd0LSaxb3VWRMfERduK+mGlXwxU37au3ihTE=
last-modified
Wed, 05 Oct 2022 16:49:10 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"6bfdf1ae8492f107706ac037915be663"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
0162181302f0a9d694d3c1a71a917373
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
10.0a035390359aab65eb82.js
load.sumo.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSB5SWWNHEN9ZPX6
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
v5ZDqyR1Ctx6ZkiHi8FQ6csOunWOE5wzQ8OflMyO6axD2KSoLp62KyvXn/QTC7C9Ci7XjrNtcnA=
last-modified
Wed, 05 Oct 2022 16:48:57 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"fc263e7087822a0b00ff93677d6df4ea"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
2fd460cb0d653d8a8b30884173d068cb
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
22.0a035390359aab65eb82.js
load.sumo.com/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSBE2HS9M6HYZB58
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
4I9ixHh91TE6Y+eIPXBeAA0DwgwkPpnhjp1b5SdNaMZZ9HTalHtNtf2+cfiqYGZVZarT3QMVQGg=
last-modified
Wed, 05 Oct 2022 16:49:12 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"8af82c4c30a069f66de02526c2f332af"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
7d4ceb5aac87def84b8337e2754fe4ba
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
23.0a035390359aab65eb82.js
load.sumo.com/ 		329 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSBDEGD5301DDC7X
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
2FxZm2+MA0T9UzbHh/EqPM1bL8W6cTdOdg6SpG8jaq+O1AzJ+f+IyM5nvlFBksh/SL+zgh0C5EM=
last-modified
Wed, 05 Oct 2022 16:49:12 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"be0b945be6cafa91f6fd4efdfc8268f8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
34e9378f8e98fdec8bad409f7a339606
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
21.0a035390359aab65eb82.js
load.sumo.com/ 		179 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
QSBE5NPARWW0YBFS
cdn-cachedat
11/15/2022 11:35:16
cdn-pullzone
53731
x-amz-id-2
Zv4oK6ZV0ETobiEWJlbHXK8DuKpZ4CAxa3ngGIrqSbi0ffuaPzHAG3H6fPzGxFLwRigImCm6a2E=
last-modified
Wed, 05 Oct 2022 16:49:11 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"beda094dfc3b530efd0d2d83c5a0280c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
e26f76609fef9564f032ae4eb29060df
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
64.0a035390359aab65eb82.js
load.sumo.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/64.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
38ECKDJQ26SKEZ09
cdn-cachedat
11/15/2022 11:35:17
cdn-pullzone
53731
x-amz-id-2
EBlgFJ0l1rdQWUqg+M2//pnCBLd3hD0aN6xlkWTUNar8LyVuxMRsG0rwuciuUTKpfSDIg6PIqvI=
last-modified
Wed, 05 Oct 2022 16:49:45 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"d200986501135078d1fbd7f480e7bb08"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
67f0ad46c12ef295b81a8f7f4854f061
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
0.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
38ECFQA8FNWMSWMX
cdn-cachedat
11/15/2022 11:35:17
cdn-pullzone
53731
x-amz-id-2
PYZRkO9zSNhuiWD2775tj7eZXbM4XSKaz7b11tHsL1xWZZq8WlfxZY46RBIAQESZ7VHRj57sW7M=
last-modified
Wed, 05 Oct 2022 16:48:56 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"31baf056af3800bbd6e4f9e8b445d052"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
d118e46d89fa624adfe62a3e43ed5154
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
96.0a035390359aab65eb82.js
load.sumo.com/ 		1 MB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
38ECM2DKEJGH5A8J
cdn-cachedat
11/15/2022 11:35:17
cdn-pullzone
53731
x-amz-id-2
09dUb3zGRbtuKE6xA54WhFU4gybV+GNNFpnQl268YmW1+YXdF2gKaxQb6Dg+NNEATU/fKcBtL7k=
last-modified
Wed, 05 Oct 2022 16:50:09 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"f33273f5c8e8dd3d010a11b209891b91"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
00d93f134c1c3d711986311cb9270c05
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
97.0a035390359aab65eb82.js
load.sumo.com/ 		221 B
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::713:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-713 /
Resource Hash
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
br
cdn-edgestorageid
1055
x-amz-request-id
38EAJQT0KH3PPN5N
cdn-cachedat
11/15/2022 11:35:17
cdn-pullzone
53731
x-amz-id-2
h2I7OcPkThMtV9hljXJDeC8m+NKjqYqWNIMYCEgmCwOdVmtYpkMvQGL0aK4QcyuuZr1wyGRl6dU=
last-modified
Wed, 05 Oct 2022 16:50:09 GMT
server
BunnyCDN-DE1-713
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"857476cf6e94c14c223d4481353b4c19"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=31536000
cdn-requestid
5b7e89bd000113b7f9b997db586ead85
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f62057301cbebb6162864bdcbafc8c452cea3925b02b963acdf0324997c11625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Dec 2022 16:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 14:42:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Dec 2022 16:17:08 GMT
features
sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
X-Sumo-Auth
BQ3ajk7CWWl3m06RYuHWwj0v

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
content-encoding
gzip
server
nginx
etag
"-362431178"
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://go.behindthemarkets.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
features
sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794/features?site_id=7ba3e90bf0be3182240cdc5943655819e1d64b8b1a4124f571976b878954c794
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
GET
Origin
https://go.behindthemarkets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://go.behindthemarkets.com
access-control-max-age
2592000
date
Fri, 02 Dec 2022 16:17:08 GMT
server
nginx
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:48:51 GMT
x-content-type-options
nosniff
age
34097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 06:48:51 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 06:48:51 GMT
x-content-type-options
nosniff
age
34097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 06:48:51 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://go.behindthemarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 18:50:24 GMT
x-content-type-options
nosniff
age
336404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 18:50:24 GMT
s_1.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_1.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
e80f92b6df597ec4d39a784105e790c36cde4c2c7a9badc8b3859fe0c00c2333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
x-cdn
4
x-guploader-uploadid
ADPycduNPkBLSlSwlYK--Y6lLWPehQNQ6hwh4-kUsDWTJ3jSrDV_dDU89RgXZ7sEKVa-N_LuWwgLtvus6-fW2RfONzm1ziHpKCPN
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47669
last-modified
Thu, 22 Sep 2022 18:17:39 GMT
server
UploadServer
etag
"f1d17e19b318d49a22982a4dd1320949"
x-goog-generation
1663870659587261
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=B1EmNA==, md5=8dF+GbMY1JoimCpN0TIJSQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997829.cds237.fr8.hn,1669997829.cds128.fr8.c
x-goog-stored-content-length
47669
accept-ranges
bytes
impression
licensing.bitmovin.com/ 		0
13 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://licensing.bitmovin.com/impression
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:df23:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Dec 2022 16:17:09 GMT
via
1.1 google
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:09 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
init.mp4
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		671 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/init.mp4
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
5f69d9589c3d274ef73342bdc5747c9c970cf5c8c9adb54402a69e7fb303691b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsmNABV77Spa9FgHGbDp0vY_dYrOmOXDzntd-gs692XUIak-kYMWyJtkRnQd7N0jxQ9FTvYOSL5gwETi_EtcwR4bGH6Dppz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
671
last-modified
Thu, 22 Sep 2022 18:17:45 GMT
server
UploadServer
etag
"21a163e62e7363e04a3acedcf61740c9"
x-goog-generation
1663870665329812
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=GZS9yQ==, md5=IaFj5i5zY+BKOs7c9hdAyQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds267.fr8.c
x-goog-stored-content-length
671
accept-ranges
bytes
s_1.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		937 KB
939 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_1.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
22ce43785a6bee4f0ed62f1e052174047c0515a160c8ba8f53731127e645d425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycduVX06oyYvJigQ4-Vklg91-5YI8v6bVIWD6H7BVK3ySrM41EJ47SBXS9X0U8iG5o-By6WriaYkV5TgCmUkBmFpLyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
959788
last-modified
Thu, 22 Sep 2022 18:17:50 GMT
server
UploadServer
etag
"d98ba3f7665310261fa08c3f7023670f"
x-goog-generation
1663870670826231
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=kuTBlQ==, md5=2Yuj92ZTECYfoIw/cCNnDw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds143.fr8.c
x-goog-stored-content-length
959788
accept-ranges
bytes
s_2.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_2.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
1d4e5ac20858f9ef85f3f6ccfb5e876ca58302f3aaee2fbf6b8859a09c4e503b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsXIKoSJQBy0gQFMLU3j-W4p9OZYu4uo1PLb6JIufNCTlRoQa0CKXKRFITVwLGq9LrUSJyA3CbgR_kBG6xU5boxvrktnqoW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47484
last-modified
Thu, 22 Sep 2022 18:17:39 GMT
server
UploadServer
etag
"6d256008e9e7b3d9a8a31d0425d5d340"
x-goog-generation
1663870659736818
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=FBk1OA==, md5=bSVgCOnns9moox0EJdXTQA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds163.fr8.c
x-goog-stored-content-length
47484
accept-ranges
bytes
s_2.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		948 KB
949 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_2.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
244852db265802489abbb0dc4f0f8f3e0c3604f9732893661b693dd2c9573d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycdv9sDLE5RnPzUjj1ZuyxTlHTy54qmR6mjksv_bYj2ECakP7HmTvz015P7uyPqliPp-8p-BzPpiA7IRPYWrlJcGJIzJ2e1MR
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
970753
last-modified
Thu, 22 Sep 2022 18:18:00 GMT
server
UploadServer
etag
"dc63efa5f6e762084828af9670beb665"
x-goog-generation
1663870680100785
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=Eodtaw==, md5=3GPvpfbnYghIKK+WcL62ZQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds269.fr8.c
x-goog-stored-content-length
970753
accept-ranges
bytes
s_3.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_3.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
a528c5c1b18ebdba2019c0f6917c73e6ab241bf6b5be95ae37c09ecebc8597d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycduQYayUGXHfhYMKhPO7WAeWv1CEt3pfJ6t3L4pgmQCT36fjQ4_Qa5ekcFwlyh1wKnCnrQcuIn_xCjOtmJcq_aGaoNcLNowa
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47865
last-modified
Thu, 22 Sep 2022 18:17:40 GMT
server
UploadServer
etag
"0c30ff332a655fdf77ac822e69613bca"
x-goog-generation
1663870659955473
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=twUFPQ==, md5=DDD/MyplX993rIIuaWE7yg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds158.fr8.c
x-goog-stored-content-length
47865
accept-ranges
bytes
s_3.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		926 KB
927 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_3.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
0e543412fc07aa1ac9dca917201907b94071010a566238f6f69ef6c47786352e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycdu-jhl5igm6YLT5z2SQzlvfFD_B2-rJx9P_TmgRntGmZpuHTkcUT9RzdcPE6yquSVmu4bLy_OF84_yfF2Cv2WmtIq70aJgn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
947869
last-modified
Thu, 22 Sep 2022 18:17:55 GMT
server
UploadServer
etag
"a21be23c999471939e40591747d1d13a"
x-goog-generation
1663870674910074
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=bbO9vQ==, md5=ohviPJmUcZOeQFkXR9HROg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds015.fr8.c
x-goog-stored-content-length
947869
accept-ranges
bytes
s_4.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		46 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_4.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
c28e76504427a8b24318de02997ef213e5b75e5bf84100f95a0e058475b9877e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycdv11XLenzeorLvNGzQibPtTGgL0avJBMPuBD_7uCuJT05ihi4Q6KW6tw7soCWs8oPEuZPEDiztd9ZHCo_vsWc4t8A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47303
last-modified
Thu, 22 Sep 2022 18:17:40 GMT
server
UploadServer
etag
"16faecc4c17eb5aade7ca61f923eb87c"
x-goog-generation
1663870660081445
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=ZypR9g==, md5=FvrsxMF+tarefKYfkj64fA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds260.fr8.c
x-goog-stored-content-length
47303
accept-ranges
bytes
capture
api.leadpages.io/analytics/v1/observations/ 		35 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=F3ZwSH7wSKJB2eGGhzCBki&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=146.5,77.5,1,463.19999980926514
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:17:10 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://go.behindthemarkets.com
X-Forwarded-For
80.255.7.101
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00ire60bqispqnsc20mg
s_4.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		966 KB
967 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_4.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
347c95bc5119c775133a5b607f04e62ad7327f02bf797cad6602af7b949154f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:10 GMT
x-cdn
4
x-guploader-uploadid
ADPycdvFkAIdXuJIrHtruCRgxuGU2yZiBQk3q3W_p4V7cZ2K_Sn6kJiFs0YgKNNMD_OCu6Sk6bON2Rz5HDZ5G7xLkoTBQ1X6MmO1
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
989124
last-modified
Thu, 22 Sep 2022 18:17:57 GMT
server
UploadServer
etag
"6dfbbefc3a0e24976d07b53514191835"
x-goog-generation
1663870677756728
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=nHpXeA==, md5=bfu+/DoOJJdtB7U1FBkYNQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997830.cds237.fr8.hn,1669997830.cds279.fr8.c
x-goog-stored-content-length
989124
accept-ranges
bytes
s_5.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_5.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
2ef2f40f07bcd6db756bdb96ec8353e16bac0a75ae50110df4921564434d8e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:11 GMT
x-cdn
4
x-guploader-uploadid
ADPycdt5SdVZtu5S7Wy0fwOLyPOuiIoE3xOcVrEph0vV_cUgduk-3xbHYQoy3W1YlSbPE0sijI0pMpTmZeV4Zq5hmJwU2O-xGInU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47740
last-modified
Thu, 22 Sep 2022 18:17:40 GMT
server
UploadServer
etag
"1c2a93e2564c10f283b956d8825faccf"
x-goog-generation
1663870660286819
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=cGE5SA==, md5=HCqT4lZMEPKDuVbYgl+szw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997831.cds237.fr8.hn,1669997831.cds252.fr8.c
x-goog-stored-content-length
47740
accept-ranges
bytes
s_5.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		993 KB
993 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_5.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
5671f1d8da27167dbd9c2c7d21592bd31aa05fdcea986ab1ca227ac180e90c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:11 GMT
x-cdn
4
x-guploader-uploadid
ADPycduxEeEfJlMiSSu-RhmmZ7UUrROLzspadpcfw5n5cfbr79pem9oRX5kk56dgDqdJHcriO0U11yzITjBlRwYX-5sN9z8hEsIi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1016343
last-modified
Thu, 22 Sep 2022 18:18:02 GMT
server
UploadServer
etag
"c32c977c9ce63110ba165a354fef4f91"
x-goog-generation
1663870682511554
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=aw221w==, md5=wyyXfJzmMRC6Flo1T+9PkQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997831.cds237.fr8.hn,1669997831.cds221.fr8.c
x-goog-stored-content-length
1016343
accept-ranges
bytes
s_6.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_6.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
48dbf5bc5b97632d725bbd41625e82632923f8b206d7a03ce455d1d4849a8eb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:11 GMT
x-cdn
4
x-guploader-uploadid
ADPycduYaVY5ZeSv6KnW8Trhsj26zQiHo3FmRn3CSdJJOs-v5l8Musa9f_r-f5Ynnf0-4XyXfPVOPLEy6qcvw4CXu0DhSiPK-C8f
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47487
last-modified
Thu, 22 Sep 2022 18:17:40 GMT
server
UploadServer
etag
"00430cfc564ab4bc8dc4cc5dab3f923d"
x-hw
1669997831.cds237.fr8.hn,1669997831.cds141.fr8.s,1669997831.dop032.la3.r,1669997831.cds025.la3.c,1669997831.cds141.fr8.p
content-type
audio/mp4
access-control-allow-origin
*
x-goog-generation
1663870660474794
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-goog-hash
crc32c=M78hVA==, md5=AEMM/FZKtLyNxMxdqz+SPQ==
x-goog-stored-content-length
47487
accept-ranges
bytes
capture
api.leadpages.io/analytics/v1/observations/ Frame F9AC 		35 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=RPddeQFb9mq4pXfKhTBG48&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=55.80000019073486,59.80000019073486,1
Requested by
Host: js.center.io
URL: https://js.center.io/center.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
63.151.192.35.bc.googleusercontent.com
Software
Stargate /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://btm-btm-btm.lpages.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:17:11 GMT
Server
Stargate
access-control-max-age
600
Transfer-Encoding
chunked
Content-Type
image/gif
access-control-allow-origin
https://btm-btm-btm.lpages.co
X-Forwarded-For
80.255.7.101
access-control-expose-headers
LP-Security-Token
access-control-allow-credentials
true
Connection
keep-alive
x-request-id
00ire631po93glch1sk0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-8R6YNFMJ23&gtm=2oebu0&_p=527323994&cid=1040476447.1669997827&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669997826&sct=1&seg=0&dl=https%3A%2F%2Fgo.behindthemarkets.com%2Fbtm-drug-smuggler-vsl%2F%3F_ef_transaction_id%3Dda38546e55264bec8c1e5894a44cf23d%26utm_source%3D82%26utm_campaign%3D%26utm_medium%3D%26id%3Dcurtis.k.frazee%2540ampf.com%26iocid%3D%26aff%3D82%26creative_id%3D%26sub3%3DB%26sub2%3Dfutureslabresearch.com%26sub4%3DBTDS4%26oid%3D60&dt=Drug%20Smuggler&en=fetch_user_data&epn.variant_id=0&_et=15&up.custom_client_id=1040476447.1669997827.&upn.variant_id=0&upn.experiment_id=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8R6YNFMJ23&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:17:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.behindthemarkets.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s_6.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		944 KB
946 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_6.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
d2b8203503774a2a0d8ea42cf0ed01e53fe971afef725eb92081125406a8bdaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdv1R_6WAmaEjAh6MIQEXWjXbhiehILB8XRcGR5NX4CvbjvizMS_UUf4oKEmLPyu-jtL0O7eO_diNCWeaB_85LDmyMI4nd2S
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967073
last-modified
Thu, 22 Sep 2022 18:17:56 GMT
server
UploadServer
etag
"56949dc3eceb05129ee9125c41e1be0a"
x-goog-generation
1663870676702669
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=TYmSdQ==, md5=VpSdw+zrBRKe6RJcQeG+Cg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds136.fr8.c
x-goog-stored-content-length
967073
accept-ranges
bytes
s_7.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_7.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
2eb28e2681401515fa221d36e7ec637198e72dd4d94580daa79f2ff6253544e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdv8w15bHwMQXK7IREGccSeST89KA7BWvxBju4dpRErxrtoxDV2Ur4YhdS5wQqyKwN4YbA5nrb4mwrb4OH3MkOmZDw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47826
last-modified
Thu, 22 Sep 2022 18:17:40 GMT
server
UploadServer
etag
"df0ea3966fb91f54f509716aa97785b6"
x-goog-generation
1663870660616344
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=r05Mmw==, md5=3w6jlm+5H1T1CXFqqXeFtg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds228.fr8.c
x-goog-stored-content-length
47826
accept-ranges
bytes
s_7.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_7.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
03c3ff149a33c660b8c87344532b173af8c11fe12dd6cd27f70f7392c1592f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsUuVs285FNVI95WT5pJk05hckJfyCJeEg5sdiH09CdrdzbrMPDyBmvp8wpiAQHovf7WbJWdGxT_OpHp9ANHZPhVw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058045
last-modified
Thu, 22 Sep 2022 18:17:56 GMT
server
UploadServer
etag
"e9c0279ceba69c7112a5e257b20d7d4c"
x-goog-generation
1663870676094124
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=XomOpA==, md5=6cAnnOumnHESpeJXsg19TA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds217.fr8.c
x-goog-stored-content-length
1058045
accept-ranges
bytes
s_8.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_8.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
fbb1a14a48b7563f71fd8bc3f264abadcea5a6e617a17f9a3cc4810bc480eec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtbeSbnOsVIMrER2lcRPXJp-3VFGu8LFQ5dhZNe1j60ybEogXlhwDsKONFaSdnOhy4AcQ3vWqo_sMoLkFXB55ueyYPLw_BG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47293
last-modified
Thu, 22 Sep 2022 18:17:40 GMT
server
UploadServer
etag
"20fbcb7928805a921302c08551c68253"
x-goog-generation
1663870660759083
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=1O77og==, md5=IPvLeSiAWpITAsCFUcaCUw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds286.fr8.c
x-goog-stored-content-length
47293
accept-ranges
bytes
s_8.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		983 KB
984 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_8.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
0935050093e8ad586f03b1b9a07c53f426587a6b71d37929940f1351278dfc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdvh-NxoAr9fhB8WKGoQmlODrKmMQvYlC5yQuas0LazJutMwLNx2soSpmzSL9XyahgLnv3H1mvdZlqymj2S4KIM9iEXbqvmJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1006119
last-modified
Thu, 22 Sep 2022 18:18:01 GMT
server
UploadServer
etag
"50178c45328c5df973516cc2eac5593b"
x-goog-generation
1663870681159986
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=91G1xA==, md5=UBeMRTKMXflzUWzC6sVZOw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds006.fr8.c
x-goog-stored-content-length
1006119
accept-ranges
bytes
s_9.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_9.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
2bad5e1fc2b3aa63f1afb884b2a108981a4dd94f2245275c9fbac45c798e6bbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdspGBuCYgvm-QiV-OEzC7VBD4ZAVeQDMacKEBuLaeB3NkbT3LbjJta6Sgc-AMdm7GSe88cT1L8FAMqm7e1AzpQbrA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47864
last-modified
Thu, 22 Sep 2022 18:17:41 GMT
server
UploadServer
etag
"14f608b9dbcbef1d758ef611cf75a69d"
x-goog-generation
1663870660947781
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=SMUrbA==, md5=FPYIudvL7x11jvYRz3WmnQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds257.fr8.c
x-goog-stored-content-length
47864
accept-ranges
bytes
s_9.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		971 KB
973 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_9.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
7bc1a10ecafad22f0aafaddfd92acd2a8dc2ab39465d2c10981e4043ea835974

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdtXMSynCitMyK3QzsRhkctOEWvuZWONIwEqk1WYy_TjQpod4bfrg2cuNZt4HbQUb2ufap93jWmXQiA9ohvzozQObw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
994076
last-modified
Thu, 22 Sep 2022 18:18:03 GMT
server
UploadServer
etag
"2e03028fbca772000ec8644f7a109e5b"
x-goog-generation
1663870683532472
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=9XV9Rw==, md5=LgMCj7yncgAOyGRPehCeWw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds017.fr8.c
x-goog-stored-content-length
994076
accept-ranges
bytes
s_10.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_10.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
58772a111d8602e12d91befb5949d24f9accd4c07f73273c8ebdbec2aea0241d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycduFrM90eoNfOdKYxEPP6khmktEa9ZyFfxqdCQlg5lpynuwwi8JtIrfU2zv-1YPByMgaGcwTjth9KWpCjUzdzDPKvg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47342
last-modified
Thu, 22 Sep 2022 18:17:41 GMT
server
UploadServer
etag
"4ad2e3678fdac9a97fabfe45e37ef0b3"
x-goog-generation
1663870661097792
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=UxY8dg==, md5=StLjZ4/ayal/q/5F437wsw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds207.fr8.c
x-goog-stored-content-length
47342
accept-ranges
bytes
s_10.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		976 KB
977 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_10.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
cefe12e58741a5afdff97469bbba8d50410faa0762ad369a1ae586d528317b5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsG76vaanUAHZn_x0AG8PelytsF7sqdrGXszIzoMEHsODCDLqZ5r2L3DxlW32QLxsaAQlNk0hTLQbsYeJj8hhB0rg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
999247
last-modified
Thu, 22 Sep 2022 18:17:57 GMT
server
UploadServer
etag
"8a8fad8bdc71be7b7f428100c03fbf28"
x-goog-generation
1663870677660219
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=bMpAIw==, md5=io+ti9xxvnt/QoEAwD+/KA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997832.cds237.fr8.hn,1669997832.cds251.fr8.c
x-goog-stored-content-length
999247
accept-ranges
bytes
scribe
stats.vidalytics.com/ 		16 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.vidalytics.com/scribe
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
97.211.178.107.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 02 Dec 2022 16:17:12 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
content-length
16
access-control-allow-methods
POST,OPTIONS
content-type
application/json
s_11.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/audio/h264_96000/s_11.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
52c32b567fbe3fa8be0dfdd80bed8e0ddfcb795ddc4e9e8e2ac48490034a7a11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:13 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsSq06YJNx9hsUKdqCASbnox7VQ6IDUMWniL3hAtgqQhdizonsLgcFjrqydouWzjy7UfqKaqu4O9638znJIS27H6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47846
last-modified
Thu, 22 Sep 2022 18:17:41 GMT
server
UploadServer
etag
"c0de3432eb88a45a1f06a1c94a52b50a"
x-goog-generation
1663870661263105
content-type
audio/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=nmmoEQ==, md5=wN40MuuIpFofBqHJSlK1Cg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997833.cds237.fr8.hn,1669997833.cds265.fr8.c
x-goog-stored-content-length
47846
accept-ranges
bytes
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:12 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
analytics
analytics-ingress-global.bitmovin.com/ 		0
42 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
197.27.190.35.bc.googleusercontent.com
Software
v1.54.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://go.behindthemarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 02 Dec 2022 16:17:13 GMT
via
1.1 google
server
v1.54.0
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
s_11.m4s
fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/ 		944 KB
945 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.vidalytics.com/video/PzpZ_7KZ/FN0qZGV6uEyef1az/75618/65567/fmp4/video/1280x720_h264_2000000/s_11.m4s
Requested by
Host: go.behindthemarkets.com
URL: https://go.behindthemarkets.com/btm-drug-smuggler-vsl/?_ef_transaction_id=da38546e55264bec8c1e5894a44cf23d&utm_source=82&utm_campaign=&utm_medium=&id=curtis.k.frazee%40ampf.com&iocid=&aff=82&creative_id=&sub3=B&sub2=futureslabresearch.com&sub4=BTDS4&oid=60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
UploadServer /
Resource Hash
219c610471a7dea5136cdd6bc51664c23bd00eca2765fc2bda49ab89c092d105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.behindthemarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:17:13 GMT
x-cdn
4
x-guploader-uploadid
ADPycdsZH__A7SqqX1XysVZapqT9sp5_F9wSKGtcreLXOB-PY5V0VZr2otJ1839L2tiEW04PBrl5j2b4mdUOVTa2ZxFvCg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
966562
last-modified
Thu, 22 Sep 2022 18:18:00 GMT
server
UploadServer
etag
"4d323452d39966d71cae61f6e97355b4"
x-goog-generation
1663870680148747
content-type
video/mp4
access-control-allow-origin
*
x-goog-hash
crc32c=F+my4w==, md5=TTI0UtOZZtccrmH26XNVtA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=31104000
x-hw
1669997833.cds237.fr8.hn,1669997833.cds122.fr8.c
x-goog-stored-content-length
966562
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange string| LeadPagesCenterObject function| center object| dataLayer function| getUrlVars string| affiliate object| Vidalytics object| VidalyticsL object| _vidalytics object| sup boolean| LPLeadboxesDispatched object| LPLeadboxes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| myStorage object| variant_id function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| exp_id object| gaplugins object| sumome object| webpackJsonpsumome object| EF object| Criteo object| criteo_q object| google_optimize object| gaData object| sumo boolean| __smLoaded object| jQuery1102021792496607401524 object| webpackChunkbitmovin_player_name_ object| bitmovin

20 Cookies

Domain/Path Name / Value
.api.leadpages.io/analytics/v1/events/capture Name: view.bb4wMKcXKB896PwqF4vMVT-default-prop.5MWJ4aDmYxiYeFMVzRR5ja
Value: 1669997827000
go.behindthemarkets.com/btm-drug-smuggler-vsl Name: __smVID
Value: f854f32109823d8cba098c97c66318ebbec35d85fad311041d1dfeb2f1634e2d
.futureslabresearch.com/ Name: iterableEndUserId
Value: curtis.k.frazee%40ampf.com
.futureslabresearch.com/ Name: iterableEmailCampaignId
Value: 5666164
.futureslabresearch.com/ Name: iterableTemplateId
Value: 7648144
.futureslabresearch.com/ Name: iterableMessageId
Value: 472a473245e04373a1225f3c52a2ef31
links.daily.futureslabresearch.com/ Name: XSRF-TOKEN
Value: 0dd907099aaefed2195d7306492e81098acaadd3-1669997824245-41df03ec3df650c1435971a3
.clkmg.com/ Name: vid
Value: 795592907
js.center.io/ Name: centerVisitorId
Value: H2nwWqnwgdVRDY8NJCve33
.behindthemarkets.com/ Name: _gcl_au
Value: 1.1.1459735993.1669997826
.behindthemarkets.com/ Name: _ga_8R6YNFMJ23
Value: GS1.1.1669997826.1.0.1669997826.60.0.0
.behindthemarkets.com/ Name: _ga
Value: GA1.2.1040476447.1669997827
.behindthemarkets.com/ Name: _gid
Value: GA1.2.745246698.1669997827
.behindthemarkets.com/ Name: _gat_UA-102395123-1
Value: 1
.criteo.com/ Name: uid
Value: 9b1312fc-cb94-41c0-b890-c04edae78987
.behindthemarkets.com/ Name: cto_bundle
Value: xrZEcV9YQ3klMkJHZnM4enk0SVhjT1Y2eHBtc0RUS203WURpaVNZTTJxNkZaY1Q0UVkzbmhING1LMVRJalFtWXJQbm0lMkZYV24xRFlIMEl0TWlvMHlZUldkWTZzVWxCcm1qOVpRb2hCdmk5RlJ2ZHFlTkpORGVaNFg4JTJCaDdiVjZvdUZ5UWpiVFRQclBSU2JaV3pNOXU3cCUyRlk5cERhck1qVmpha3hYaU5ncnRVJTJGVG9sZFVJJTNE
go.behindthemarkets.com/ Name: ef_tid_c_o_60
Value: da38546e55264bec8c1e5894a44cf23d
go.behindthemarkets.com/ Name: ef_tid_c_a_2
Value: da38546e55264bec8c1e5894a44cf23d
go.behindthemarkets.com/ Name: bitmovin_analytics_uuid
Value: 21e89bd8-45fa-4058-b0ef-d1d76cc3e682
go.behindthemarkets.com/ Name: __smToken
Value: BQ3ajk7CWWl3m06RYuHWwj0v

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-ingress-global.bitmovin.com
api.leadpages.io
btm-btm-btm.lpages.co
dynamic.criteo.com
embed.lpcontent.net
fast.vidalytics.com
fonts.googleapis.com
fonts.gstatic.com
go.behindthemarkets.com
gum.criteo.com
js.center.io
lh3.googleusercontent.com
licensing.bitmovin.com
links.daily.futureslabresearch.com
load.sumo.com
mug.criteo.com
region1.analytics.google.com
static.leadpages.net
stats.g.doubleclick.net
stats.vidalytics.com
sumo.com
www.behindthemarkets-btm.com
www.clkmg.com
www.futureslabdata.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
107.178.211.97
151.139.128.10
178.250.0.157
2001:4860:4802:32::36
2001:4860:4802:34::15
2400:52e0:1e00::713:1
2600:1901:0:df23::
2600:9000:223c:a200:2:a6ed:6840:93a1
2606:4700:3035::6815:23f7
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a02:2638:1::13
2a02:2638:1::d
2a06:98c1:3120::3
34.107.203.240
35.190.27.197
35.192.151.63
35.202.21.90
50.97.212.250
52.38.14.212
03c3ff149a33c660b8c87344532b173af8c11fe12dd6cd27f70f7392c1592f76
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0935050093e8ad586f03b1b9a07c53f426587a6b71d37929940f1351278dfc01
0bfe32689838232a43a2c912b2ac2cfa295e33c707c558520b2ef93c4aa4b7a5
0e543412fc07aa1ac9dca917201907b94071010a566238f6f69ef6c47786352e
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
1309697ffb06b194460de7f74f0c25c73b7287c4c42a7c1e855194b04cf883d2
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1d4e5ac20858f9ef85f3f6ccfb5e876ca58302f3aaee2fbf6b8859a09c4e503b
1f319f8dca4e3ed898cfb54315e07176047333d507a5a099cedcba4880b648a0
219c610471a7dea5136cdd6bc51664c23bd00eca2765fc2bda49ab89c092d105
22ce43785a6bee4f0ed62f1e052174047c0515a160c8ba8f53731127e645d425
244852db265802489abbb0dc4f0f8f3e0c3604f9732893661b693dd2c9573d27
27736a2d115a9af0a0692cb562dccca0615258de0ca24102e8c90d24b1c9f276
2bad5e1fc2b3aa63f1afb884b2a108981a4dd94f2245275c9fbac45c798e6bbb
2eb28e2681401515fa221d36e7ec637198e72dd4d94580daa79f2ff6253544e7
2ee753eaec4c7bd8482cba59fed283c4ee6207547608f86295bf2d524932a58f
2ef2f40f07bcd6db756bdb96ec8353e16bac0a75ae50110df4921564434d8e26
347c95bc5119c775133a5b607f04e62ad7327f02bf797cad6602af7b949154f4
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
370d32c1921fa3682c5d9c4a863aec1678d689d19094d8f2a6d96b3fc2a66f2d
3a2a00bba000c2bf3aa074248c14fd0e3fbec95556e79d4779c1221935d0297c
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41d9103b84690ae5330f1de907c91f6964d58cbb449887cf1bb0e13475dc0638
41da0614685935d2b1b97c7751692666dd2cf6d54416ef1da52962a1844319ac
48dbf5bc5b97632d725bbd41625e82632923f8b206d7a03ce455d1d4849a8eb0
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4dc85afdb952179898377f74779280b8ebf9005f4ad62a9d271560739d740806
52c32b567fbe3fa8be0dfdd80bed8e0ddfcb795ddc4e9e8e2ac48490034a7a11
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
544600cdacca58de9cc76ec1c7705988686689cdbae7fca5eeaae3380efcc556
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
5671f1d8da27167dbd9c2c7d21592bd31aa05fdcea986ab1ca227ac180e90c20
58772a111d8602e12d91befb5949d24f9accd4c07f73273c8ebdbec2aea0241d
5c22e577292cc557786ad7c531cb0d73bfefd43e006865f2945bca9c04d2b700
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5f69d9589c3d274ef73342bdc5747c9c970cf5c8c9adb54402a69e7fb303691b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4320f64ed958970e7b5e545371627de694ec93a21c716ea27dce7c388339fa
707d4c7f44dd33e874b5a09b6dba4702b12bfd3e19e470d601fcfc1d7009286c
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
7bc1a10ecafad22f0aafaddfd92acd2a8dc2ab39465d2c10981e4043ea835974
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
844690c422ea9677642fa282da6370cf02a7dc53a258b42d09d8b2240ca3d161
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8812663510bb4f5a02bb0777dad19edc0d4bc309b4985dec544b448308c1177c
8e2c92494c6f74948686e96f4248a002e9cb212a59ecd15aed00550aeb784045
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
a4fde5b85645e90665c1613465872eaf0b36335167b116956f2344e0271e5694
a528c5c1b18ebdba2019c0f6917c73e6ab241bf6b5be95ae37c09ecebc8597d0
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
a8640021188a1142b3e71be2dfdc387ddd232413e81a5c7ad1aa0f3b353fba17
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae2435c9b4645d131bc3f7a202afcf10925584272bef82afc546a1788295d418
b3b5eac021aef84a946ed9036138a4ecf06adb314ca0b51d9fe2282e26152af7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
c28e76504427a8b24318de02997ef213e5b75e5bf84100f95a0e058475b9877e
c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c95fa9e088522e524ba0666c6e075ef84f551c7694f7031446fc7ecda5868c6a
ca056ebd8408bbfd314673eeba9e4409c7528ee2d0a3fcc67be2d520a12c87de
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
cefe12e58741a5afdff97469bbba8d50410faa0762ad369a1ae586d528317b5f
cf91d567e8a31ddf8843fc301b1c9ff92af420f116798f348c77718bce6a2193
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d2b8203503774a2a0d8ea42cf0ed01e53fe971afef725eb92081125406a8bdaa
d33b513a2d7bb0566ee81ac58237df61de08808efd8b5a19112f9db12890337e
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e536f7fb3d12b155c1286b6ea6aa10b3dd441faf72e773caa9af8aa9f188a354
e80f92b6df597ec4d39a784105e790c36cde4c2c7a9badc8b3859fe0c00c2333
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efba0f69437b2ca15b3b5a11ae18d9b7557469838c784ca60d76563df54066a7
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62057301cbebb6162864bdcbafc8c452cea3925b02b963acdf0324997c11625
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbb1a14a48b7563f71fd8bc3f264abadcea5a6e617a17f9a3cc4810bc480eec2
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2